Data Security

This paper is a general introduction to data security and the four types of internal security controls: access, flow, inference, and cryptographic. External security controls, which affect operations outside the main computing system, are not discussed.

Access controls
- Regulate the reading, changing, and deletion of data and programs. Three assumptions:
  1. Proper user identification
  2. Unanticipated observers do not gain access
  3. Privilege-information is heavily protected
- Controls for transaction-processing systems: data-dependent restrictions, history-dependent restrictions.
- Controls for general purpose systems: object-dependent controls regulate access to an object irrespective of the values stored in that object. Capability addressing: capability, capability list. Revocation of privileges is hard if capabilities are scattered throughout lists.
- Some limitations:
  - High overhead in managing small memory segments.
  - Excessive privilege vested in the operating system.
Flow controls
- Flow policy specifies the channels along which information is allowed to move.
- Some limitations:
  - Flow controls based on security classes tend to overclassify information.
  - Covert channels.
Inference controls
- Deduction of confidential information by inference.
- Defenses include
  - Controls that withhold response for improper query set sizes and overlaps.
  - Controls that distort the responses by rounding or falsifying data.
  - Controls that apply queries to random samples of the database.
Cryptographic controls
- Symmetric encryption
  - One-time pad, DES (Data Encryption Standard).
  - Key management is important.
- Asymmetric encryption
  - Public-key encryption.

Elaine Cheong

Last modified: Wed Aug 8 15:40:39 PDT 2001