空间数据访问控制关键技术研究
|
摘要
随着测绘地理信息技术的不断发展以及测绘地理信息应用领域的不断扩大,地理空间数据已经在人们的日常生产生活中占据越来越重要的位置。为了满足人们的要求,海量的地理空间数据被生产出来,并通过网络进行分享应用。然而,随着空间数据网络共享的深化以及受众的不断增加,地理信息安全问题也逐渐浮出水面,成为各个地理空间数据共享与服务系统亟需解决的重要问题之一。对于空间数据供应商来说,他们要求所生产的数据只提供给授权用户,不希望数据在网络上被随意访问,也不希望所提供的空间数据被恶意篡改;对于空间数据使用者,他们需要保证从网络上所得到的数据是完整、正确的,没有被恶意的修改过,这一系列的要求都可以通过实施空间数据访问控制来实现。但目前安全领域的研究大多关注的是传统的关系型数据,对于空间数据访问控制技术的关注还相对较少,空间数据访问控制的理论与技术还没有得到充分的研究,欧美发达国家也是刚开始重视不久。本文适时、全面、深入地研究了空间数据访问控制的理论与关键技术,提出了自主、强制以及基于角色的空间数据访问控制模型并给出了形式化描述,提出了空间数据访问控制实施框架以实现对空间数据的访问控制。论文的主要内容包括:
(1)全面总结了数据库安全保护的关键技术,对数据库访问控制技术进行了详细的阐述。在此基础上,提出了空间数据访问控制的实施框架,通过对自主访问控制、强制访问控制以及基于角色的访问控制技术的组合,实现了一种涵盖多种粒度、灵活多样的空间数据访问控制解决方案。
(2)在分析了空间数据授权管理方法与授权策略的基础上,利用空间整体授权表取代了常用的访问控制矩阵,提出了基于空间特性的自主访问控制模型,并给出了该模型的应用实例。
(3)分析了空间数据安全策略特性,讨论了如何利用安全标记对主体与客体的安全等级进行标定与安全级判定。在此基础上,提出了基于空间特性的强制访问控制模型,并给出了该模型的应用实例。
(4)基于R树索引,在索引结构中融入授权信息,避免了在空间对象的获取与访问控制策略的检索过程中所引起的二次空间关系判定,提高了策略判定的效率与空间对象获取的效率。
(5)详细分析了基于空间角色的访问控制模型中各个基本元素的特点,提出了基于空间角色的核心模型SRBAC、层次空间角色模型SHRBAC以及引入职责分离约束模型SCRBAC,并讨论了将SHRBAC和SCRBAC两个模型进行组合时需要遵循的原则,从而得到基于空间角色的SHCRBAC模型。
(6)利用本文所提出的空间数据访问控制实施框架以及三种类型的空间数据访问控制模型,以BeyonDB数据库系统作为典型应用详细设计了BeyonDB数据库的访问控制功能,并通过对实施空间数据强制访问控制机制前后以及利用基于安全标记的SLR树优化前后空间数据检索效率的对比,分析了实施访问控制对空间数据库系统访问效率的影响。在此基础上,介绍了基于BeyonDB数据库系统所开发的Milimap行业应用系统,通过组合运用三种空间数据访问控制技术,实现了对空间数据的从数据库级粒度(粗粒度)到空间区域级(地理对象集级)粒度(细粒度)的空间数据保护,从而证明了本文所论述内容的正确性与可行性。
With the development of geo-information technology and expanding of its domains,geo-spatial data became more and more important in people’s ordinary lives and productions.To meet the demand of people, magnanimous data is produced and shared by web. And at thesame time, the security of spatial data also become more and more important and become themost imoportant problem of the application systems.To data provider, they need their data onlyused by the users have privileges and not shared by web or changed without their permission.Todata users, they need to have correct data and not be balefully changed by others. All of theabove needs can be realized through spatial data access control.Now most researches aboutaccess control is about relation data, and few researchers is carrying out their researches onspatial data. The article discuss about spatial database accessing control technology and datasecurity strategy and access model, and point the latter direction on spatial data accesscontrol.The article contains following contents:
(1) Basing on the summing-up of the database secutrity protect technology, we discuss thedatabase access control technology. And as a result, through the combination of thediscretionary access control, mandatory access control and role-based access control, we givean access control frame to contain a multi-granularities, mulriple spatial data access controlsolution.
(2) Basing on the analysis of the spatial data authorization and security strategy, we usespatial authorization table to replace the common access control matrix. And we give adiscretionary access control basing on spatial character and its samples.
(3) Basing on the analysis of the spatial data security strategy, we discuss the security leveland how to compare between them. Then we give a mandatory access contrl model and itssamples.
(4) Basing on R tree index, we fuse the authorization into the tree to avoid the secondspatial check in the access of the spatial object, and by this way we improve the efficiency ofthe strategy check and the query of spatial data.
(5) Basing on the analysis of the character of the role-based access contrl model, we give aspatial role-based access contrl model (SRBAC) and spatial hierarchy role-based access controlmodel(SHRBAC) and spatial constraint role-based access control model(SCRBAC), anddiscuss the principle should be obeyed when combain the SHRABC model and SCRBACmodel to SHCRBAC model.
(6) Basing on the three types of access control model, we design the access control systemin Beyond dabase system. And basing on the BeyonDB database system, we introduce therealization of the protect of spatial data from database level(thick granularity) to spatial area(dataset level, thin granularity) in Milimap and as a result, proving the correct andfeasibility of the spatial access contrl frame.
