Toward a multilevel secure relational data model

Although there are several efforts underway to build multilevel secure relational database management systems, there is no clear consensus regarding what a multilevel secure relational data model exactly is. In part this lack of consensus on fundamental issues reflects the subtleties involved in extending the classical (single-level) relational model to a multilevel environment. Our aim in this paper is to discuss the most fundamental aspects of the multilevel secure relational model. Specifically, we consider two requirements: entit y integrity and update semantics. Our overall goal is to preserve as much as possible the simplicity and flexibility of the relational model without sacrificing security in the process.

[1]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[2]  Bradford W. Wade,et al.  An authorization mechanism for a relational database system , 1976, TODS.

[3]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[4]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[5]  Dorothy E. Denning,et al.  A Multilevel Relational Data Model , 1987, 1987 IEEE Symposium on Security and Privacy.

[6]  Dorothy E. Denning,et al.  The SeaView security model , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[7]  Won Kim,et al.  A Model of Authorization for Object-Oriented and Semantic Databases , 1988, EDBT.

[8]  Donovan Hsieh,et al.  Update Semantics for a Multilevel Relational Database System , 1990, Database Security.

[9]  Sushil Jajodia,et al.  Database Security: Current Status and Key Issues , 1990, SIGMOD record.

[10]  Dorothy E. Denning,et al.  The SeaView Security Model , 1990, IEEE Trans. Software Eng..

[11]  Sushil Jajodia,et al.  A new polyinstantiation integrity constraint for multilevel relations , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[12]  Dan Thomsen,et al.  The LDV Secure Relational DBMS Model , 1990, DBSec.

[13]  Sushil Jajodia,et al.  Update semantics for multilevel relations , 1990, [1990] Proceedings of the Sixth Annual Computer Security Applications Conference.

[14]  Sushil Jajodia,et al.  Polyinstantiation integrity in multilevel relations , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[15]  Database Security, IV: Status and Prospects. Results of the IFIP WG 11.3 Workshop on Database Security, Halifax, UK, September 18-21, 1990 , 1991, DBSec.