Multilevel Policy Based Security in Distributed Database

Addressing security demands under fixed budgets and deadline constraints are becoming extremely challenging, time consuming and resource intensive. Moreover, securing the distributed database in compliance with several security guidelines makes the system more complex. Mission critical systems, military, government and financial institutions have been under tremendous pressure to secure their databases. Such requirements mandate that each system passes a strict security scan before it is deemed suitable to go into operational mode .This chapter presents a framework that embeds security capabilities into distributed database by replicating different predefined security policies at different sites using multilevel secure database management system. 8.1 INTRODUCTION Distributed database system functions include distributed query management, distributed transaction processing, distributed metadata management , enforcing security and integrity across multiple nodes. Database security is the system, processes and procedures that protect a database from unintended activity. Unintended activity can be categorized as authenticated misuse, malicious attacks or inadvertent mistakes made by authorized individuals or processes. But the most important issues in security are authentication, identification [BTH1995] and enforcing appropriate access controls [SHS1998]. Databases provide many layers and types of information security, typically specified in the data dictionary including access control, auditing, authentication and encryption. Access control is a system which enables an authority to control access to areas and resources in a given physical facility or computer-based information system [KTA2010]. An access control system, within the field of physical security, is generally seen as the second layer in the security. Authentication is the act of establishing or confirming something (or someone) as authentic, that is, the claims made by or about the subject are true [HWD2010]. All organizations, ranging from commercial organizations to social organizations, in a variety of domains such as healthcare and homeland