ws2.nju.edu.cnws2.nju.edu.cn/kgwiki/lib/exe/fetch.php?media=courses:... · 2019-10-17 · 2007 -(9C-IBM7 ?5-

�4

��

2007��-$6<-IBM1�;/-��90).��(2 2

q��8"% �,��&�� 7�

Ø �+,�!'

§ 90)24�<,

v*�,�

v-�,�

v:�,�

§ 90)24�<,

v90)

v#�24

v% �

v53

v�+24

2007�!-*@L-IBM<�G7-� ��C926��%1= 3

Ø��KJ��&(-�+' =>4+'�&

.A�MB4��08$��BDE�+' :

3=>�LF?��"B4H��I�+'�&4

54�J�.+' 4�&

Ø+' :3=>)�4�&(-�B/;�

–+' 4��#�security��&

–+' 4�,#�integrity��&

2007��-�$'-IBM"�& -��%!��# 4

4.1 ��

4.1.1 ��

4.1.2 ��

4.1.3 ��

4.1.4 SQL ��

2007#'-0KZ-IBMF�SD-� � QE5B �+4G 5

4.1.1 1.%@!��!�1.%Ø 1.%@!��database security�

§ \:^<�?1.%��O;1.%@?*�

vXTP"@R[W(

v-=P"@R[P��PN�

6R[1.%@1.�$/�6MDBMS@�A97

§ R[1.%@PN3�A��2�

v��@PNU?��@&?

v��8.&?@��];6V,��@1.%R[PN��V,�3��!�H�@1.%

vY�LU&JI>��!�O;H�@1.%C!�1.%�secure database��)C��1.%�trusted database�

2007��-�$'-IBM"�& -��%!��# 6

4.1 ��

4.1.1 ��

4.1.2 ��

4.1.3 ��

4.1.4 SQL ��

2007��-(9C-IBM7�?5-��<6-4��%,8 7

4.1.2 )&��1�+/#��q)&��1�+/#��

�<6�TCB�trusted computing base��subject��object��3@�.>�D �identification & authentication�:�=E'��discretionary access control�!�=E'��mandatory access control�)&�*$�data integrity�F;AB�hiding cannel�)&��1" �0��formulization of

database security��<�audit�=E2'��access monitor�

2007 - -IBM -( 8

q) TCBØ

Ø

2007 - -IBM - 9

)

Ø§

v

v (

§

v

2007 - -IBM - ( 10

Ø )

§ / )

/

��

2007 - -IBM - ( 11

(

q (

Ø(

§ (

§

§

Ø (

Ø ) ))

TCB

2007 - -IBM - ( 12

Ø

–§ )

§

§

§

– )

§ )

»§ )

§ )

2007 - -IBM - 13

–§

§

§

§

§

» )

§

–§ (

§

§ (

2007 - -IBM - 14

( )

–

§

§ (

§

2007 - -IBM - 15

q DACØ )

Ø / (

1 2 …… i ……

1 …… …… …… / ……

2 …… …… …… / ……

…… …… …… …… …… ……

j / …… / / ……

…… …… …… …… …… ……

2007 - -IBM - 16

)

Ø

– )

§ (

–§

§

– DAC§

2007 - -IBM - ( 17

Ø DAC–

–––

ØDAC– )

– ) Grant / Revoke

–

2007 - -IBM - 18

q MACØ ) )

/

Ø)/ label– label of security level

§ )

– label of security category§ )

Ø ) )

(

2007 - -IBM - ) 19

)

Ø Bell-Lapadula–

(

§ (

§

Ø)

)

2007 - -IBM - 20

( )

Ø

– (

§

–– MAC

Ø MAC––

– (

2007 - -IBM - ( 21

q

Ø insert deleteupdate

Ø

––

Ø

– )

––

2007 - -IBM - 22

q

Ø ( (

Ø

– TCB (/

Ø

– TCB

Ø )

2007 - -IBM - ( 23

q

Ø

)

Ø

2007 - -IBM - 24

q

Ø

– / / / / /

–

Ø )

DBMS( )

2007 - -IBM - 25

Ø

–

§

§

§

–§

§ (

)

2007 - -IBM - 26

– (

§

»§ ) /

– / § /

2007 - -IBM - 27

q

Ø (

– )

) )

