Integrating an object-oriented data model with multilevel security

A security model is presented for object-oriented database systems. This model is a departure from the traditional security models based on the passive-object active-subject paradigm. The model is a flow model whose main elements are objects and messages. An object combines the properties of a passive information repository with those of an active agent. Messages are the main instrument of information flow. The chief advantages of the proposed model are its compatibility with the object-oriented data model and the simplicity with which security policies can be stated and enforced.<<ETX>>