A MAC policy framework for multilevel relational databases

IEEE Transactions on Knowledge and Data Engineering

Volumn 8, Issue 1, 1996, Pages 3-15

  Qian, Xiaolei ^a   Lunt, Teresa F ^b  

^a SRI INTERNATIONAL   (United States)

^b ARPA/ITO   (United States)

Author keywords

Inference channel; Integrity constraints; Mandatory access control; Multilevel databases; Security label semantics; Security policy

Indexed keywords

COMPUTATIONAL LINGUISTICS; CONSTRAINT THEORY; DATA ACQUISITION; DATA STRUCTURES; SECURITY OF DATA;

INFERENCE CHANNEL; INTEGRITY CONSTRAINTS; MANDATORY ACCESS CONTROL (MAC) POLICY; MULTILEVEL SECURITY; SECURITY LABEL SEMANTICS;

RELATIONAL DATABASE SYSTEMS;

EID: 0030087497     PISSN: 10414347     EISSN: None     Source Type: Journal    
DOI: 10.1109/69.485625     Document Type: Article

References (30)

1. R.K. Burns, "Integrity and secrecy: Fundamental conflicts in the database environment," Proc. Third RADC Database Security Workshop, pp. 37-40. The MITRE Corporation, 1990.
2. F. Chen and R.S. Sandhu, "The semantics and expressive power of the MLR data model," Proc. 1995 IEEE Symp. Security and Privacy, pp. 128-142, 1995.
3. D.E. Denning, Cryptography and Data Security. Addison-Wesley, 1982.
4. C. Garvey and A. Wu, "ASD views," Proc. 1988 IEEE Symp. Security and Privacy, pp. 85-95, 1988.
5. J. Glasgow, G. MacEwen, and P. Panangaden, "A logic for reasoning about security," ACM Trans. Computer Systems, vol. 10, no. 3, pp. 226-264, Aug. 1992.
6. L. Gong and X. Qian "The complexity and composability of secure interoperation," Proc. 1994 IEEE Symp. Research in Security and Privacy, pp. 190-200, 1994.
7. J.T. Haigh, R.C. O'Brien, and D.J. Thomsen, "The LDV secure relational DBMS model," Database Security, IV: Status and Prospects, S. Jajodia and C.E. Landwehr, eds., pp. 265-279. North-Holland, 1991.
8. H.H. Hosmer, "Integrating security policies," Proc. Third RADC Database Security Workshop, pp. 169-173. The MITRE Corporation, 1990.
9. S. Jajodia and R. Sandhu, "Polyinstantiation integrity in multilevel relations," Proc. 1990 IEEE Symp. Research in Security and Privacy, pp. 104-115, 1990.
10. S. Jajodia and R. Sandhu, "A novel decomposition of multilevel relations into single-level relations," Proc. 1991 IEEE Symp. Research in Security and Privacy, pp. 300-313, 1991.
11. C.E. Landwehr, "Formal models for computer security," ACM Computing Surveys, vol. 13, no. 3, pp. 247-278, Sept. 1981.
12. T.F. Lunt, D.E. Denning, R.R. Schell, M. Heckman, and W.R. Shockley, "The Seaview security model," IEEE Trans. Software Engineering, vol. 16, no. 6, pp. 593-607, June 1990.
13. T.F. Lunt, P.G. Neumann, D.E. Denning, R.R. Schell, M. Heckman, and W.R. Shockley, "Secure distributed data views: Security policy and interpretation for DBMS for a class A1 DBMS," Technical Report RADC-TR-89-313, vol. 1, Rome Air Development Center, Air Force Systems Command, Dec. 1989.
14. C. Meadows and S. Jajodia, "Integrity versus security in multilevel secure databases," Database Security: Status and Prospects, C.E. Landwehr, ed., pp. 89-101. North-Holland, 1988.
15. J.B. Michael, E.H. Sibley, R.F. Baum, and F. Li, "On the axiomatization of security policy: Some tentative observations about logic representation," Database Security, VI: Status and Prospects, B.M. Thuraisingham and C.E. Landwehr, eds., pp. 367-386. North-Holland, 1993.
16. P. Morris and J. McDermid, "The structure of permissions: A normative framework for access rights," Database Security, V: Status and Prospects, C.E. Landwehr and S. Jajodia, eds., pp. 77-97. North-Holland, 1992.
17. J.-M. Nicolas and H. Gallaire, "Data base: Theory vs. interpretation," Logic and Databases, H. Gallaire and J. Minker, eds., pp. 33-54. Plenum Press, 1978.
18. G. Pernul, "Canonical security modeling for federated databases," Proc. IFIP WG 2.6 Conf. Semantics of Interoperable Database Systems, 1992.
19. X. Qian, "Inference channel-free integrity constraints in multilevel relational databases," Proc. 1994 IEEE Symp. Research in Security and Privacy, pp. 158-167, 1994.
20. X. Qian and T.F. Lunt, "Tuple-level vs. element-level classification," Database Security, VI: Status and Prospects, B.M. Thuraisingham and C.E. Landwehr, eds., pp. 301-315. North-Holland, 1993.
21. X. Qian and T.F. Lunt, "A semantic framework of the multilevel secure relational model," IEEE Trans. Knowledge and Data Engineering, to appear.
22. R. Sandhu and S. Jajodia, "Eliminating polyinstantiation securely," Computers & Security, vol. 11, no. 6, pp. 547-562, Oct. 1992.
23. R. Sandhu, S. Jajodia, and T.F. Lunt, "A new polyinstantiation integrity constraint for multilevel relations," Proc. Third IEEE Workshop Computer Security Foundations, pp. 159-165, 1990.
24. E.H. Sibley, J.B. Michael, and R.L. Wexelblat, "Use of an experimental policy workbench: Description and preliminary results," Database Security, V: Status and Prospects, C.E. Landwehr and S. Jajodia, eds., pp. 47-76. North-Holland, 1992.
25. G. Smith, "Modeling security-relevant data semantics," IEEE Trans. Software Engineering, vol. 17, no. 11, pp. 1,195-1,203, Nov. 1991.
26. K. Smith and M. Winslett, "Entity modeling in the MLS relational model," Proc. 18th Int'l Conf. Very Large Data Bases, pp. 199-210, 1992.
27. G. Steinke and M. Jarke, "Support for security modeling in information systems design," Database Security, VI: Status and Prospects, B.M. Thuraisingham and C.E. Landwehr, eds., pp. 125-141. North-Holland, 1993.
28. B.M. Thuraisingham, "A nonmonotonic typed multilevel logic for multilevel secure database/knowledge-base management systems," Proc. Fourth IEEE Workshop Computer Security Foundations, pp. 127-138, 1991.
29. J.D. Ullman, Principles of Database and Knowledge Base Systems, vol. 1. Computer Science Press, 1988.
30. S.R. Wiseman, "Control of confidentiality in databases," Computers & Security, vol. 9, no. 6, pp. 529-537, Oct. 1990.