(1)全面总结了数据库安全保护的关键技术,对数据库访问控制技术进行了详细的阐述。在此基础上,提出了空间数据访问控制的实施框架,通过对自主访问控制、强制访问控制以及基于角色的访问控制技术的组合,实现了一种涵盖多种粒度、灵活多样的空间数据访问控制解决方案。
(2)在分析了空间数据授权管理方法与授权策略的基础上,利用空间整体授权表取代了常用的访问控制矩阵,提出了基于空间特性的自主访问控制模型,并给出了该模型的应用实例。
(3)分析了空间数据安全策略特性,讨论了如何利用安全标记对主体与客体的安全等级进行标定与安全级判定。在此基础上,提出了基于空间特性的强制访问控制模型,并给出了该模型的应用实例。
(4)基于R树索引,在索引结构中融入授权信息,避免了在空间对象的获取与访问控制策略的检索过程中所引起的二次空间关系判定,提高了策略判定的效率与空间对象获取的效率。
(5)详细分析了基于空间角色的访问控制模型中各个基本元素的特点,提出了基于空间角色的核心模型SRBAC、层次空间角色模型SHRBAC以及引入职责分离约束模型SCRBAC,并讨论了将SHRBAC和SCRBAC两个模型进行组合时需要遵循的原则,从而得到基于空间角色的SHCRBAC模型。
(6)利用本文所提出的空间数据访问控制实施框架以及三种类型的空间数据访问控制模型,以BeyonDB数据库系统作为典型应用详细设计了BeyonDB数据库的访问控制功能,并通过对实施空间数据强制访问控制机制前后以及利用基于安全标记的SLR树优化前后空间数据检索效率的对比,分析了实施访问控制对空间数据库系统访问效率的影响。在此基础上,介绍了基于BeyonDB数据库系统所开发的Milimap行业应用系统,通过组合运用三种空间数据访问控制技术,实现了对空间数据的从数据库级粒度(粗粒度)到空间区域级(地理对象集级)粒度(细粒度)的空间数据保护,从而证明了本文所论述内容的正确性与可行性。
With the development of geo-information technology and expanding of its domains,geo-spatial data became more and more important in people’s ordinary lives and productions.To meet the demand of people, magnanimous data is produced and shared by web. And at thesame time, the security of spatial data also become more and more important and become themost imoportant problem of the application systems.To data provider, they need their data onlyused by the users have privileges and not shared by web or changed without their permission.Todata users, they need to have correct data and not be balefully changed by others. All of theabove needs can be realized through spatial data access control.Now most researches aboutaccess control is about relation data, and few researchers is carrying out their researches onspatial data. The article discuss about spatial database accessing control technology and datasecurity strategy and access model, and point the latter direction on spatial data accesscontrol.The article contains following contents:
(1) Basing on the summing-up of the database secutrity protect technology, we discuss thedatabase access control technology. And as a result, through the combination of thediscretionary access control, mandatory access control and role-based access control, we givean access control frame to contain a multi-granularities, mulriple spatial data access controlsolution.
(2) Basing on the analysis of the spatial data authorization and security strategy, we usespatial authorization table to replace the common access control matrix. And we give adiscretionary access control basing on spatial character and its samples.
(3) Basing on the analysis of the spatial data security strategy, we discuss the security leveland how to compare between them. Then we give a mandatory access contrl model and itssamples.
(4) Basing on R tree index, we fuse the authorization into the tree to avoid the secondspatial check in the access of the spatial object, and by this way we improve the efficiency ofthe strategy check and the query of spatial data.
(5) Basing on the analysis of the character of the role-based access contrl model, we give aspatial role-based access contrl model (SRBAC) and spatial hierarchy role-based access controlmodel(SHRBAC) and spatial constraint role-based access control model(SCRBAC), anddiscuss the principle should be obeyed when combain the SHRABC model and SCRBACmodel to SHCRBAC model.
(6) Basing on the three types of access control model, we design the access control systemin Beyond dabase system. And basing on the BeyonDB database system, we introduce therealization of the protect of spatial data from database level(thick granularity) to spatial area(dataset level, thin granularity) in Milimap and as a result, proving the correct andfeasibility of the spatial access contrl frame.
引文
[1] J. C. Baker, B. E. Lachman, D. R. Frelinger, K. M.O'Connell, and A. Hou. Mapping the risks: Assessingthe homeland security implications of publicly available geospatial information[R]. RAND NationalDefense Research Institute,2004.
[2] FGDC. Guidelines for providing appropriate access to geospatial data in response to securityconcerns[EB/OL]. http://www.fgdc.gov/policyandplanning/Access Guidelines.pdf.
[3] William E. Huxhold, Allan G Levinsohn. Managing Geographic Information System Projects[M].NewYork: Oxford University Press,1995.
[4] P. A. Burrough, R. A. McDonnell. Principle of Geographical Information Systems[M]. NewYork: OxfordUniversity Press,1998.
[5] P. A. Burrough, I. Masser. European Geographic Information Infrastructures: Opportunities andPitfalls[M]. London: Taylor&Francis,1998.
[6]王海龙,郭清宇. GIS的基本技术和发展趋势[J].计算机时代,2005,10:11-12.
[7]石若明,朱光. GIS的现状与发展趋势[J].北京建筑工程学院学报,2003,19(4):42-45.
[8]国家计算机网络应急技术处理协调中心:CERT/CC2006年网络安全工作报告[EB/OL].http://www.cert.org.cn/articles/docs/common/2007021523214.shtml.
[9]国家计算机网络应急技术处理协调中心:CERT/CC2007年网络安全工作报告[EB/OL].http://www.cert.org.cn/articles/docs/common/2008040823865.shtml.
[10]何宝金,刘晓玫,高俊峰.地学数据共享中的数据安全问题探讨[J].测绘科学,2006,31(2):52-56.
[11]牛少彰.信息安全概论[M].北京:北京邮电大学出版社,2004,134-186.
[12] Lampson B. W. Dynamic Proteetion Struetures[J]. Proeeedings of the AFIPS Fall Joint ComputerConference,1969,35(11):27-38.
[13] D. Elliott Bell, Leonard J. La Padula. Secure Computer Systems: Mathematical Foundations[R]. MITRETechnical Report2547,1973.
[14] Bertino E, Samarati P, Jajodia S. An Extended Authorization Model for Relational Databases[J]. IEEETrans. Knowledge and Data Engineering,1997,9(1):85-101.
[15] Bertino E, Jajodia S, Samarati P. A Flexible Authorization Mechanism for Data Management Systems[J].ACM Trans. Information Systems,1999,17(2):101-140.
[16] Sahadeb De, Caroline M. Eastman, Csilla Farkas. Secure Access Control in a Multi-userGeodatabase[EB/OL]. http://gis.esri.com/library/userconf/proc02/pap0355/p0355.htm.
