Homework 2

CSCE 824 – Spring 2019

Due: Febr. 19, 11:55 pm 2019 via Dropbox

Name:

 

15 points

 

You may use any materials to answer the questions but I am interested in YOUR answer. There is a 2 pages limit (single spaced, 11-12 point). 

 

Answer ONLY ONE of the questions below:

 

Question 1: access control

You have decided to implement Role-Based Access Control (RBAC) in your database using encryption.  You have decided to encode data items using symmetric key encryption and distribute the keys to the authorized users. 

  1. Show how to implement static separation of duties using cryptographic techniques.
  2. Assume, that currently the granularity of the access control is relation-level. That is, each privilege is associated with a relation.  Explain the difficulties of implementing a database access control model that supports least-privileges discipline.

 

Question 2: secure distributed processing

Assume that your database is fragmented according to the sensitivity of the data items.  Let each data item be classified as Top-Secret > Secret > Confidential.  Each fragment is stored at a different host that provides the support to the sensitivity level of the data item.  For example, data item with sensitivity level Top-Secret is stored at a Top-Secret host.   

  1. Explain how the correctness criteria of data fragmentation need to be modified to support both correctness of the fragmentation and the satisfaction of the security requirements.
  2. Assume that you need to perform vertical fragmentation of a relation, and the key attributes are classified TS. How can we support correct fragmentation without violating the security requirement?

 

Question 3: database transactions and intrusion detection

 

Question 4: application security