第 6 章数据库安全

(DBMS, database management system)

6.1 6.1.1 (database)(database administrator)(database manager)(DBMS)[(front end)]

6.1.2 (record)(field)(element) 6.1

6.1.2 () 6.1

6.1.2 () (schema)(subschema) 6.2 6.1

6.1.2 () (attribute)(relation)(cluster)234n(n)6.3

6.1.2 () DBMS(query)SQL

6.1.2 ()SELECT ZIP=43210 ()()(

6.1.2 () (project)()- SHOW NAME, FIRST WHERE ZIP=432106.5 -

6.1.2 () (join) SELECT NAME, AIRPORT FROM NAME-ZIP JOIN ZIP-AIPORT ON NAME-ZIP.ZIP=ZIP-AIPORT.ZIP 6.2 --

6.1.3 #

6.2 (1) (2) (3) (4) (5) (6) (7)

6.2.1 DBMS DBMS

6.2.2 DBMS (1) DBMS(field check)

6.2.2 () (2) (access control) (3) (change log)

6.2.3 ()

6.2.3 () [(pass-through problem)]

6.2.4 DBMS

6.2.4 () (inference)DBMS

6.2.5 DBMSDBMSDBMS

6.2.6 DBMS DBMSBDMSDBMS

6.2.7 // BDMS

6.3 (reliability)DBMS (1) (2) (3)

6.3.1 I/O

6.3.2 Lampson SturgisDBMS

6.3.2 () (intent)DBMS(committing)(commit flag)DBMS

6.3.2 ()

6.3.2 () 10710050 (1) 50 (2) 50 (3) 50 (4) 57(107-50=57) (5) 50

6.3.2 () (shadow value) (1) COMMIT-FLAG (2) (3) TCLIPS = ONHAND -REQUISITION (4) BUDGET TBUDGET = BUDGET - COST (5) TCLIPSTREORDER =TRUE TREORDER = FALSE

6.3.2 () (1) COMMIT-FLAG (2) TCLIPSCLIPS (3) TBUDGETBUDGET (4) TREORDERREORDER (5) (6) COMMIT-FLAG # T

6.3.3 / DBMS (Hamming)

6.3.4 DBMS

6.3.5 / DBMS

6.3.5 /() AMock5D11D14DB8A-B-C11D-E-FA11DB11D-E-F

6.3.5 /() DBMS//11D ABADBMS

6.3.6 (monitor)DBMS

6.3.6 () (state constraint) DBMS

6.3.6 () (transition constraint) #

6.4 (sensitive data)

6.6 6.4 ()#

6.4 () (1) (2) (3) (4) (5)

6.4.1 DBMSDBMS

6.4.1 ()

6.4.2 () How many people have 1600 Pennsylvania Avenue as their official residence? (Response: 4) How many people have 1600 Pennsylvania Avenue as their official residence and have YES as the value of TORY? (Response: 1) 25%

6.4.3 (precision)

6.4.3 ()6.3

6.5 (inference)6.6AIDFINESDRUGS

6.5.1 List NAME where SEX=MDRUGS=1 List NAME where (SEX=M DRUGS=1)(SEXMSEX F) (DORM=AYRES) # nk%nk%

6.5.2 6.7

6.5.2 ()

6.8

6.5.2 () 6.4

6.5.2 () 6.9 # Majorsdrug-use2Majorsq = median(AID where SEX = M)p = median(AID where DRUGS = 2)Majors$2000

6.5.2 () (tracker attack)

6.5.2 () count ((SEX=F)(RACE=C)(DORM=Holmes)) DBMS1q = count(abc)=count(a)-count(a (b c)) count (SEX=F) (6) count ((SEX=F)((RACEC)(DORMHolmes))) (5)

6.5.2 ()

()()

6.5.2 ()

6.5.2 () nk% 6.10 () #

6.5.2 () 6.12 6.11

6.5.2 () 0~19992000~39994000100~56~1516~25

6.5.2 ()

6.5.2 () xi iixi

6.5.2 () (1)

6.5.2 () (2) (3) #

6.5.3 (aggregation) (data mining)

6.6 6.13 ()

6.6.1 6.14 ()

6.6.1 () (1) (2) (3)

6.6.3 / *-DBMS

6.6.3 () (polyinstantiation)()

6.6.3 () 6.15 #

6.7 6.7.1

6.7.1 ()

6.7.1 () 6.5 6.6

6.7.1 () 10000

6.7.1 () (integrity lock) 6.7

6.7.1 () (1) (2) (3) (cryptographic checksum)

6.7.1 () ()() 6.8

6.7.1 () (sensitivity lock)() 6.9

6.7.2 ()

6.7.2 () 6.10

6.7.2 () (1) (2) (3)

6.7.2 () (guard)

6.7.2 () 6.11

6.7.2 () DBMS (1) (2) (3) (4) (5) I/O (6) (7) (8) (9)

6.7.2 () (commutative filter)DBMSDBMS (1) (2) DBMS (3)

6.7.2 () retrieve NAME where ((OCCUP=PHYSICIST) (CITY=WASHDC)) retrieve NAME where ((OCCUP=PHYSICIST) (CITY=WASHDC)) from all records R where (NAME-SECRECY-LEVEL (R)USER-SECRECY-LEVEL) (OCCUP-SECRECY-LEVEL (R)USER-SECRECY-LEVEL)(CITY-SECRECY-LEVEL (R)USER-SECRECY-LEVEL))

6.7.2 () 6.12 DBMSDBMS

6.7.2 () (distributed)(federated database)DBMS DBMS

6.7.2 () / (window)(view) view AGENT-INFO FLTNO:=MASTER.FLTNO ORIG:=MASTER.ORIG DEST:=MASTER.DEST DEP:=MASTER.DEP ARR:=MASTER.ARR CAP:=MASTER.CAP where MASTER.TYPE='PASS' class AGENT auth retrieve

6.7.2 () 6.16 (a) (b)

6.7.2 () (filtering)() ()UNDEFINED()()

6.7.2 () Sea(Trusted Computing Base, TCB)DBMS

6.7.2 () 6.13

6.8 (data mining)

6.8 () ()()()()()

6.8 ()

6.8.2 () //15

6.8.3 ()

6.9 DBMS

第 6 章 数据库安全

Documents

第 6 章数据库安全