[17] Jeong Min A, Kim Jung Ja, Won Yonggwan. A flexible database security system using multiple accesscontrol[C]. proceedings of the14th International Workshop on Database and Expert System Applications.Prague, Czech Republic,2003:168-178.
[18] Liliana Kasumi Sasaoka, Claudia Bauzer Medeiros. Access Control in Geographic Databases[C]. BerlinHeideueny: Springer-Verleg,2006:110-119.
[19] Michael Govorov, Youry Khmelevsky, Vasiliy Ustimenko, et a1. Security for GIS N-tier Architecture[C].Developments in Spatial Data Handling. Leicester: Springer Berlin Heidelberg. Peter F. Fisher,2005,71-83.
[20] Samba Sesay, Zongkai Yang, Jingwen Chen and Du Xu. A Secure Database Encryption Scheme[C].Consumer Communications and Networking Conference,2005,49-53.
[21] Bertino E, Damiani M L. A controlled access to spatial data on web[C]. Proc. of the7thAGILE Conf. onGeographic Information Science,2004:369-377.
[22] Bertino E, Damiani M L, Momini D. An access control system for a web map management service[C].Proc. of the14thInt. Workshop on Research Issues on Data Engineering: Web Service for E-Commerce andE-Government Applications,2004:33-39.
[23] Oh Y H, Bae H Y. MLS/SDM: Multi-level secure spatial data model[C]. proceedings of InternationalConference on Computational Science and Its Applications, Assist, Italy,2004:222-229.
[24] Beluss A, Bertino E, Catania B, et al. An authorization model for geographical maps[C]. Proc. of the12th annual ACM international workshop on Geographic information systems,2004:82-91.
[25] Belussi A, Catania B, Bertino E. A reference framework for integrating multiple representations ofgeographical maps[C]. Proc. of ACM GIS,2003:33-34.
[26] Jaehong Park, Ravi Sandhu. Towards Usage Control Models: Beyond Traditional Access Control[C].SACMAT,2002, Monterey, California, USA:57-64.
[27] Hai Y, Ee-Peng L. LTAM: A Location-Temporal authorization model[M]. Secure Data Manage,2004:17-186.
[28] D. F. Ferraiolo, R. Sandhu, D. R. Kuhn, R. Chandramouli. Proposed NIST standard for role-based accesscontrol[C]. ACM Trans. Information and System Security,2001,4(3):224-274.
[29] Bertino E, Catania B, Damiani M L, el a1. GEO-RBAC: A spatially aware RBAC[C]. Proceedings of the10th ACM Symposium on Access Control Models and Technologies.New York: ACM Press,2005,29-37.
[30] Hansen. F, el a1. Spatial role-based access control model for wireless networks[C]. Proceedings of the58th IEEE Vehicular Technology Conference. IEEE Computer Society, Orlando, USA,2003:2093-2097.
[31] X Cui, Y Chen, J Gu. Ex-RBAC: An Extended Role Based Access Control Model for Location-awareMobile Collaboration System[C]. Int Conf Of Internet Monitoring and Protection(ICIMP), California:IEEE,2007:36-42.
[32] Atluri V, Mazzoleni P. A uniform indexing scheme for geo-spatial data and authorizations[C]. Proc. ofthe Sixteen Conf. on Data and Application Security,2002:207-218.
[33]牛光,汪筱平,李亚敏等. Web GIS安全架构的设计与实现[J].郑州大学学报(理学版),2003,35(2):46-49.
[34]於光灿,李瑞轩,卢正鼎,宋伟,唐卓.基于特征的空间数据访问控制模型研究[J].计算机科学,2008,35(10):122-127.
[35]刘英,张曙光.基于空间索引的二维空间区域访问控制模型[J].计算机应用,2005,25(6):1277-1278.
[36]孙庆辉,骆剑承,赵军喜.网格GIS数据传输机制与策略[J].地球信息科学,2005,7(1):65-70.
[37]梁洁,梁虹,朱红梅,廖翌.基于ArcSDE的排水管网空间数据库安全管理[J].计算机应用研究,2005,22(4):140-142.
[38]贾培宏,史照良,龚越新. GIS空间数据安全管理技术方法研究[J].现代测绘,2003,26(4):9-11.
[39]朱霞,孙振冰. GIS中基于角色的图元授权粒度控制研究[J].武汉大学学报(信息科学版),2004,29(2):157-184.
[40]王来刚,王震. GIS中基于RBAC的空间信息安全研究[J].地理空间信息,2006,4(4):22-24.
[41]赵明,刘佳,韩文报.基于角色访问控制模型的空间特性扩展[J].计算机应用与软件,2008,25(7),16-18.
[42]鞠时光,陈伟鹤,顾怡.带有空间特性角色约束[J].计算机辅助设计与图形学学报,2008,20(10),1374-1383.
[43]张颖君,陈驰.基于尺度的时空RBAC模型[J].计算机研究与发展,2010,47(7):1252-1260.
[44]安小明,王小明,王巧玲.具有时空约束的角色访问控制模型[J].2010,46(7):89-92.
[45]席睿,彭长根.空间约束的基于属性和角色的访问控制研究[J].贵州大学学报(自然科学版),2010,27(6):81-86.
[46] Oracle, Oracle Security papers[EB/OL]. http://www.petefinnigan.com/orasec.htm.
[47] DB2, DB2Security[EB/OL], http://wwwdb.inf.tu-dresden.de/files/teaching/ibmcert/700/db2cert2v8-a4.pdf.
[48] www.knowsky.com, DB2数据库安全性全面介绍(1)[EB/OL], http://www.knowsky.com/390558.html.
[49] Microsoft SQL SERVER, SQL Server2005Security White Papers[EB/OL].http://www.microsoft.com/sql/technologies/security/whitepapers.mspx.2007.
[50] IBM, IBM Informix Online Extended Edition Version5.2for UNIX and Linux[EB/OL].2003.
[51] www.knowsky.com,讲解Informix数据库的安全性及安全审计[EB/OL]. http://www.knowsky.com/397698.html.
[52] Ben Slade. Intro to Sybase[EB/OL]. http://www.benslade.com/tech/OldIntroToSybase/.2004.7.
[53]北京信息安全国家重点实验室、北京神州龙安科技有限公司. LOIS安全数据库管理系统产品说明书[EB/OL].2003.10.