ØTCB /TCB (

2007��-�$'-IBM"�& -��%!��# 28

4.1 ��

4.1.1 ��

4.1.2 ��

4.1.3 ��

4.1.4 SQL ��

2007%'-,@F-IBM;�E8-��!B917!�)0< 29

4.1.3 -*&6"�2�q"�2�6�C��

§ ?�(./)�� B91<>D�2�TCSEC�Trusted Computer System Evaluation Criteria�v1970%5?��G7! �+��1985%�$��GF2��(#A34

• "�=��H��:�=�D, C1, C2, B1, B2, B3, A�

2007��-�04-IBM*�3'-��1)"&��!+ 30

4.1.3 ��%�#q�#%�2��.�

Ø��– 1999��1)"��+-��(,�� GB 17859-1999�§�$/�%TCSEC#

GB 17859-1999�� TCSEC�� - D

� 1�� C1 � 2�� C2 � 3�� B1 � 4�� B2 � 5�� B3

- A

2007��-�/6-IBM*�5&-��1) %��+ 31

4.1.3 ��$�"

q1) ��+.��(,�� GB 17859-1999�

'1,�#�0��,

'2,�+.�1��,

'3,��"2��,

'4,�-!��,

'5,�3784��,

2007��-�$'-IBM"�& -��%!��# 32

4.1 ��

4.1.1 ��

4.1.2 ��

4.1.3 ��

4.1.4 SQL ��

2007��-(8@-IBM5�>3-��;4-2��!,6 33

4.1.4 SQL�)#�� 0'"

q�SQL’92�&��C17)#�� 0'"��+�

Ø��/��1Ø?/=�A�

Ø)#�*

Ø:�<B%��$.�9

2007��-*:E-IBM7�@5-��=6.4��!-8 34

4.1.4 SQL�+#�� 3'"q<�>F%��$/�;

ØSQL�3<�>F%�,DB�2 �&��A�&�/G�C13��90��2 �+#3>

F/G3��DB$/�Grant��(�Revoke�?�0)�2 3>F/G

Ø&�/G

v SELECT/

v INSERT/

v DELETE/

v UPDATE/

v REFERENCE/

v EXECUTE/

v USAGE/

2007��-#/7-IBM- 4*-��3+&)��%. 35

4.1.4 SQL�$ ��("�

Ø!��5

– 0�1�– ��– ��type��UDT�'��$ ,��– ��6*/$�2��

Ø'�

–$ �'�

2007��-�'--IBM%�+#-� �)$�"��& 36

4.1.4 SQL��!��

Ø��*

GRANT <��.�(> ON <��,>TO < ��(> [WITH GRANT OPTION]

–��§ grant SELECT�UPDATE on S

to XULIN with grant option

§ grant UPDATE (G) on SC to XULIN

2007��-#19-IBM.�6,-��4-'+��&/ 37

4.1.4 SQL�$��*!�

Ø�"5�

REVOKE < �(<3> ON < ��7>FROM <)� 3> [RESTRICT | CASCADE]

–CASCADE�8:�"–RESTRICT��8:�";=%�2�"(<��0�"

–��§ revoke UPDATE on S from XULIN cascade

2007�-��-IBM��-�� 38

4.2 � ��

200748-Hcn-IBM`$l^-��+-h_R]-@Qa 39

4.2 IE7Z.J:

qIE7Z.J:

ØDIE7�IEZV\:#�e:��C�

–V\:�IEZPG:�P= –�e:�&)Y?�)^6�5�iqIE7Z<��j1IEZOK��X0s�eZ<�

Ø>��Ltgm�&IE7��XpkZIE��rU

IEZ.J: �['�"N�,S%�T�!AB

Z�%b2eIE7�ZIEf['��gd*�N�

X5o��/ZFM3IE7�ZIE;(�V\ZW

9��

2007'+-;`m-IBM[�iY-��!fZHX!�3G\ 40

4.2 <6)U"=/q"=/�4

Ø%<6)�<6UOW/��b/U_4��5�–�2dD>9A�MLC�k�"=/]JK�(��gB�@:� l-U�*

–pNF �IU�QT1Uh9

q"=/�4UVUØ�A�SohØa�n�8?pNohUj�Pc,ØE^&<6)0��OWR.

q"=/�4U$S8?Ø"=/]JKU#��MLØe��Ø(�7�3G

2007��-�+2-IBM'�1%-��/&�$��( 41

4.2 ��#��

4.2.1 ��#,

4.2.2 ��-�#��

4.2.3 ��)�#0*�! ��"

4.2.4 .�

2007��-�9A-IBM4�>2-��<3'1��&5 42

4.2.1 ��!��0�:

q��%�:

