What are the major issues in multilevel security based on distributed security manager?

Information SecuritySafe & SecurityData Structure

There are several issues in in multilevel security based on distributed security manager which are as follows −

  • Authentication − User authentication is the basic line of defence for mobile and handheld devices including Personal Digital Assistants (PDAs). Traditional authentication structure rely on supporting a centralized database of user identities, making it complex to authenticate users in a different management domain as depicted.

    This mechanism for supporting security in mobile device is a difficulty for each system supporting safe access to precious, private data, or personalized services. The authentication structure should be distributed, and the several components of the authenticator need to connect with each other to authenticate a user. In centralized environment, the authenticator required to have data about some users of the system.

  • Data confidentiality − Generally, the increasing connection of travelling users to corporate databases to create personal information available to mobile users introduce new threats on data privacy and confidentiality. There is one solution is treated that is known as C-SDA (Chip- Secured Data Access), which enables querying encrypted data while ruling personal privileges.

  • Identification − The procedure of verifying a user's identity is generally defined as user identification and authentication. Passwords are the general method used for authenticating computer users, but information as name (e.g. First or last) or a Passwords, email address supports no assurance of identity, in avoiding unauthorized access to computer resources when used as the exclusive means of authentication, so some users are starting to use biometrics as an approach of user identification.

    If it is required to use from passwords as security means so have to management use of passwords by periodic changing of passwords that it based on the sensitivity of the information, or use of deliberately misspelling words, combining multiple words together, or including numbers and punctuation in a password, so that avoid the guess of passwords. The identity should be unique so that the system can distinguish between different users. The identity must also be non-forgeable so that one person cannot imitate another.

  • Access control − Access control secure data integrity by limiting who can change data. The access control rules required in a distributed environment can be distributed, centralized or replicated. If the rules are centralized, thus the central server required to check some accesses to the database. If the rules are distributed, thus appropriate rules required to be located and enforced for a specific access.

    Often the rules related to a specific database can also be stored at the same site. If the rules are replicated, then every node can carry out the access control checks for the data that it handles relational database systems implement access control in the SQL language, using the GRANT and REVOKE commands. The GRANT command can be used to provide privileges to users.

Updated on 07-Mar-2022 09:56:55