[54]武汉华工梦达数据库有限公司.梦达数据库管理系统DM系统管理员手册[EB/OL].2006.9.
[55]达梦数据库产品十大安全特性详解[EB/OL]. http://news.csdn.net/n/20060616/91725.html.
[56]东软集团有限公司.东软OpenBASE数据库管理系统技术白皮书版本6.0[EB/OL].
[57]程万军. OpenBASE Secure国产安全数据库系统——为国家信息基础架构助力[J].软件工程师,2001,7:8-10.
[58]北京神州航天软件技术有限公司.神舟OSCAR--产品白皮书[EB/OL].2006.8.
[59] TechTarget.国产数据库软件神舟OSCAR数据库系统[EB/OL].http://www.searchdatabase.com.cn/showcontent_8767.htm.
[60]北京人大金仓信息技术有限公司. KingbaseES V6安全版[EB/OL].2007.8.
[61] Kristy Westphal. Secure MySQL Database Design[EB/OL]. http://www.securityfocus.com/infocus/1667.2003.2
[62] Postgresql. Postgresql8.1中文文档[EB/OL]. http://www.pgsqldb.org/pgsqldoc-8.1c/.2005.
[63] Ingres. Ingres2006Release2Object Management Extension User Guide[EB/OL].http://www.ingres.com/downloads/prod-comm-download.php.2006.10.
[64] S. Shekhar, S. C.著,谢昆青,马修军,杨冬青等译.空间数据库[M],机械工业出版社,2006.
[65]刘启原,刘怡.数据库与信息系统的安全[M].北京:科学出版社,2000,30-38.
[66] W. Yeh Tan. Constraints-Based Access Control[J]. Proceedings of the15th Annual Working Conferenceon Database and Application Security,2001,31-44.
[67]李孟珂,余祥宣.基于角色的访问控制技术及应用[J],计算机应用研究,2000,10:44-47.
[68] DoD5200.28-STD. Department of Defense Standard[S]. Department of Defense Trusted ComputerSystem Evaluation Criteria, National Computer Security Center, Ft. Meade, MD, USA,1985.12.
[69] L. Fuchs, C. Broser, G. Pernul. Different Approaches to In-House Identity Management-Justifieation ofan Assumption[J]. International Conference on Availability, Reliability and Security,2009,122-129.
[70] GB/T18794.3.信息系统开放系统互连开放系统安全框架第3部分:访问控制框架[S].北京:中华人民共和国信息产业部,2003.
[71]戴宗坤,罗万伯,唐三平.信息系统安全[M],金城出版社,2000.
[72] Lampson B. W. Dynamic Proteetion Struetures[J]. Proeeedings of the AFIPS Fall Joint ComputerConference,1969,35(11):27-38.
[73]刘宏月,范九伦,马建峰.访问控制技术研究进展[J].小型微型计算机系统,2004,25(1):56-59.
[74]赵亮,茅兵,谢立.访问控制研究综述[J],计算机工程,2004,30(2):1-3.
[75] Joon S. Park, Ravi Sandhu, Gail-Joon Ahn, Role-based access control on the Web[J], ACM Transactionson Information and System Security, February2001, Vol.4, No.1:37-71.
[76] Jerome H Saltzer, Michael D Schroeder. The Protection of Information in Computer Systems [M].1975.
[77]萨师煊,王珊.数据库系统概论(第三版)[M].北京:高等教育出版社,2001.
[78] Stallings W. Network security essentials: applications and standards[M]. Prentice-Hall Inc,2002,223-234.
[79]朱鲁华.安全操作系统模型和实现结构研究[D].信息工程大学,2002.
[80] D. Elliott Bell, Leonard J. La Padula. Secure Computer Systems: Mathematical Foundations[R]. MITRETechnical Report2547,1973.
[81] K. J. Biba. Integrity Constraints for Secure Computer Systems[R]. USAF Electronic Systems Division,Bedford, Massachusetts,1977.4.
[82] R. O’ Brien, C. Rogers. Developing applications on lock[C]. The National Computer Security Conf,Washington,199l.
[83]浦海挺.安全操作系统的体系架构及其实现模型[D].四川大学,2004.
[84]刘伟.访问控制技术研究[J],《农业网络信息》,2007,7:96-97.
[85]张勇,张德运,蒋旭宪.基于认证的网络权限管理技术[J],计算机工程与设计,2001(2):52-55.
[86]许春根,江于,严悍.基于角色访问控制的动态建模[J],计算机工程,2002(1):116-118.
[87]李成锴,詹永照,茅兵,谢立.基于角色的CSCW系统访问控制模型[J],软件学报,2000(7):30-33.
[88] FERRAIOLO D F, SANDHU R S, GAVRILA S, et al. Proposed NIST standard for role-based accesscontrol[J]. ACM Transaction on Information and Systems Security,2001,4(3):224-274.
[89] American National Standards Institute Inc. Role Based Access Control[S]. ANSI-INCITS359-2004,2004.
[90] Ravi Sandhu, E. J. Coyne, H. L. Feinstein, C. E. Youman. Role-Based Access Control Models[J]. IEEEComputer,1996,29(2):38-47.
[91] David F. Ferraiolo, D. Richard Kuhn, Ramaswamy Chandramouli. Role-Based Access Control[M],Artech House,2003.4.
[92] David F. Ferraiolo, Ravi Sandhu, Serban Gavrila, et al. Proposed NIST Standard for Role-Based AccessControl[J]. ACM Transactions on Information and System Security,2001,4(3):224-274.
[93]中国信息安全产品测评认证中心.信息安全理论与技术[M],人民邮电出版社,2003.9.
[94] Thomas R. K, Sandhu R. S. Conceptual Foundations for a Model of a task-based Authorization[J].Proceedings of the7thIEEE Computer Seeurity. Franconia: IEEE,1994,66-79.
[95] J Park, R Sandhu. Towards Usage Control Models: Beyond Traditional Access Control[J]. Proceedingsof the7thACM Symposium on Aceess Control Models and Teehnologies,2002:57-64.
