论文信息 - A Logical Formalization of Integrity Policies for Database Management Systems

A Logical Formalization of Integrity Policies for Database Management Systems

This paper presents a model to specify integrity policies for database management systems. This model makes it possible to (1) assign an integrity level to each user -this integrity level depends on the data this agent is authorized to update, (2) define updating permissions and prohibitions associated with each user -in particular we show that permission and prohibition to update may be independent from the user’s integrity level, (3) define a policy to manage how integrity evolves in time. Our model is compared with classical approach, such as Biba and Clark-Wilson. In particular, we do not follow Biba: in our model, a subject may be authorized to update data even if its integrity level is not higher than or equal to the integrity level of the data.

Frédéric Cuppens | Claire Saurel

[1] Suryanarayana M. Sripada,et al. A Metalogic Programming Approach to Reasoning about Time in Knowledge Bases , 1993, IJCAI.

[2] Roel Wieringa,et al. Deontic logic: a concise overview , 1994 .

[3] Elisa Bertino,et al. A Temporal Access Control Mechanism for Database Systems , 1996, IEEE Trans. Knowl. Data Eng..

[4] Brian F. Chellas. Modal Logic: Normal systems of modal logic , 1980 .

[5] Richard T. Snodgrass,et al. A taxonomy of time databases , 1985, SIGMOD Conference.

[6] David D. Clark,et al. A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[7] D. Elliott Bell,et al. Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[8] Ravi Sandhu,et al. Transaction control expressions for separation of duties , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[9] Z. G. Ruthberg,et al. Report of the Invitational Workshop on Data Integrity | NIST , 1989 .

[10] Christian S. Jensen,et al. On the Semantics of , 1996 .

[11] Sushil Jajodia,et al. Integrity principles and mechanisms in database management systems , 1991, Comput. Secur..

[12] Christian S. Jensen,et al. On the semantics of “now” in databases , 1996, TODS.