A Nested Transaction Model for Multilevel Secure Database Management Systems

ACM Transactions on Information and System Security

Volumn 4, Issue 4, 2001, Pages 321-370

  Bertino, Elisa ^a   Catania, Barbara ^b   Ferrari, Elena ^c  

^a UNIVERSITY OF MILAN   (Italy)

^b UNIVERSITY OF GENOA   (Italy)

^c UNIVERSITY OF INSUBRIA   (Italy)

Author keywords

Concurrency control; Covert channels; Multilevel secure database management systems; Nested transactions; Security

Indexed keywords

EID: 84995455083     PISSN: 10949224     EISSN: 15577406     Source Type: Journal    
DOI: 10.1145/503339.503340     Document Type: Article

References (40)

1. Ahn, G. and Sandhu, R. 2000. Role-based authorization constraints specification. ACM Trans. Inf. Syst. Sec. 3, 4 (Nov.).
2. Baldwin, R. W. 1990. Naming and grouping privileges to simplify security management in large databases. In Proceedings of the Symposium on Security and Privacy, IEEE Press, Los Alamitos, Calif., 116-132.
3. Bell, D. and La Padula. 1976. Secure computer systems: Unified exposition and MULTICS. Tech. Rep. ESD-TR-75-306, The MITRE Corporation, Bedford, Mass., March.
4. Bertino, E., Bonatti, P., and Ferrari, E. 2000. TRBAC: A temporal role-based access control model. In Proceedings of the Fifth ACM Workshop on Role Based Access Control, 21-30.
5. Brewer, D. and Nash, M. 1989. The Chinese wall security policy. In Proceedings of the Symposium on Security and Privacy, IEEE Press, Los Alamitos, Calif., 215-228.
6. Chandramouli, R. and Sandhu, R. 1998. Role-based access control features in commercial database management systems. In Proceedings of the NIST-NSA National (USA) Computer Security Conference, 503-511.
7. Clark, D. and Wilson, D. 1987. A comparison of commercial and military computer security policies. In proceedings of the Symposium on Security and Privacy, IEEE Press, Los Alamitos, Calif., 184-194.
8. Faden, G. 1999. Rbac in Unix administration. In Proceedings of the Fourth ACM Workshop on Role Based Access Control, 95-101.
9. Feinstein, H. 1996. Final report: NIST small business innovative research (SBIR) grant: Role based access control: phase 2. SETA Corp., October.
10. Ferraiolo, D. and Kuhn, R. 1992. Role-based access control. In Proceedings of the NIST-NSA National (USA) Computer Security Conference, 554-563.
11. Ferraiolo, D., Barkley, J., and Kuhn, R. 1999. A role-based access control model and reference implementation within a corporate internet. ACM Trans. Inf. Syst. Sec. 2, 1.
12. Ferraiolo, D., Cugini, J., and Kuhn, R. 1995. Role-based access control: Features and motivations. In Proceedings of the Annual Computer Security Applications Conference, IEEE Press, Los Alamitos, Calif.
13. Ferraiolo, D., Gilbert, D., and Lynch, N. 1993. An examination of federal and commercial access control policy needs. In Proceedings of the NIST-NSA National (USA) Computer Security Conference, 107-116.
14. Gavrila, S. and Barkley, J. 1998. Formal specification for RBAC user/role and role relationship management. In Proceedings of the Third ACM Workshop on Role Based Access Control, 81-90.
15. Giuri, L. and Iglio, P. 1996. A formal model for role based access control with constraints. In Proceedings of the Computer Security Foundations Workshop, IEEE Press, Los Alamitos, Calif., 136-145.
16. Gligor, V. D., Gavrila, S. I., and Ferraiolo, D. F. 1998. On the formal definition of separation-of-duty policies and their composition. In Proceedings of the Symposium on Security and Privacy, IEEE Press, Los Alamitos, Calif.
17. Huang, W. and Atluri, V. 1999. A secure web-based workflow management system. In Proceedings of the Fourth ACM Workshop on Role Based Access Control, 83-84.
18. Jaeqer, T. 1999. On the increased importance of constraints. In Proceedings of the Fourth ACM Workshop on Role-Based Access Control (Oct.), 33-42.