[96] Chun SA, Atluri V. Protecting privacy from continuous high-resolution satellite surveillance[J]. In:Thuraisingham BM, van de Riet RP, Dittrich KR, Tari Z, eds. Proc. of the IFIPTC11/WG11.314thAnnualWorking Conf. on Data and Applications Security. Catalonia: Springer-Verlag,2000:233-244.
[97] Denning D. A lattice model of secure information flow[J]. Communications of the ACM,1976,19(5):236-243.
[98]邬伦,刘瑜,张晶,马修军,韦中亚,田原.地理信息系统-原理、方法和应用[M].北京:科学出版社,2001.
[99]郭薇,郭菁,胡志勇.空间数据库索引技术[M].上海:上海交通大学出版社,2006.
[100] Frieder O. Multiproeessor Algorithms for Relational Database Operators on Hypercube Systems[M],IEEE Computer,1990.11.
[101]王春晓,李仕田,干定勇,刘洪斌,武伟.集成型空间数据库技术探讨与应用实例[J].遥感技术与应用,2003,18(2):109-114.
[102] J. L. Bentley. Multidimensional binary search trees used for associative searehing[J],Communieations of the ACAS,1975,18(9):509-517.
[103] T. Sellis, N. Roussopoulos, C. Faloutsos, The R+-tree: A Dynamic Index for MultidimensionalObjeets[J], Proc.13thInt. Conf. on Very Large Databases,1987:507-518.
[104] Ganguly S, HasanW. Krishnamurthy R. Query Optimization for Parallel Execution[J], ACMSIGMOD(San Diego CA),1992:9-18.
[105] N. Beehmann, H. P. Kriegel, R. Sehneider, B. Seeger. The R*tree: An Eficient and Robust AccessMethod for Points and Rectangles[J]. ACMS IGMOD,1990,19(2):322-331.
[106] R. A. Finkeland, J. L. Bentley. Quadtrees: A data strueture for retrieval on Compositive keys[J]. ActaInformatic,1974,4: l-9.
[107] B. C. Ooi, K. L. Tan. B-trees: bearing all kinds of fruits[M]. Australian Database Conference,2002.
[108]马亚明,徐杨,张江水.空间索引与多尺度表达的一体化模型研究[J].武汉大学学报信息科学版,2008,33(12):1237-1241.
[109] Shashi Shekhar, Sanjay Chawla.谢昆青,马修军,杨冬青等译.空间数据库[M].北京:机械工业出版社,2004.
[110] M Kornacker,C Mohan,J M Hellerstein. Concurrency and Recovery in Generalized Seacrh Trees[J].Proceedings ACM SIGMOD International Conference l997.62-72.
[111] T Seherek,Z Chen. Bancrh grafting method for R-tree implementation[J]. The Journal of Sysetms andSoftware,2000,53:83-93。
[112] Timos Sellis,Nick Roussopoulos,Christos Faloutsos. THE R+-TREE:A Dynamic Index for Multi-Dimensional Objects[J]. VLDB1987.507-518.
[113] Beckmann N,Kriegel H P,Schneider R,et al. The R*-tree:A efficient and robust access method forpoints and rectangles[J]. Porceedings ACM SIGMOD International Conefrence on Management of Data,1990:322-331.
[114]邱建华.空间数据库索引技术研究[D].武汉大学,2004.5.
[115] Sandhu R, Coyne E. Role-based access control models[J]. IEEE Computer,1996,29(2):38-47.
[116] Jaeger T. On the increasing importance of constraints[C]. Proceedings of the4th ACMWorkshop onRole-Based Access Control, Fairefax,1999:33-42.
[117] Ahn G J. The RCL2000language for specifying role-based authorization constraints[D]. Fairfax:George Mason University,1999.
[118] Ahn G J, Sandhu R. Role-based authorization constraints specification[J]. ACM Transactions onInformation and System Security,2000,3(4):207-226.
[119] Bertino E, Bonatti P A, Ferrari E. TRBAC: a temporal role-based access control model[J]. ACMTransactions On Information and System Security,2001,4(3):191-223.
[120] Joshi J B D, Bertino E, Shafiq B, et a1. Dependencies and separation of duty constraints inGTRBAC[C]. Proceedings of ACM Symposium on Access Control Models and Technologies, Como,2003:51-64.
[121] Ahn G J. Specification and classification of role-based authorization policies[C]. Proceedings of the12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises,Linz,2003:202-207.
[122] Joshi J B D, Bertino E, Latif U, et a1. A generalized temporal role-based access control model[J].IEEE Transactions on Knowledge and Data Engineering,2005,17(1):4-23.
[123]甘泉.一种企业级分布式访问控制机制改进及实现[D].北京:中国科学院研究生院(软件研究所),2005.
[124] J. Barkley, A. Cineotta. Managing role/permission relationships using object aeeess types[J].3rdACMWbrkshop on Role-Based Aceess Control,1998,73-80.
[125] CLARK D D, WILSON D R. A comparision of commercial and military computer security policies[J].Proceedings of the1987IEEE Symposium on Security and Privacy, IEEE Computer Society Press,1987,184-194.
[2] FGDC. Guidelines for providing appropriate access to geospatial data in response to securityconcerns[EB/OL]. http://www.fgdc.gov/policyandplanning/Access Guidelines.pdf.
[3] William E. Huxhold, Allan G Levinsohn. Managing Geographic Information System Projects[M].NewYork: Oxford University Press,1995.
[4] P. A. Burrough, R. A. McDonnell. Principle of Geographical Information Systems[M]. NewYork: OxfordUniversity Press,1998.
[5] P. A. Burrough, I. Masser. European Geographic Information Infrastructures: Opportunities andPitfalls[M]. London: Taylor&Francis,1998.
[6]王海龙,郭清宇. GIS的基本技术和发展趋势[J].计算机时代,2005,10:11-12.
[7]石若明,朱光. GIS的现状与发展趋势[J].北京建筑工程学院学报,2003,19(4):42-45.
[8]国家计算机网络应急技术处理协调中心:CERT/CC2006年网络安全工作报告[EB/OL].http://www.cert.org.cn/articles/docs/common/2007021523214.shtml.
[9]国家计算机网络应急技术处理协调中心:CERT/CC2007年网络安全工作报告[EB/OL].http://www.cert.org.cn/articles/docs/common/2008040823865.shtml.
