Designing secure databases

Information and Software Technology

Volumn 47, Issue 7, 2005, Pages 463-477

  Fernández Medina, Eduardo ^a   Piattini, Mario ^a  

^a UNIVERSITY OF CASTILLA LA MANCHA   (Spain)

Author keywords

Database design; Object Constraint Language; Secure databases; Unified Modeling Language

Indexed keywords

DATA PROCESSING; HIERARCHICAL SYSTEMS; MATHEMATICAL MODELS; SECURITY OF DATA; SEMANTICS; XML;

DATABASE DESIGN; OBJECT CONSTRAINT LANGUAGE (OCL); SECURE DATABASES; UNIFIED MODELING LANGUAGE (UML);

DATABASE SYSTEMS;

EID: 16344386616     PISSN: 09505849     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.infsof.2004.09.013     Document Type: Article

References (38)

1. P. Atzeni, S. Ceri, S. Paraboschi, and R. Torlone Database Systems. Concepts, Languages and Architectures 1999 McGraw-Hill New York
2. D. Avison, F. Lau, M. Myers, and A. Nielsen Action research Communications of the ACM 42 1 1999 94 97
3. R. Baskerville Information systems security design methods: implications for information systems development ACM Computing Surveys 25 4 1993 375 415
4. C. Batini, S. Ceri, and S. Navathe Conceptual database design. An entity-relationship approach 1991 Addison-Wesley New York
5. R.V. Binder Testing Object-Oriented Systems - Models, Patterns, and Tools 2000 Addison-Wesley Reading, MA
6. M. Blaha, and W. Premerlani Object-Oriented Modeling and Design for Database Applications 1998 Prentice-Hall Englewood Cliffs, NJ
7. G. Booch, J. Rumbaugh, and I. Jacobson The Unified Modeling Language, User Guide 1999 Addison-Wesley Redwood city, CA
8. D. Brinkley, and R. Schell What Is There to Worry About? An Introduction to the Computer Security Problem M. Abrams S. Jajodia H. Podell Information Security, An Integrated Collection of Essays 1995 IEEE Computer Society Silver Spring, MD
9. S. Castano, M. Fugini, G. Martella, and P. Samarati Database Security 1994 Addison-Wesley Reading, MA
10. L. Chung, B. Nixon, E. Yu, and J. Mylopoulos Non-functional requirements in software engineering 2000 Kluwer Academic Publishers Dordrecht
11. T. Connolly, and C. Begg Database systems. A practical approach to design, implementation, and management 2002 Addison Wesley Reading, MA
12. C. Conrad, and K. Turowski Temporal OCL: Meeting Specification Demands for Business Components K. Siau T. Halpin Unified modeling language: Systems analysis, design and development issues 2001 IDEA Group Publishing 151 165
13. P. Devanbu, and S. Stubblebine Software engineering for security: a roadmap A. Finkelstein The Future of Software Engineering 2000 ACM Press New York 227 239
14. G. Dhillon Information Security Management: Global challenges in the New Millennium 2001 Idea Group Publishing
15. G. Dhillon, and J. Backhouse Information system security management in the new millennium Communications of the ACM 43 7 2000 125 128
16. Directive, Directive 95/46/CE of the European Parliament and Council, dated October 24th, about People protection regarding the personal data management and the free circulation of these data, DOCE L281, 23/11/1995 (95/46/CE) 0031-0050.
17. R. Elmasri, and S. Navathe Fundamentals of Database Systems 2002 Addison-Wesley Reading, MA
18. E. Fernández-Medina, M. Piattini, Extending OCL for Secure Database Development (accepted), Proceedings of The Unified Modeling Language Conference, Lisbon (Portugal), 2004.
19. E. Ferrari, and B. Thuraisingham Secure Database Systems M. Piattini O. Díaz Advanced Databases: Technology Design 2000 Artech House
20. C. Fuhrman, F. Djlive, E. Palza, Software Verification and Validation within (Rational) Unified Process, Proceedings of 28th Annual NASA Goddard Software Engineering Workshop (SEW'03). IEEE, Greenbelt, Maryland, 2003, pp. 216-221.
21. A. Ghosh, C. Howell, and J. Whittaker Building software securely from the ground up IEEE Software 19 1 2002 14 17
22. A. Hall, and R. Chapman Correctness by construction developing a commercial secure system IEEE Software 19 1 2002 18 25
23. IEEE, IEEE Standard for software verification and validation, (Ed.), IEEE Std 1012-19981998.
24. ISACF, Information Security Governance. Guidance for Boards of Directors and Executive Management, Information Systems Audit and Control Foundation, USA, 2001.
25. I. Jacobson, G. Booch, and J. Rumbaugh The unified software development process 1999 Addison-Wesley Reading, MA
26. J. Jürjens UMLsec: Extending UML for secure systems development J. Jézéquel H. Hussmann S. Cook UML 2002 - The Unified Modeling Language, Model engineering, Concepts and Tools 2002 Springer Berlin 412 425
27. A. Kleppe, J. Warmer, and W. Bast MDA Explained The Model Driven Architecture: Practice and Promise 2003 Addison-Wesley Reading, MA
28. N. Leavitt Whatever happened to Object-Oriented Databases? Industry Trends. IEEE Computer Society 33 8 2000 16 19
29. J. Levinger, Oracle label security, Administrator's guide, Release 2 (9.2), http://www.csis.gvsu.edu/GeneralInfo/Oracle/network.920/a96578.pdf., 2002.
30. D. Marks, P. Sell, and B. Thuraisingham MOMT: a multi-level object modeling technique for designing secure database applications Journal of Object-Oriented Programming 9 4 1996 22 29
31. R. Muller Database Design for Smarties Using UML for Data Modeling 1999 Morgan Kaufmann Publisher San Francisco, CA
32. M. Piattini, and Fernández-Medina Specification of security constraints in UML Proceedings of 35th Annual 2001 IEEE International Carnahan Conference on Security Technology, London (UK) 2001 pp. 163-171
33. J. Rumbaugh, M. Blaha, W. Premerlani, F. Eddy, and W. Lorensen Object-Oriented Modeling and Design 1991 Prentice-Hall Englewood Cliffs, NJ
34. P. Samarati, and S. De Capitani di Vimercati Access control: Policies, models, and mechanisms R. Focardi R. Gorrieri Foundations of Security Analysis and Design 2000 Springer Berlin
35. R. Sandhu, and F. Chen The Multilevel Relational Data Model ACM Transactions on Information and Systems Security 1 1 1998
36. G.W. Smith Modeling security-relevant data semantics IEEE Transactions on Software Engineering 17 11 1991 1195 1203
37. A. Toval, A. Olmos, and M. Piattini Legal Requirements Reuse: A Critical Success Factor for Requirements Quality and Personal Data Protection Proceedings of IEEE Joint International Requirements Engineering Conference (RE'02) 2002 IEEE Computer Society Silver Spring, MD pp. 95-103
38. J. Warmer, and A. Kleppe The object constraint language 1998 Addison-Wesley Reading, MA