Security Constraints in a Multilevel Secure Distributed Database Management System

In a multilevel secure distributed database management system, users cleared at different security levels access and share a distributed database consisting of data at different sensitivity levels. An approach to assigning sensitivity levels, also called security levels, to data is one which utilizes constraints or classification rules. Security constraints provide an effective classification policy. They can be used to assign security levels to the data based on content, context, and time. We extend our previous work on security constraint processing in a centralized multilevel secure database management system by describing techniques for processing security constraints in a distributed environment during query, update, and database design operations. >

[1]  Bhavani M. Thuraisingham,et al.  Secure query-processing strategies , 1989, Computer.

[2]  J. W. Lloyd,et al.  Foundations of logic programming; (2nd extended ed.) , 1987 .

[3]  Stephen T. Walker Network Security Overview , 1985, 1985 IEEE Symposium on Security and Privacy.

[4]  Teresa F. Lunt Aggregation and inference: facts and fallacies , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[5]  Stefano Ceri,et al.  Distributed Databases: Principles and Systems , 1984 .

[6]  Thomas H. Hinke,et al.  Inference aggregation detection in database management systems , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[7]  Michael Stonebraker,et al.  Access control in a relational data base management system by query modification , 1974, ACM '74.

[8]  Jack Minker,et al.  Logic and Data Bases , 1978, Springer US.

[9]  Johann Eder,et al.  Logic and Databases , 1992, Advanced Topics in Artificial Intelligence.

[10]  Bhavani M. Thuraisingham Multilevel security issues in distributed database management systems II , 1991, Comput. Secur..

[11]  Bhavani M. Thuraisingham,et al.  Design of LDV: a multilevel secure relational database management system , 1990 .

[12]  Bhavani M. Thuraisingham,et al.  Multilevel Security in Database Management Systems , 1987, Comput. Secur..

[13]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[14]  Richard J. Johnstone,et al.  Key updating flags in EFT-POS security systems , 1987, Comput. Secur..

[15]  Gary W. Smith,et al.  Modeling security-relevant data semantics , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[16]  Bhavani M. Thuraisingham,et al.  Design and implementation of a query processor for a trusted distributed data base management system , 1993, J. Syst. Softw..

[17]  Bhavani M. Thuraisingham,et al.  Security checking in relational database management systems augmented with inference engines , 1987, Comput. Secur..

[18]  Bhavani M. Thuraisingham Towards the Design of a Secure Data/Knowledge Base Management System , 1990, Data Knowl. Eng..

[19]  John Grant,et al.  Foundations of Semantic Query Optimization for Deductive Databases , 1988, Foundations of Deductive Databases and Logic Programming..