Ø=8�:

–57 /�� !�0�%;,

Ø+*�:

–$:+* ��0 �#�$@�6()�0-?-

Ø�.�:

–-@�6()�"�$ "�.0:

2007��-�+2-IBM'�1%-��/&�$��( 43

4.2 ��#��

4.2.1 ��#,

4.2.2 ��-�#��

4.2.3 ��)�#0*�! ��"

4.2.4 .�

2007*,-2NV-IBMJ�TE-��"$SG6D$/5K 44

4.2.2 %4-R�B��(

q �K30+KM�1��U�I30%4-L7�

Ø'�%4-R�– ��!PB��W#��C��)-B��O F�

Ø�>%4-R�

Ø@.&�B%4-R�–[email protected]&�B30%4-Q<

ØA30+H?KM91�30%4-L78�B&��;:B�=�

2007,.-4JU-IBMF�SC-��#&QE9A&�38G 45

4.2.2 '51P�?��)

Ø�='51P�

–L�GR7+1WF��GS?��V$Ks@*-��7@�?R ��M ��B�GR/>�GS?�H§T:?+1WFNB��GR?"�V$��GR��GS��6��G�

–�='51P�O<§�GR?;�H!"�V$F�?�2I6D��NULL��20X/>!�GS%!?�H��K/>�%!?(�

2007 �-��-IBM��-�� 46

4.2.2 ��

� � � � � � �� … … … …

993501 � �� 18

… … … … ��

� � �� … … …

993501 CS101 85

993501 EN103 90

… … …

2007��-�+0-IBM(�/&-��-'"%��!) 47

4.2.2 ��,�#��

��

��

��

��

E012 � � �� 53 1200 E001

E025 � � � � 27 800 E012

E001 �� 49 3000 NULL

��.�� $��*1�#��.�� $

2007��-�'+-IBM$�)"-��(#�!��% 48

,��&� ��

� � � � � � �� … … … …

993501 � �� 18

… … … …

��

… … …

993501 CS101 85

993501 EN103 90

… … …

��*)�%�� ,��&��

Foreign key(��) References �� On Delete Cascade;Foreign key(��) References �� On Delete Restrict;Foreign key(��) References �� On Delete Set Null;

Foreign key(��) References �� On Delete No Action;

��

q“restrict”��no action��

UPDATE PAR SET PID=PID-1

Ø“restrict”��Ø�no action”��

10/17/19 10:51 PM Websoft, Nanjing Univ. [http://ws.nju.edu.cn]

49

PID NAME1 PAR12 PAR23 PAR3

CID CDESC PID51 51DESC 152 52DESC 2

PAR

2007��-�+2-IBM'�1%-��/&�$��( 50

4.2 ��#��

4.2.1 ��#,

4.2.2 ��-�#��

4.2.3 ��)�#0*�! ��"

4.2.4 .�

2007+.-9Xg-IBMP�aN-��$'_O@M'4?Q 51

4.2.3 (;/RAJ`W�DC"Hq�B(;/RA\��Y>��S0g�

Ø(;/RAB�J`W

Ø(;/RAB�JDC

–�DBMS�g`WjJc�DCE!

Ø(;/RAB�J"H

–�I2J8��L :7J(;/��f�(;/RAB�J[F�=�QV*�

§ 6U3Z�,5^15h�

§ bIK-J�:��N�eZ"H�%�

»�#i) &��T�J"H<G»�]��T�J"HdN

200701-6QY-IBMJ�WF-��(*UH;E*�3:K 52

4.2.3 +82L=CVP�@?�$Bq+82L=>�VP

Ø/2MCL=�"L=�–74I!CL=�\G�L=��R CL=

Ø�NMCL=�SL=�–D,��XD��Z�,�–&D,�–# �NC@?)��/2[�KC,�

Ø�.L=�9Tassertion�–��KA��OU5�CL=>�–'��K�[%<CL=>�

q-L=��ØCONSTRAINT <L=�> <+82L=,�)�>

2007��-!3;-IBM.�:+-��8,%*��$/ 53

SQL97��#�0&6( �

q��4 ��CREATE TABLE�Ø<5��(��

–'�� & 4�

–��(��§�� & "�-�§��(2)��

DEFAULT { default_constant | NULL }§��1("�0&��

–41("�0&��

2007��-�+2-IBM'�1#-��/%�"��( 54

SQL0.��) -�!��q��*!)

