The deductive filter approach to MLS database prototyping

This paper proposes building a prototyping environment as part of the standard design process of multilevel secure database applications. For this paper we see the following contributions: First, based on a careful study of multilevel security requirements we developed a security constraints language (SCL) for specifying application dependent database security semantics. Second, we implemented SCL by using the deductive database systems LDL thereby offering a useful toolset with which a prototype of a multilevel secure relational database application can efficiently be developed. Prototyping will help the database designer to arrive at a consistent data classification and at a satisfactory database design.<<ETX>>

[1]  Gary W. Smith Modeling Security-Relevant Data Semantics , 1991, IEEE Trans. Software Eng..

[2]  Bhavani M. Thuraisingham,et al.  The Use of Conceptual Structures for Handling the Inference Problem , 1991, DBSec.

[3]  Günther Pernul,et al.  Security Constraint Processing in Multilevel Secure AMAC Schemata , 1992, ESORICS.

[4]  Frédéric Cuppens,et al.  A 'natural' decomposition of multi-level relations , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[5]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[6]  Bhavani M. Thuraisingham,et al.  Security constraint processing during the update operation in a multilevel secure database management system , 1991, Proceedings Seventh Annual Computer Security Applications Conference.

[7]  G.W. Smith The semantic data model for security: representing the security semantics of an application , 1990, [1990] Proceedings. Sixth International Conference on Data Engineering.

[8]  Shamim A. Naqvi,et al.  A Logical Language for Data and Knowledge Bases , 1989 .

[9]  Sushil Jajodia,et al.  Polyinstantiation Integrity in Multilevel Relations Revisited , 1990, DBSec.

[10]  G. E. Gajnak Some results from the entity/relationship multilevel secure DBMS project , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[11]  Carlo Zaniolo,et al.  The LDL System Prototype , 1990, IEEE Trans. Knowl. Data Eng..

[12]  Maria Grazia Fugini Secure Database Development Methodologies , 1987, DBSec.

[13]  Peter J. Sell The SPEAR Data Design Method , 1992, DBSec.

[14]  Peter P. Chen The Entity-Relationship Model: Towards a unified view of Data , 1976 .

[15]  Peter P. Chen The entity-relationship model: toward a unified view of data , 1975, VLDB '75.

[16]  A Min Tjoa,et al.  The Entity-Relationship Model for Multilevel Security , 1993, ER.

[17]  Gary W. Smith,et al.  Modeling security-relevant data semantics , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.