Inference attacks mean that a user derives information on the execution results of unauthorized queries from the execution results of authorized queries. Most of the studies on inference attacks so far have focused on only inference of positive information (i.e., what value is the execution result of a given unauthorized query). However, negative information (i.e., what value is never the execution result of a given unauthorized query) is also sensitive in many cases. This paper presents the following results on the security against inference attacks on negative information in object-oriented databases. First, inference of negative information is formalized under a model of object-oriented databases called method schemas. Then, the following two types of security problems are defined: (1) Is a given database instance secure against inference attacks on given negative information? (2) Are all of the database instances of a given database schema secure against inference attacks on given negative information? It is shown that the first problem is decidable in polynomial time in the description size of the database instance while the second one is undecidable. A decidable sufficient condition for any database instance of a given database schema to be secure is also proposed. Finally, it is shown that for a monadic schema (i.e., every method has exactly one parameter), this sufficient condition is also a necessary one.

Detecting the possibility of inference attacks is necessary in order to keep a database secure. Inference attacks mean that a user tries to infer the result of an unauthorized queries to the user. For method schemas, which are a formal model of object-oriented databases, it is known that the security problem against inference attacks is decidable in polynomial time in the size of a given database instance. However, when the database instance or authorization has slightly been updated, it is not desirable to check the entire database again for efficiency. In this paper, we propose several sufficient conditions for update operations to preserve the security. Furthermore, we show that some of the proposed sufficient conditions can be decided much more efficiently than the entire security check. Thus, the sufficient conditions are useful for incremental security checking.

Method invocation mechanism is one of the essential features in object-oriented programming languages. This mechanism contributes to data encapsulation and code reuse, but there is a risk of runtime type errors. In the case of object-oriented databases (OODBs), a runtime error causes rollback. Therefore, it is desirable to ensure that a given OODB schema is consistent, i.e., no runtime error occurs during the execution of queries under any database instance of the OODB schema. This paper discusses the computational complexity of the type-consistency problem. As a model of OODB schemas, we adopt update schemas introduced by Hull et al., which have all of the basic features of OODBs such as class hierarchy, inheritance, complex objects, and so on. The type-consistency problem for update schemas is known to be undecidable. We introduce a subclass of update schemas, called acyclic schemas, and show that the type-consistency problem for acyclic schemas is in coNEXPTIME. Furthermore, we show that the problem for recursion-free acyclic schemas is coNEXPTIME-hard and the problem for retrieval acyclic schemas is PSPACE-complete.

In this paper, we propose a method for querying heterogeneous molecular biology databases. Since molecular biology data are distributed into multiple databases that represent different biological domains, it is highly desirable to integrate data together with the correlations between the domains. However, since the total amount of such databases is very large and the data contained are frequently updated, it is difficult to maintain the integration of the entire contents of the databases. Thus, we propose a method for dynamic integration based on user demand, which is expressed with an OQL-based query language. By restricting search space according to user demand, the cost of integration can be reduced considerably. Multiple databases also exhibit much heterogeneity, such as semantic mismatching between the database schemas. For example, many databases employ their own independent terminology. For this reason, it is usually required that the task for integrating data based on a user demand should be carried out transitively; first search each database for data that satisfy the demand, then repeatedly retrieve other data that match the previously found data across every database. To cope with this issue, we introduce two types of agents; a database agent and a user agent, which reside at each database and at a user, respectively. The integration task is performed by the agents; user agents generate demands for retrieving data based on the previous search results by database agents, and database agents search their databases for data that satisfy the demands received from the user agents. We have developed a prototype system on a network of workstations. The system integrates four databases; GenBank (a DNA nucleotide database), SWISS-PROT, PIR (protein amino-acid sequence databases), and PDB (a protein three-dimensional structure database). Although the sizes of GenBank and PDB are each over one billion bytes, the system achieved good performance in searching such very large heterogeneous databases.

Support of collaborative work and management of spatio-temporal data has become one of the most interesting and important database applications, which is due to the tremendous progress of database and its surrounding technologies in the last decade. In this paper, we investigate the new generation database technologies that are needed to support such advanced applications. Because of the recent progress of virtual reality technology, virtual work spaces are now available. We examine a typical CSCW (Computer Supported Cooperative Work) fsystem to identify database problems that arise from it. We introduce typical approaches to database improvement based on the high-level view and the virtual reality technique. Also, in this paper, the following are introduced and discussed: the design and implementation of three- and four-dimensional spatio-temporal database systems, VRML (Virtual Reality Modeling Language) database systems, fast access methods to spatio-temporal data, and the interval-based approach to temporal multimedia databases.

