分布式数据库的安全问题是人们越来越关心的问题。本文讨论了分布式数据库安全和有关模型。

本文首先从分布式数据库及其安全的有关概念入手，分析了分布式数据库的优点，客户/服务器体系结构，数据库安全存在的问题，对数据库安全的威胁，以及数据库安全的主要防卫措施。接下来深入讨论了保证数据库安全有关模型，贝尔-拉帕丢拉模型。包括主体、客体及它们的密级的概念，保证安全存取数据所遵循的原则。进而提出了强制存取控制策略和自主存取控制策略相结合的方法来保证数据库的安全。

    自主型安全模型中对用户存取信息的控制是基于用户的鉴别和用户的存取访问规则的，其优点是灵活，但其缺点是不能提供确实的保证满足对于系统的保护要求。强制型安全模型适用于用户和客体分为多种安全级别的运行环境，它提供了基于标识的高级安全认证， 它的不足是太严格。对于一般的系统用强制存取控制和自主存取控制相结合的办法是可行的。最后讨论了数据库安全的前景和发展方向。

关键词 ：分布式数据，自主存取控制(DAC)，强制存取控制( MAC)

 

 

 

    It is well known that the security of distributed database has become more and more important，This  paper discusses some models on distributed database and the application in Liaoning Power MIS System.

    First，this Paper gives some concepts on distributed database security， the structure of Client/Server，the problems of database security， the threatening toward the security of database and the measures of keeping database security Then we discuss thoroughly the security models such as Bell-La Padula，Object and security level，the rules that ensure accessing the database safety. At last，we expect the future of database security..

    DAC is base on identifying user and the access rules .Its advantage is flexible and the shortcoming is that it can't guarantee the security. MAC is adapted to circumstance in which the users and the objects are marked security level. It offers advanced security authentication.

Keywords: Distributed Database，Discretionary Access Control(DAC)，Mandatory Access Control(MAC)

                                                      

目 录