An Approach to Multiple Security System Development Using Database Schemas

Abstract

Information security is a key issue in an Enterprise Information System (EIS) development. It is important characteristic of the entire EIS and all EIS’s information subsystems. Information security effectiveness affects adequacy of enterprise decision making at all management levels and especially depends on database security. So, it is a good practice to develop a unified relational database for several subsystems of EIS. This paper discusses an approach to multiple security system development for several subsystems using one or several schemas of the unified database. The key peculiarity of the approach is an ability to evaluate “similarity” of database security systems. The “similar” database security systems should be united into the common security system, otherwise they must be separated. The “similarity” is calculated as weighted correlation between sets of user roles permissions defined as functional on sets of database tables, data operations and user roles. The proposed approach was tested on a production database of University Management Information System that allowed optimizing of its data access control through several database schemas. Also, the approach allows automation of determining the feasibility of creating new database schemas in the further development of the EIS.