Polyinstantation for Cover Stories

In this paper we study the use of polyinstantiation, for the purpose of implementing cover stories in multilevel secure relational database systems. We define a particular semantics for polyinstantiation called PCS (i.e., polyinstantiation for cover stories). PCS allows two alternatives for each attribute (or attribute group) of a multilevel entity: (i) no polyinstantiation, or (ii) polyinstantiation at the explicit request of a user to whom the polyinstantiation is visible. PCS strictly limits the extent of polyinstantiation by requiring that each entity in a multilevel relation has at most one tuple per security class. We demonstrate that PCS provides a natural, intuitive and useful technique for implementing cover stories. A particularly attractive feature of PCS is its run-time flexibility regarding the use of cover stories. A particular attribute may have cover stories for some entities and not for others. Even for the same entity, a particular attribute may be polyinstantiated at some time and not at other times.

[1]  Database Security, IV: Status and Prospects. Results of the IFIP WG 11.3 Workshop on Database Security, Halifax, UK, September 18-21, 1990 , 1991, DBSec.

[2]  Sushil Jajodia,et al.  Polyinstantiation integrity in multilevel relations , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Dan Thomsen,et al.  The LDV Secure Relational DBMS Model , 1990, DBSec.

[4]  Sushil Jajodia,et al.  Honest Databases That Can Keep Secrets , 1991 .

[5]  Sushil Jajodia,et al.  A new polyinstantiation integrity constraint for multilevel relations , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[6]  Dorothy E. Denning,et al.  The SeaView security model , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[7]  Ravi S. Sandhu,et al.  The schematic protection model: its definition and analysis for acyclic attenuating schemes , 1988, JACM.

[8]  Sushil Jajodia,et al.  Update semantics for multilevel relations , 1990, [1990] Proceedings of the Sixth Annual Computer Security Applications Conference.

[9]  Dorothy E. Denning,et al.  Lessons Learned from Modeling a Secure Multilevel Relational Database System , 1988, DBSec.

[10]  Sushil Jajodia,et al.  A formal framework for single level decomposition of multilevel relations , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[11]  Rae K. Burns Referential secrecy , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Donovan Hsieh,et al.  Update Semantics for a Multilevel Relational Database System , 1990, Database Security.

[13]  Frédéric Cuppens,et al.  A 'natural' decomposition of multi-level relations , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[14]  Sushil Jajodia,et al.  A novel decomposition of multilevel relations into single-level relations , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[15]  Teresa F. Lunt,et al.  Polyinstantiation: an inevitable part of a multilevel world , 1991, Proceedings Computer Security Foundations Workshop IV.

[16]  Dorothy E. Denning,et al.  A Multilevel Relational Data Model , 1987, 1987 IEEE Symposium on Security and Privacy.

[17]  Sushil Jajodia,et al.  Toward a multilevel secure relational data model , 1991, SIGMOD '91.

[18]  Sushil Jajodia,et al.  Database Security: Current Status and Key Issues , 1990, SIGMOD record.

[19]  Ravi S. Sandhu The typed access matrix model , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[20]  Sushil Jajodia,et al.  Polyinstantiation Integrity in Multilevel Relations Revisited , 1990, DBSec.

[21]  G. E. Gajnak Some results from the entity/relationship multilevel secure DBMS project , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[22]  Ravi S. Sandhu Enforcing Primary Key Requirements in Multilevel Relations , 1991 .

[23]  Simon R. Wiseman,et al.  On the Problem of Security in Data Bases , 1989, DBSec.