A Logical Approach to Model a Multilevel Object-Oriented Database

In the context of OODB (Object-Oriented DataBases), several multilevel security models appeared in the literature. In this paper, we are mainly interested in the MultiView model [BCCGY93, BCCGY94a]. Our first objective is not to propose a new security model but rather to present the MultiView model in a formal way. Another objective is to extend the MultiView model to include new security functionalities, in particular the protection of the database schema. Our approach can be sum up as follows. We propose a language based on first-order logic to represent an OODB content and specify integrity constraints which must be enforced in an OODB. A first security model called Single-View is then defined. In this security model, every atomic formula of the language used to represent the OODB is a piece of information we may associate with a classification level. We also derive general theorems which must be enforced when classifying each piece of information. Finally, we show how to refine the Single-View model to obtain the MultiView model. We give a sketch of implementation of the MultiView model.

[1]  José Meseguer,et al.  A logical semantics for object-oriented databases , 1993, SIGMOD '93.

[2]  Bhavani M. Thuraisingham,et al.  SODA: A secure object-oriented database system , 1989, Comput. Secur..

[3]  Elisa Bertino,et al.  Collecting garbage in multilevel secure object stores , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Wei-Tek Tsai,et al.  Multiversion concurrency control for multilevel secure database systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[5]  Frédéric Cuppens,et al.  Providing Consistent Views in a Polyinstantiated Database , 1994, Database Security.

[6]  Jonathan K. Millen,et al.  Security for object-oriented database systems , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[7]  Martin S. Olivier,et al.  A taxonomy for secure object-oriented databases , 1994, TODS.

[8]  Nora Cuppens-Boulahia,et al.  Decomposition of Multilevel Objects in an Object-Oriented Database , 1994, ESORICS.

[9]  Teresa F. Lunt,et al.  Multilevel Security for Object-Oriented Database Systems , 1989, Database Security.

[10]  Nora Cuppens-Boulahia,et al.  Virtual View Model to Design a Secure Object-Oriented Database , 1995 .

[11]  Marvin Schaefer,et al.  Multilevel Data Model for the Trusted ONTOS Prototype , 1995, DBSec.

[12]  Teresa F. Lunt,et al.  Polyinstantiation: an inevitable part of a multilevel world , 1991, Proceedings Computer Security Foundations Workshop IV.

[13]  Frédéric Cuppens,et al.  How to recognize interesting topics to provide cooperative answering , 1989, Inf. Syst..

[14]  Roel Wieringa,et al.  A Formalization of Objects Using Equational Dynamic Logic , 1991, DOOD.

[15]  Elisa Bertino,et al.  Modeling Multilevel Entities Using Single Level Objects , 1993, DOOD.

[16]  Sushil Jajodia,et al.  A two snapshot algorithm for concurrency control in multi-level secure databases , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[17]  Sushil Jajodia,et al.  Orange Locking: Channel-Free Database Concurrency Control Via Locking , 1992, DBSec.

[18]  Nora Cuppens-Boulahia,et al.  MultiView model for object-oriented database , 1993, Proceedings of 9th Annual Computer Security Applications Conference.

[19]  Dan Thomsen,et al.  The LDV Secure Relational DBMS Model , 1990, DBSec.