[10]何宝金,刘晓玫,高俊峰.地学数据共享中的数据安全问题探讨[J].测绘科学,2006,31(2):52-56.
[11]牛少彰.信息安全概论[M].北京:北京邮电大学出版社,2004,134-186.
[12] Lampson B. W. Dynamic Proteetion Struetures[J]. Proeeedings of the AFIPS Fall Joint ComputerConference,1969,35(11):27-38.
[13] D. Elliott Bell, Leonard J. La Padula. Secure Computer Systems: Mathematical Foundations[R]. MITRETechnical Report2547,1973.
[14] Bertino E, Samarati P, Jajodia S. An Extended Authorization Model for Relational Databases[J]. IEEETrans. Knowledge and Data Engineering,1997,9(1):85-101.
[15] Bertino E, Jajodia S, Samarati P. A Flexible Authorization Mechanism for Data Management Systems[J].ACM Trans. Information Systems,1999,17(2):101-140.
[16] Sahadeb De, Caroline M. Eastman, Csilla Farkas. Secure Access Control in a Multi-userGeodatabase[EB/OL]. http://gis.esri.com/library/userconf/proc02/pap0355/p0355.htm.
[17] Jeong Min A, Kim Jung Ja, Won Yonggwan. A flexible database security system using multiple accesscontrol[C]. proceedings of the14th International Workshop on Database and Expert System Applications.Prague, Czech Republic,2003:168-178.
[18] Liliana Kasumi Sasaoka, Claudia Bauzer Medeiros. Access Control in Geographic Databases[C]. BerlinHeideueny: Springer-Verleg,2006:110-119.
[19] Michael Govorov, Youry Khmelevsky, Vasiliy Ustimenko, et a1. Security for GIS N-tier Architecture[C].Developments in Spatial Data Handling. Leicester: Springer Berlin Heidelberg. Peter F. Fisher,2005,71-83.
[20] Samba Sesay, Zongkai Yang, Jingwen Chen and Du Xu. A Secure Database Encryption Scheme[C].Consumer Communications and Networking Conference,2005,49-53.
[21] Bertino E, Damiani M L. A controlled access to spatial data on web[C]. Proc. of the7thAGILE Conf. onGeographic Information Science,2004:369-377.
[22] Bertino E, Damiani M L, Momini D. An access control system for a web map management service[C].Proc. of the14thInt. Workshop on Research Issues on Data Engineering: Web Service for E-Commerce andE-Government Applications,2004:33-39.
[23] Oh Y H, Bae H Y. MLS/SDM: Multi-level secure spatial data model[C]. proceedings of InternationalConference on Computational Science and Its Applications, Assist, Italy,2004:222-229.
[24] Beluss A, Bertino E, Catania B, et al. An authorization model for geographical maps[C]. Proc. of the12th annual ACM international workshop on Geographic information systems,2004:82-91.
[25] Belussi A, Catania B, Bertino E. A reference framework for integrating multiple representations ofgeographical maps[C]. Proc. of ACM GIS,2003:33-34.
[26] Jaehong Park, Ravi Sandhu. Towards Usage Control Models: Beyond Traditional Access Control[C].SACMAT,2002, Monterey, California, USA:57-64.
[27] Hai Y, Ee-Peng L. LTAM: A Location-Temporal authorization model[M]. Secure Data Manage,2004:17-186.
[28] D. F. Ferraiolo, R. Sandhu, D. R. Kuhn, R. Chandramouli. Proposed NIST standard for role-based accesscontrol[C]. ACM Trans. Information and System Security,2001,4(3):224-274.
[29] Bertino E, Catania B, Damiani M L, el a1. GEO-RBAC: A spatially aware RBAC[C]. Proceedings of the10th ACM Symposium on Access Control Models and Technologies.New York: ACM Press,2005,29-37.
[30] Hansen. F, el a1. Spatial role-based access control model for wireless networks[C]. Proceedings of the58th IEEE Vehicular Technology Conference. IEEE Computer Society, Orlando, USA,2003:2093-2097.
[31] X Cui, Y Chen, J Gu. Ex-RBAC: An Extended Role Based Access Control Model for Location-awareMobile Collaboration System[C]. Int Conf Of Internet Monitoring and Protection(ICIMP), California:IEEE,2007:36-42.
[32] Atluri V, Mazzoleni P. A uniform indexing scheme for geo-spatial data and authorizations[C]. Proc. ofthe Sixteen Conf. on Data and Application Security,2002:207-218.
[33]牛光,汪筱平,李亚敏等. Web GIS安全架构的设计与实现[J].郑州大学学报(理学版),2003,35(2):46-49.
[34]於光灿,李瑞轩,卢正鼎,宋伟,唐卓.基于特征的空间数据访问控制模型研究[J].计算机科学,2008,35(10):122-127.
[35]刘英,张曙光.基于空间索引的二维空间区域访问控制模型[J].计算机应用,2005,25(6):1277-1278.
[36]孙庆辉,骆剑承,赵军喜.网格GIS数据传输机制与策略[J].地球信息科学,2005,7(1):65-70.
[37]梁洁,梁虹,朱红梅,廖翌.基于ArcSDE的排水管网空间数据库安全管理[J].计算机应用研究,2005,22(4):140-142.
[38]贾培宏,史照良,龚越新. GIS空间数据安全管理技术方法研究[J].现代测绘,2003,26(4):9-11.
[39]朱霞,孙振冰. GIS中基于角色的图元授权粒度控制研究[J].武汉大学学报(信息科学版),2004,29(2):157-184.
[40]王来刚,王震. GIS中基于RBAC的空间信息安全研究[J].地理空间信息,2006,4(4):22-24.
[41]赵明,刘佳,韩文报.基于角色访问控制模型的空间特性扩展[J].计算机应用与软件,2008,25(7),16-18.
[42]鞠时光,陈伟鹤,顾怡.带有空间特性角色约束[J].计算机辅助设计与图形学学报,2008,20(10),1374-1383.
[43]张颖君,陈驰.基于尺度的时空RBAC模型[J].计算机研究与发展,2010,47(7):1252-1260.
[44]安小明,王小明,王巧玲.具有时空约束的角色访问控制模型[J].2010,46(7):89-92.