Ø��& !) ��,�!) �3$�)

{ NOT NULL |[ CONSTRAINT constraint_name ]

UNIQUE| PRIMARY KEY| CHECK ( search_condition )

| REFERENCES table_name [ ( column_name ) ][ ON DELETE CASCADE | RESTRICT | SET NULL ][ ON UPDATE CASCADE | RESTRICT | SET NULL ] }

��!�)

2007��-�#)-IBM (�-�� &�� ! 55

SQL'%��"�$��

[ CONSTRAINT constraint_name ]{ UNIQUE ( colname { , colname ... } )

| PRIMARY KEY ( colname { , colname ... } )| CHECK ( search_condition )| FOREIGN KEY ( colname { , colname ... } )

REFERENCES table_name [ ( colname { , colname ... } ) ][ ON DELETE CASCADE | RESTRICT | SET NULL ][ ON UPDATE CASCADE | RESTRICT | SET NULL ] }

��"�

2007#$-+@L-IBM;�I8-��G:07��&/< 56

SQLHF!�-%=1E�6)'

q��"%>6,(=1.ND?A6�

ØNOT NULL vs. DEFAULT NULL

ØConstraint name–!4�,(=12�JB��KO�–�� 5ALTER TABLE�3�*C�6,(=1��

ØUNIQUE vs. NOT NULL–UNIQUE"%��9�–�KM�candidate key��

UNIQUE + NOT NULL

2007��-#4>-IBM/�=--��:.),��(0 57

SQL<9��%�1*8 +"�

q��2+$ 1*'@736+��cont.�

ØPRIMARY KEY vs. NOT NULL

ØREFERENCES– FOREIGN KEY��?� vs. PRIMARY KEY��?�–�?�+�1*��5�+;!&

§ CASCADE | RESTRICT | SET NULL

ØCHECK

2007��-�)/-IBM$�."-��,#�!��% 58

SQL-+��&�*��q�('�&�

Ø� ��PRIMARY KEY( <column-list> )

Ø��0��UNIQUE( <column-list> )

Ø ��

FOREIGN KEY ( <fk-column-list> )

REFERENCES <table-name> ( <pk-column-list> )[ ON UPDATE [ RESTRICT | CASCADE | SET NULL ] ][ ON DELETE [ RESTRICT | CASCADE | SET NULL ] ]

Ø��1�%��CHECK( <condition> )

2007��-�$*-IBM �)�-��'��! 59

SQL(& ��"�%��

q��#��"��

Ø�1

CREATE TABLE Student (

sno NUMBER(5)

CONSTRAINT C1 CHECK (sno BETWEEN 90000 AND 99999),

sname VARCHAR (20)

CONSTRAINT C2 NOT NULL,

sage NUMBER(3)

CONSTRAINT C3 CHECK (sage<29) );

2007� -��$-IBM��#�-��!�� 60

SQL" ��Ø�2

CREATE TABLE EMP�Empno NUMBER (4),Ename VARCHAR (10),PersonId VARCHAR(15),Job VARCHAR (9),Mgr NUMBER (4),Sal NUMBER (7, 2),Deptno NUMBER (2),

CONSTRAINT pk PRIMARY KEY( Empno ),

CONSTRAINT uni_name UNIQUE ( PersonId ),

2007�-��"-IBM��!�-�� 61

SQL ��

CONSTRAINT fk_deptFOREIGN KEY( Deptno )

REFERENCES DEPT( Deptno )ON UPDATE CASCADEON DELETE RESTRICT,

2007�-��"-IBM��!�-�� 62

SQL ��

CONSTRAINT fk_mgrFOREIGN KEY( Mgr )

REFERENCES EMP( Empno )ON UPDATE CASCADEON DELETE SET NULL,

2007��-� &-IBM��%�-��#�� 63

SQL$"� ��!��

CONSTRAINT chk_1 CHECK ((Job=‘�� AND Sal>15000) OR(Job=‘&'�� AND Sal between 5000

and 10000) OR(Job<>‘�� AND Job<>‘&'��

ANDSal between 1000 and 5000)

));

2007 "-)9@-IBM5�?3-��=4,2��&+6 64

SQL><��*$7.;�1('

§ ��:1��#�-1�

��$% 81�*$7./��!��

�7./��0��1�6

2007�!-'5>-IBM2�<0-� ��81+/�$*3 65

SQL;7��(#4,6�.&%

§ ��9�81+3��CS�.�-=��PASCAL0 :8��PAS�<0��"��3)��(#4,�

CHECK ( NOT ( (S# IN (SELECT S#

FROM SWHERE sd=‘CS’) )

