Page 1434 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1434
ships on patrol. Normally, this database contains the exact position of
each ship stored at the secret classification level. However, one
particular ship, the USS UpToNoGood, is on an undercover mission to
a top-secret location. Military commanders do not want anyone to
know that the ship deviated from its normal patrol. If the database
administrators simply change the classification of the UpToNoGood’s
location to top secret, a user with a secret clearance would know that
something unusual was going on when they couldn’t query the
location of the ship. However, if polyinstantiation is used, two records
could be inserted into the table. The first one, classified at the top-
secret level, would reflect the true location of the ship and be available
only to users with the appropriate top-secret security clearance. The
second record, classified at the secret level, would indicate that the
ship was on routine patrol and would be returned to users with a
secret clearance.
Finally, administrators can insert false or misleading data into a
DBMS in order to redirect or thwart information confidentiality
attacks. This is a concept known as noise and perturbation. You must
be extremely careful when using this technique to ensure that noise
inserted into the database does not affect business operations.
Open Database Connectivity
Open Database Connectivity (ODBC) is a database feature that allows
applications to communicate with different types of databases without
having to be directly programmed for interaction with each type.
ODBC acts as a proxy between applications and backend database
drivers, giving application programmers greater freedom in creating
solutions without having to worry about the backend database system.
Figure 20.9 illustrates the relationship between ODBC and a backend
database system.