Detecting security flaws is important in order to keep the database secure. A security flaw in object-oriented databases means that a user can infer the result of an unpermitted method only from permitted methods. Although a database management system enforces access control by an authorization, security flaws can occur under the authorization. The main aim of this paper is to show an efficient decision algorithm for detecting a security flaw under a given authorization. This problem is solvable in polynomial time in practical cases by reducing it to the congruence closure problem. This paper also mentions the problem of finding a maximal subset of a given authorization under which no security flaw exists.

Internet users have become well acquainted with the World Wide Web (WWW) system, and WWW has become the most significant service on the Internet. In the near future, the importance of large scale hypermedia database systems based on WWW technologies is expected to continue to increace. The present study focuses on the issue of managing hyperlink integrity constraints on WWW like hypermedia database systems. After formally defining path existence constraint definitions(PEDs) using intuitive examples, we apply the notion of PEDs to represent hyperlink integrity constraints. Intuitively, a PED can be used to represent the following integrity constraint. If a reference path exists in a given database, then another corresponding reference path must also exist. An outline of a prototype hypermedia database system, AYATORI, which is based on the proposed model and under development, is also mentioned.

Object-Oriented database systems (OODBMS) are well known for modeling complex and dynamic application domains. Typically OODBMS have to handle large and complex structured objects whose values and structures can change frequently. Consequently there is a high demand for systems which support temporal and versioning features in both objects (or database population) and schema. This paper presents a mechanism for accessing the temporal versioned objects stored in the database which supports schema versioning. The results shown here can be considered as a value-added extension of our model called TVOO described in detail in [1] and [2]. In contrast to conventional database models, in TVOO objects and classes are not physically discarded from the database after they are modified or deleted. They are time dependent and the history of the changes which occur on them are kept as Version hierarchies. Therefore our model enriches the database environment with temporal and versioning features. Also, an access mechanism which makes it possible to access any object under any schema version is defined in such a way that not only objects created under old versions of schema classes can be accessed from new versions, but also objects created by new schema class versions can be accessed from old versions of the respective class.

Development of large-scale software is usually conducted through a project to unite a work force. In addition, no matter what kind of life cycle model is employed, a development plan is required for a software development project in order for the united work force to function effectively. For the project to be successful, it is also necessary to set management objectives based on this plan and confirm that they are achieved. This method is considered to be effective, but actually making a software development project and following the achievement of the management objectives at each step is not easy because predicting the necessary work amount and risks that the project involves is difficult in software development. Therefore, it is necessary to develop a system to support software project management so that the project manager can manage the entire project and the work load is reduced. This paper proposes a meta-model of work structure of software development projects for project management by using an object-oriented database with constraints as well as a framework for software project management systems based on this meta-model. Also proven, through an example of a system that analyzes repercussions on progress of a software development project, is that the meta-model and framework are effective in software project management.

Many object-oriented database systems have used the notion of implicit authorization to avoid the overhead caused by explicitly storing all authorizations for each object. In implicit authorization, it is very important to detect efficiently conflicts between existing authorizations and new authorizations to be added. In this article we propose a conflict detection mechanism in the OODBMSs using implicit authorization with the notion of intention type authorization. When we grant an authorization on a node n in the database granularity hierarchy, the existing method is inefficient in determining the conflicts since it needs to examine all authorizations on the descendants of the node n. In contrast, our mechanism has the advantage of detecting the conflicts at the node n where an explicit authorization is to be granted without examining any authorizations below the node n. Thus, the proposed mechanism can detect a conflict with the average time complexity of O(d), which is smaller than O(md) of existing methods, where m is the number of children nodes at an arbitrary level and d is the difference of levels between the node with an existing explicit authorization and the higher node where an explicit authorization is to be granted. We also show that the additional storage overhead of storing all authorizations is negligible when compared with the total number of all explicit authorizations.

A detabase system that provides step-by-step guidance for LSI failure analysts has been developed. This system has three main functions: database, navigator, and chip tracking. The datebase stores failure analysis information such as analysis method and failure mechanisms including image data. It also stores conditions and results of each analysis step and decisions to proceeds to the next analysis step. With 2000 failure analysis cases, data retrieval takes 6.6 seconds, a table containing 20 photos is presented in 6.5 seconds, and a different set of data can be displayed in 0.6 seconds. The navigator displays a standard analysis procedure illustrated in flow charts.The chip tracking shows where the particular chip is and what analysis it is undergoing, which is useful for the situation where many chips are simultaneously analyzed. Thus, this system has good enough functions of analysis procedure management and performance of quick data access to make failure analysis easier and more successful.

