The Fifth International Workshop on Trusted Collaboration

Research Article

A policy-based approach for assuring data integrity in DBMSs

Download356 downloads
  • @INPROCEEDINGS{10.4108/icst.trustcol.2010.4,
        author={Hyo-Sang Lim and Chenyun Dai and Elisa Bertino},
        title={A policy-based approach for assuring data integrity in DBMSs},
        proceedings={The Fifth International Workshop on Trusted Collaboration},
        publisher={IEEE},
        proceedings_a={TRUSTCOL},
        year={2011},
        month={5},
        keywords={Databases Logic gates Mission critical systems},
        doi={10.4108/icst.trustcol.2010.4}
    }
    
  • Hyo-Sang Lim
    Chenyun Dai
    Elisa Bertino
    Year: 2011
    A policy-based approach for assuring data integrity in DBMSs
    TRUSTCOL
    ICST
    DOI: 10.4108/icst.trustcol.2010.4
Hyo-Sang Lim1,*, Chenyun Dai1,*, Elisa Bertino1,*
  • 1: Department of Computer Science, Purdue University, West Lafayette, Indiana 47907
*Contact email: hslim@cs.purdue.edu, daic@cs.purdue.edu, bertino@cs.purdue.edu

Abstract

Data integrity is crucial for collaborative activities where information is shared among multiple organizations to effectively make cooperative and mission-critical decisions. Assuring data integrity is particularly challenging in the presence of frequent data modifications by collaborative parties, especially for large-scale collaborations. However, data integrity is difficult to grasp with a single concept or a single model since the definition can vary depending on the goals and requirements of the collaboration. To address this multi-faced feature of data integrity, we propose a policy-based approach by which one can specify data integrity policies according to the requirements of collaborations and enforce the policies on DBMSs, an essential software component for large-scale collaboration activities. We first introduce our integrity policy language, which provides comprehensive framework for specifying and enforcing integrity policies based on access control, data validation, and metadata management functions. Next, to make our policy language work with existing off-the-shelf DBMSs, we present an integration strategy which we call language level integration (LLI). The LLI strategy enforces integrity policies by automatically translating high-level integrity policies, expressed in our policy language, onto low-level database operations. Compared to alternative approaches, the LLI strategy can be easily implemented since it does not require modifications to the source code of the DBMS or to the code of the applications running on top of the DBMS. Also, with the LLI strategy, the policies cannot be bypassed regardless of which database interface is used by the applications since the policies are implemented by DBMS functions and objects, and then, automatically enforced by the DBMS itself. We then present a software architecture of implementing the integrity policy language with the LLI strategy for a real DBMS (Oracle) and show that our strategy can easily imple ment well-known data integrity models.