[45]席睿,彭长根.空间约束的基于属性和角色的访问控制研究[J].贵州大学学报(自然科学版),2010,27(6):81-86.
[46] Oracle, Oracle Security papers[EB/OL]. http://www.petefinnigan.com/orasec.htm.
[47] DB2, DB2Security[EB/OL], http://wwwdb.inf.tu-dresden.de/files/teaching/ibmcert/700/db2cert2v8-a4.pdf.
[48] www.knowsky.com, DB2数据库安全性全面介绍(1)[EB/OL], http://www.knowsky.com/390558.html.
[49] Microsoft SQL SERVER, SQL Server2005Security White Papers[EB/OL].http://www.microsoft.com/sql/technologies/security/whitepapers.mspx.2007.
[50] IBM, IBM Informix Online Extended Edition Version5.2for UNIX and Linux[EB/OL].2003.
[51] www.knowsky.com,讲解Informix数据库的安全性及安全审计[EB/OL]. http://www.knowsky.com/397698.html.
[52] Ben Slade. Intro to Sybase[EB/OL]. http://www.benslade.com/tech/OldIntroToSybase/.2004.7.
[53]北京信息安全国家重点实验室、北京神州龙安科技有限公司. LOIS安全数据库管理系统产品说明书[EB/OL].2003.10.
[54]武汉华工梦达数据库有限公司.梦达数据库管理系统DM系统管理员手册[EB/OL].2006.9.
[55]达梦数据库产品十大安全特性详解[EB/OL]. http://news.csdn.net/n/20060616/91725.html.
[56]东软集团有限公司.东软OpenBASE数据库管理系统技术白皮书版本6.0[EB/OL].
[57]程万军. OpenBASE Secure国产安全数据库系统——为国家信息基础架构助力[J].软件工程师,2001,7:8-10.
[58]北京神州航天软件技术有限公司.神舟OSCAR--产品白皮书[EB/OL].2006.8.
[59] TechTarget.国产数据库软件神舟OSCAR数据库系统[EB/OL].http://www.searchdatabase.com.cn/showcontent_8767.htm.
[60]北京人大金仓信息技术有限公司. KingbaseES V6安全版[EB/OL].2007.8.
[61] Kristy Westphal. Secure MySQL Database Design[EB/OL]. http://www.securityfocus.com/infocus/1667.2003.2
[62] Postgresql. Postgresql8.1中文文档[EB/OL]. http://www.pgsqldb.org/pgsqldoc-8.1c/.2005.
[63] Ingres. Ingres2006Release2Object Management Extension User Guide[EB/OL].http://www.ingres.com/downloads/prod-comm-download.php.2006.10.
[64] S. Shekhar, S. C.著,谢昆青,马修军,杨冬青等译.空间数据库[M],机械工业出版社,2006.
[65]刘启原,刘怡.数据库与信息系统的安全[M].北京:科学出版社,2000,30-38.
[66] W. Yeh Tan. Constraints-Based Access Control[J]. Proceedings of the15th Annual Working Conferenceon Database and Application Security,2001,31-44.
[67]李孟珂,余祥宣.基于角色的访问控制技术及应用[J],计算机应用研究,2000,10:44-47.
[68] DoD5200.28-STD. Department of Defense Standard[S]. Department of Defense Trusted ComputerSystem Evaluation Criteria, National Computer Security Center, Ft. Meade, MD, USA,1985.12.
[69] L. Fuchs, C. Broser, G. Pernul. Different Approaches to In-House Identity Management-Justifieation ofan Assumption[J]. International Conference on Availability, Reliability and Security,2009,122-129.
[70] GB/T18794.3.信息系统开放系统互连开放系统安全框架第3部分:访问控制框架[S].北京:中华人民共和国信息产业部,2003.
[71]戴宗坤,罗万伯,唐三平.信息系统安全[M],金城出版社,2000.
[72] Lampson B. W. Dynamic Proteetion Struetures[J]. Proeeedings of the AFIPS Fall Joint ComputerConference,1969,35(11):27-38.
[73]刘宏月,范九伦,马建峰.访问控制技术研究进展[J].小型微型计算机系统,2004,25(1):56-59.
[74]赵亮,茅兵,谢立.访问控制研究综述[J],计算机工程,2004,30(2):1-3.
[75] Joon S. Park, Ravi Sandhu, Gail-Joon Ahn, Role-based access control on the Web[J], ACM Transactionson Information and System Security, February2001, Vol.4, No.1:37-71.
[76] Jerome H Saltzer, Michael D Schroeder. The Protection of Information in Computer Systems [M].1975.
[77]萨师煊,王珊.数据库系统概论(第三版)[M].北京:高等教育出版社,2001.
[78] Stallings W. Network security essentials: applications and standards[M]. Prentice-Hall Inc,2002,223-234.
[79]朱鲁华.安全操作系统模型和实现结构研究[D].信息工程大学,2002.
[80] D. Elliott Bell, Leonard J. La Padula. Secure Computer Systems: Mathematical Foundations[R]. MITRETechnical Report2547,1973.
[81] K. J. Biba. Integrity Constraints for Secure Computer Systems[R]. USAF Electronic Systems Division,Bedford, Massachusetts,1977.4.
[82] R. O’ Brien, C. Rogers. Developing applications on lock[C]. The National Computer Security Conf,Washington,199l.
[83]浦海挺.安全操作系统的体系架构及其实现模型[D].四川大学,2004.
[84]刘伟.访问控制技术研究[J],《农业网络信息》,2007,7:96-97.
[85]张勇,张德运,蒋旭宪.基于认证的网络权限管理技术[J],计算机工程与设计,2001(2):52-55.
[86]许春根,江于,严悍.基于角色访问控制的动态建模[J],计算机工程,2002(1):116-118.
[87]李成锴,詹永照,茅兵,谢立.基于角色的CSCW系统访问控制模型[J],软件学报,2000(7):30-33.
[88] FERRAIOLO D F, SANDHU R S, GAVRILA S, et al. Proposed NIST standard for role-based accesscontrol[J]. ACM Transaction on Information and Systems Security,2001,4(3):224-274.
[89] American National Standards Institute Inc. Role Based Access Control[S]. ANSI-INCITS359-2004,2004.