As Object-Oriented Database Systems (OODBS) play an increasingly important role in advanced database systems, OODBS performance becomes a significant issue. It is well known that there is a strong relationship between performance and the concurrency control algorithms employed by the Database Management System (DBMS). Class Granularity Locking (CGL) and Class Hierarchy Granularity Locking (CHGL) are proposed as the concurrency control algorithms for OODBS to minimize the locking overhead. However, their basic characteristics, including the licking overhead and concurrency, have not been extensively investigated and it is not known which one is most appropriate for the general case. In this paper, we construct a simulation model for OODBS and carry out several performance evaluation studies on these two Class-Hierarchy Locking protocols and the Non Class-Hierarchy Locking (NCL) protocol. The NCL protocal is a variation of the conventional two phase locking protocol being applied to OODBS data structures.

Flora is a functional-style language for object and relational algebra. It has been designed for efficient support of advanced database languages combining rules and objects using compilation and optimization. Flora is a strongly typed language based on an OO data model and incorporating support for collection-oriented computational capabilities. In this paper, we describe the design and architecture of the Flora optimizer which is rule-based, yet doing cost-based optimization. The optimizer uniformly captures logical, semantic and implementation knowledge regarding the execution system and the applications by means of assertions. This framework eases extensibility and enables efficient query rewriting.

For a complex object model, a form of range restriction, called specialization constraint (SC), has been studied. On the other hand, very few models have been proposed that support selective inheritance. In this paper, the following consideration is taken into SCs for a complex object medel suppoorting selective inheritance. A polynomial-time algorithm is given for deciding if a given database schema is well-formed. A sound and complete axiomatization for SCs is presented. A polynomial-time algorithm is given that decides if an SC is a logical consequence of a set of SCs. Finally, another polynomial-time algorithm is given, which decides if there exists a database that contains a given path from a given class.

This paper discusses an object-oriented approach to temporal multimedia data modeling in OMEGA; a multimedia database management under development at the University of Library and Information Science. An object-orientated approach is necessary to integrate various types of heterogeneous multimedia data, but it has become clear that current object-oriented data models are not sufficient to represent multimedia data, particularly when they are temporal. For instance, the current object-oriented data models cannot describe objects whose attribute values change time-dependently. Also, they cannot represent temporal relationships among temporal multimedia objects. We characterize temporal objects as instances of a subclass of class TimeInterval with the temporal attributes and the temporal relationships. This temporal multimedia data model is designed upward compatible with the ODMG-93 standard object model. To organize a temporal multimedia database, a five temporal axes model for representing temporal multimedia objects is also introduced. The five temporal axes--an absolute, an internal, a quasi-, a physical, and a presentation time axis--are necessary to describe time-dependent properties of multimedia objects in modeling, implementing and use. A concrete example of this organization method is also illustrated.

For a complex object model, a form of range restriction called specialization constraint (SC), has been proposed, which is associated not only with the properties themselves but also with property value paths. The domain and range of an SC, however, were limited to single classes. In this paper, SCs are generalized to have sets of classes as their domains and ranges. Let Σ be a set of SCs, where each SC in Σ has a set of classes as its domain and a non-empty set of classes as its range. It is proved that an SC is a logical consequence of Σ if and only if it is a finite logical consequence of Σ. Then a sound and complete axiomatization for SCs is presented. Finally, a polynomial-time algorithm is given, which decides whether or not an SC is a logical consequence of Σ.

The security problems of object-oriented database system are investigated and security level assignment constraints and an access control mechanism based on the multilevel access control security policy are proposed. The proposed mechanism uses the Trusted Computing Base. A unique feature of the mechanism is that security levels are assigned not only to data items (objects), but also to methods and methods are not shown to the users whose security level is lower than that of the methods. And we distinguish between the security level of a variable in a class and that in an instance and distinguish between the level of an object when it is taken by itself and it is taken as a variable or an element of another complex object. All of this realizes the policy of multilevel access control.

A new indexing technique for rapid evaluation of nested query on composite object is propoced, reducing the overall cost for retrieval and update. An extended B+ tree is introduced in which object identifier (OID) to be searched and path information usud for update of index record are stored in leaf node and subleaf node, respectively. In this method, the retrieval oeration is applied only for OIDs in the leaf node. The index records of both leaf and subleaf nodes are updated in such a way that the path information in the subleaf node and OIDs in the leaf node are reorganized by deleting and inserting the OIDs. The techniaue presented offers advantages over currently related indexing techniques in data reorganization and index allocation. In the proposed index record, the OIDs to be reorganized are always consecutively provided, and thus only the record directory is updated when an entire page should be removed. In addition, the proposed index can be allocate to a path with the length greater than 3 without splitting the path. Comparisons under a variety of conditions are given with current indexing techniques, showing improved performance in cost, i.e., the total number of pages accessed for retrieval and update.