19. Jaeger, T. and Tidswell, J. 2000. Rebuttal to the NIST RBAC model proposal. In proceedings of the Fifth ACM Workshop on Role-Based Access Control (Berlin, July), 65-66.
20. Joshi, J. B. D., Aref, W. G., Ghafoor, A., and Spafford, E. H. 2001a. Security models for web-based applications. Commun. ACM, 44, 2, Feb. 38-44.
21. Joshi, J., Ghafoor, A., Aref, W. G., and Spafford, E. H. 2001b. Digital government security infrastructure design challenges. IEEE Comput. 33, 2, Feb. 66-72.
22. Kuhn, D. R. 1998. Role based access control on MLS systems without kernel changes. In Proceedings of the ACM Workshop on Role Based Access Control (Oct. 22-23), 25-32.
23. Kuhn, R. 1997. Mutual exclusion as a means of implementing separation of duty requirements in role based access control systems. In Proceedings of the Second ACM Workshop on Role Based Access Control, 23-30.
24. Lampson, B. 1974. Protection. ACM Oper. Syst. Rev. 8, 1, 18-24.
25. McCollum, C., Messing, J., and Notargiacomo, L. 1990. Beyond the pale of MAC and DAC-Defining new forms of access control. In Proceedings of the Symposium on Security and Privacy, IEEE Press, Los Alamitos, Calif., 190-900.
26. Moffett., J. D. 1998. Control principles and role hierarchies. In Proceedings of the Third ACM Workshop on Role-Based Access Control (Fairfax, V., Oct. 22-23), 63-69.
27. Nyanchama, M. and Osborn, S. 1994. Access rights administration in role-based security systems. In Database Security, VIII: Status and Prospects, J. Biskup, M. Morgenstern, and C. E. Landwehr, Eds., North-Holland, 37-56.
28. Nyanchama, M. and Osborn, S. 1999. The graph model and conflicts of interest. ACM Trans. Inf. Syst. Sec. 2, 1.
29. Osborn, S., Sandhu, R., and Munawer, Q. 2000. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans. Inf. Syst. Sec. 3, 2.
30. Sandhu, R. and Bhamidipati, V. 1997. Role-based administration of user-role assignment: the URA97 model and its oracle implementation. J. Compu. Sec. 7.
31. Sandhu, R. 1998a. Role activation hierarchies. In Proceedings of the Third ACM Workshop on Role-Based Access Control (Fairfax, V., Oct. 22-23), 33-40.
32. Sandhu, R. 1998b. Role-based access control. In Advances in Computers, vol. 46, M. Zelkowitz Eds. Academic, 237-286.
33. Sandhu, R. 1988. Transaction control expressions for separation of duties. In Proceedings of the Fourth Aerospace Computer Security Applications Conference (Orlando, Fla.). IEEE Computer Society Press, Dec. Los Alamitos, Calif., 282-286.
34. Sandhu, R., Bhamidipati, V., and Munawer, Q. 1999. The ARBAC97 model for role-based administration of roles. ACM Trans. Inf. Sys. Sec. 2, 1, (Feb.), 105-135.
35. Sandhu, R., Coyne, E., Feinstein, H., and Youman, C. 1996. Role-based access control models. IEEE Comput., 29, (2), (Feb).
36. Sandhu, R., Ferraiolo, D., and Kuhn, R. 2000. The NIST model for role-based access control: Towards a unified standard. In Proceedings of the Fifth ACM Workshop on Role-Based Access Control (Berlin, July), 47-63.
37. Simon, R. and Zurko, R. 1997. Separation of duty in role based access control environments. In Proceedings of New Security Paradigms Workshop, (Sept.).
38. Smith, C., Coyne, E., Youman, C., and Ganta, S. 1996. Market analysis report: NIST small business innovative research (SBIR) grant: Role based access control: Phase 2. A marketing survey of civil federal government organizations to determine the need for role-based access control security product, SETA Corp., July.
39. Thomsen, D. J. 1991. Role-based application design and enforcement. In Database Security, IV: Status and Prospects, S. Jajodia and C. E. Landwehr, Eds., North-Holland, 151-168.
40. Ting, T. C., Demurjian, S. A., and Hu, M. Y. 1992. Requirements capabilities and functionalities of user-role based security for an object-oriented design model. In Database Security, IV: Status and Prospects, S. Jajodia and C. E. Landwehr, Eds., North-Holland, 275-296.