Assigning probabilities for assurance in MLS database design

The author discusses the management of a possible breach of the security policy in multilevel secure systems using data managed by a database management system. Systems containing a multilevel secure database are subject to compromise when data collections from the database are used to obtain data values classified at higher security levels. There are two types of such problems, described as aggregation and inference problems. The cost of eliminating these problems by considering every case is exponential, so an approach of risk estimation based upon a probability measure should be considered. Probability has two orthogonal interpretations known as Pascalian and Baconian, suited respectively to aggregation and inference. Using the functional data model as the mathematical description of databases, formalisms for mapping measures of each to a database are provided. Mappings are presented that represent the probability semantics of each type of probability measure