AND(C# IN (SELECT C#

FROM CWHERE cn=‘PAS’) )

) );

2007'(-/DO-IBM@�I>-�� G?4= �*3A 66

SQLHF$"1)B5E�;-+

? PQ�M"1)B5�$#�!;� ��AJ�9�C$� 8��A�J�9��6

��7�N�PASCALI>; 8K�G?4A�%�A��&);��. �G?4��L

2:�<�� A;0,"1)

2007��-�$*-IBM!�)�-��' ��" 67

SQL(& ��#�%��

q��#��&

Ø��&

CREATE ASSERTION <name> CHECK( <condition> )

Ø��&

DROP ASSERTION <assertion-name-list>

2007��-�%,-IBM"�* -�� (!�� # 68

§ ��-* �+��20�

CREATE ASSERTION ass_1 CHECK (20 <= ALL ( SELECT COUNT(*)

FROM SCGROUP BY C# )

);

SQL)'��$�&��

2007��-�.7-IBM*�4(-��1)"'��!+ 69

SQL30�� ,#/�&��q��%�6��-$��DS�4(� �8�65�PASCAL(�21��PAS�4

CREATE ASSERTION ass_2 CHECK (NOT EXISTS (

SELECT * FROM SC WHEREC# IN ( SELECT C#

FROM CWHERE cn = ‘DS’ )

ANDS# NOT IN ( SELECT SCX.S#

FROM SC SCX, CWHERE SCX.C# = C.C#

AND C.cn=‘PAS’ )) );

2007��-�+2-IBM'�1%-��/&�$��( 70

4.2 ��#��

4.2.1 ��#,

4.2.2 ��-�#��

4.2.3 ��)�#0*�! ��"

4.2.4 .�

2007.1-:Sb-IBMO�[M-��%'ZN@K'�7?P 71

4.2.4 Y�

qY�

Ø";9/PR��I�G�,U�$� ��

I�G�_BI�TXL�Y�

ØY� I�T�A��I�G�,U�$� ��I

6W��Dc��+;9*<35\I2�

ØY� >�=H�;9I*<3�8��E"-Q``

]�CV!�X0H��(IJI�&�

– ;9I)�3�8

– H4I0Ha^#F– ;9/PRI��T

2007#&-5S^-IBMM�XJ-� ��WL;I��1:N 72

4.2.4 V��qV��GQ,

ØV��ED.!�

–]"?� 7+O<=�G�!-?H623P��

–��D.F)�62G��4K

ØR>��ED.!�

–(V��C8�D�B_V��/'[GZ`*�GJ%

–]"9�QED.��GSQL��

ØV�\J

–(DBMS@A�V��G�C8�T�YD$0UR>��G\J

2007 �-��-IBM��-�� 73

4.2.4 ��q��

CREATE TRIGGER trigger_name { BEFORE | AFTER }

{ INSERT | DELETE

| UPDATE [ OF colname { , colname ... } ] }

ON table_name

[ REFERENCING corr_name_def { , ...... } ]

[ FOR EACH ROW | FOR EACH STATEMENT ]

[ WHEN ( search_condition ) ]

{ statement

| BEGIN ATOMIC statement; { statement; ... } END

2007��-�� -IBM��-�� 74

4.2.4 ��q��

The corr_name_def that defines a correlation name follows:

{ OLD [ ROW ] [ AS ] old_row_corr_name| NEW [ ROW ] [ AS ] new_row_corr_name

| OLD TABLE [ AS ] old_table_corr_name| NEW TABLE [ AS ] new_table_corr_name }

2007� -��-IBM��-�� 75

4.2.4 ��q��

DROP TRIGGER trigger_name ;

2007!"-(;C-IBM6�@4-��?5-2��$,7 76

4.2.4 >��q 4.12

Ø>��'#�0( 1�A�:3

Ø9.��&�)1( �8#( 1:3+��(%*�=(%�A�1000��<�B�1000��

CREATE TRIGGER update_sal

BEFORE INSERT or UPDATE(Sal, Pos) ON Teach

FOR EACH ROW

WHEN (:new.Pos =‘(%�) /*/( 1:3�(%*/

BEGIN IF :new.sal < 1000

THEN :new.sal := 1000;

END IF;

END�

Documents

ws2.nju.edu.cnws2.nju.edu.cn/kgwiki/lib/exe/fetch.php?media=courses:... · 2019-10-17 · 2007 -(9C-IBM7 ?5-