[90] Ravi Sandhu, E. J. Coyne, H. L. Feinstein, C. E. Youman. Role-Based Access Control Models[J]. IEEEComputer,1996,29(2):38-47.
[91] David F. Ferraiolo, D. Richard Kuhn, Ramaswamy Chandramouli. Role-Based Access Control[M],Artech House,2003.4.
[92] David F. Ferraiolo, Ravi Sandhu, Serban Gavrila, et al. Proposed NIST Standard for Role-Based AccessControl[J]. ACM Transactions on Information and System Security,2001,4(3):224-274.
[93]中国信息安全产品测评认证中心.信息安全理论与技术[M],人民邮电出版社,2003.9.
[94] Thomas R. K, Sandhu R. S. Conceptual Foundations for a Model of a task-based Authorization[J].Proceedings of the7thIEEE Computer Seeurity. Franconia: IEEE,1994,66-79.
[95] J Park, R Sandhu. Towards Usage Control Models: Beyond Traditional Access Control[J]. Proceedingsof the7thACM Symposium on Aceess Control Models and Teehnologies,2002:57-64.
[96] Chun SA, Atluri V. Protecting privacy from continuous high-resolution satellite surveillance[J]. In:Thuraisingham BM, van de Riet RP, Dittrich KR, Tari Z, eds. Proc. of the IFIPTC11/WG11.314thAnnualWorking Conf. on Data and Applications Security. Catalonia: Springer-Verlag,2000:233-244.
[97] Denning D. A lattice model of secure information flow[J]. Communications of the ACM,1976,19(5):236-243.
[98]邬伦,刘瑜,张晶,马修军,韦中亚,田原.地理信息系统-原理、方法和应用[M].北京:科学出版社,2001.
[99]郭薇,郭菁,胡志勇.空间数据库索引技术[M].上海:上海交通大学出版社,2006.
[100] Frieder O. Multiproeessor Algorithms for Relational Database Operators on Hypercube Systems[M],IEEE Computer,1990.11.
[101]王春晓,李仕田,干定勇,刘洪斌,武伟.集成型空间数据库技术探讨与应用实例[J].遥感技术与应用,2003,18(2):109-114.
[102] J. L. Bentley. Multidimensional binary search trees used for associative searehing[J],Communieations of the ACAS,1975,18(9):509-517.
[103] T. Sellis, N. Roussopoulos, C. Faloutsos, The R+-tree: A Dynamic Index for MultidimensionalObjeets[J], Proc.13thInt. Conf. on Very Large Databases,1987:507-518.
[104] Ganguly S, HasanW. Krishnamurthy R. Query Optimization for Parallel Execution[J], ACMSIGMOD(San Diego CA),1992:9-18.
[105] N. Beehmann, H. P. Kriegel, R. Sehneider, B. Seeger. The R*tree: An Eficient and Robust AccessMethod for Points and Rectangles[J]. ACMS IGMOD,1990,19(2):322-331.
[106] R. A. Finkeland, J. L. Bentley. Quadtrees: A data strueture for retrieval on Compositive keys[J]. ActaInformatic,1974,4: l-9.
[107] B. C. Ooi, K. L. Tan. B-trees: bearing all kinds of fruits[M]. Australian Database Conference,2002.
[108]马亚明,徐杨,张江水.空间索引与多尺度表达的一体化模型研究[J].武汉大学学报信息科学版,2008,33(12):1237-1241.
[109] Shashi Shekhar, Sanjay Chawla.谢昆青,马修军,杨冬青等译.空间数据库[M].北京:机械工业出版社,2004.
[110] M Kornacker,C Mohan,J M Hellerstein. Concurrency and Recovery in Generalized Seacrh Trees[J].Proceedings ACM SIGMOD International Conference l997.62-72.
[111] T Seherek,Z Chen. Bancrh grafting method for R-tree implementation[J]. The Journal of Sysetms andSoftware,2000,53:83-93。
[112] Timos Sellis,Nick Roussopoulos,Christos Faloutsos. THE R+-TREE:A Dynamic Index for Multi-Dimensional Objects[J]. VLDB1987.507-518.
[113] Beckmann N,Kriegel H P,Schneider R,et al. The R*-tree:A efficient and robust access method forpoints and rectangles[J]. Porceedings ACM SIGMOD International Conefrence on Management of Data,1990:322-331.
[114]邱建华.空间数据库索引技术研究[D].武汉大学,2004.5.
[115] Sandhu R, Coyne E. Role-based access control models[J]. IEEE Computer,1996,29(2):38-47.
[116] Jaeger T. On the increasing importance of constraints[C]. Proceedings of the4th ACMWorkshop onRole-Based Access Control, Fairefax,1999:33-42.
[117] Ahn G J. The RCL2000language for specifying role-based authorization constraints[D]. Fairfax:George Mason University,1999.
[118] Ahn G J, Sandhu R. Role-based authorization constraints specification[J]. ACM Transactions onInformation and System Security,2000,3(4):207-226.
[119] Bertino E, Bonatti P A, Ferrari E. TRBAC: a temporal role-based access control model[J]. ACMTransactions On Information and System Security,2001,4(3):191-223.
[120] Joshi J B D, Bertino E, Shafiq B, et a1. Dependencies and separation of duty constraints inGTRBAC[C]. Proceedings of ACM Symposium on Access Control Models and Technologies, Como,2003:51-64.
[121] Ahn G J. Specification and classification of role-based authorization policies[C]. Proceedings of the12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises,Linz,2003:202-207.
[122] Joshi J B D, Bertino E, Latif U, et a1. A generalized temporal role-based access control model[J].IEEE Transactions on Knowledge and Data Engineering,2005,17(1):4-23.
[123]甘泉.一种企业级分布式访问控制机制改进及实现[D].北京:中国科学院研究生院(软件研究所),2005.
[124] J. Barkley, A. Cineotta. Managing role/permission relationships using object aeeess types[J].3rdACMWbrkshop on Role-Based Aceess Control,1998,73-80.
[125] CLARK D D, WILSON D R. A comparision of commercial and military computer security policies[J].Proceedings of the1987IEEE Symposium on Security and Privacy, IEEE Computer Society Press,1987,184-194.