Organizing MLS databases from a data modelling point of view

The conceptual and logical design of multilevel secure (MLS) database applications are treated in an integrated way. For the conceptual design, a powerful semantic data model is suggested in order to represent the data and security semantics of the application domain. For the logical design, a two-phase approach is developed. Phase one consists of the transformation of the database conceptualization into multilevel relational concepts, while phase two is concerned with integrity management. Enforcing the integrity in MLS databases is known to be a difficult task. Careful data modelling is a necessary prerequisite in order to arrive at consistent and secure MLS applications.<<ETX>>

[1]  Bhavani M. Thuraisingham,et al.  Applying OMT for Designing Multilevel Database Applications , 1993, DBSec.

[2]  Shamkant B. Navathe,et al.  Conceptual Database Design: An Entity-Relationship Approach , 1991 .

[3]  Sushil Jajodia,et al.  Database Security: Status and Prospects: Proceedings of the IFIP Tc11 4th Working Conference, Halifax, U. K., 18-21 Sept., 1990 , 1991 .

[4]  Simon R. Wiseman,et al.  Database design and MLS DBMSs: an unhappy alliance? , 1993, Proceedings of 9th Annual Computer Security Applications Conference.

[5]  Gary W. Smith,et al.  Modeling security-relevant data semantics , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[6]  Peter P. Chen The Entity-Relationship Model: Towards a unified view of Data , 1976 .

[7]  Günther Pernul,et al.  Security constraint processing during multilevel secure database design , 1992, [1992] Proceedings Eighth Annual Computer Security Application Conference.

[8]  Peter P. Chen The entity-relationship model: toward a unified view of data , 1975, VLDB '75.

[9]  Simon R. Wiseman Abstract and Concrete Models for Secure Database Applications , 1991, DBSec.

[10]  Dorothy E. Denning,et al.  The SeaView Security Model , 1990, IEEE Trans. Software Eng..

[11]  Sushil Jajodia,et al.  Toward a multilevel secure relational data model , 1991, SIGMOD '91.

[12]  Maria Grazia Fugini Secure Database Development Methodologies , 1987, DBSec.

[13]  Peter J. Sell The SPEAR Data Design Method , 1992, DBSec.

[14]  G.W. Smith The semantic data model for security: representing the security semantics of an application , 1990, [1990] Proceedings. Sixth International Conference on Data Engineering.

[15]  A Min Tjoa,et al.  The Entity-Relationship Model for Multilevel Security , 1993, ER.

[16]  A Min Tjoa,et al.  The deductive filter approach to MLS database prototyping , 1993, Proceedings of 9th Annual Computer Security Applications Conference.