A multilevel secure relational data model based on views

Author

Pernul, G. ; Luef, G.

Author_Institution

Inst. of Stat. & Comput. Sci., Vienna Univ., Austria

fYear

1991

fDate

2-6 Dec 1991

Firstpage

166

Lastpage

177

Abstract

In order to overcome certain limitations when applied to relational databases, a data model is introduced that is not fully based on the bell-LaPadula security paradigm. The starting point is a conceptual relational database schema and a set of views, representing user groups and applications. Based on the definition of views, the relations of the conceptual schema are decomposed in a set of disjoint fragments. Fragments and views are the granularity of data to which they provide automated security labeling. In order to keep fragmented databases consistent during database update, they give algorithms useful to keep the integrity. Databases based on this model contain data at a variety of classifications, serve a set of users cleared only to access certain data items and may be implemented by using a general purpose database management system extended by a trusted component supporting mandatory access control

Keywords

data integrity; relational databases; security of data; automated security labeling; conceptual relational database schema; conceptual schema; fragmented databases; granularity of data; integrity; mandatory access control; multilevel secure relational data model; relational databases; security paradigm; trusted component; user groups; views; Access control; Data models; Data security; Database systems; Employee rights; Information security; Invasive software; Labeling; Protection; Relational databases;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1991. Proceedings., Seventh Annual

Conference_Location

San Antonio, TX

Print_ISBN

0-8186-2280-6

Type

conf

DOI

10.1109/CSAC.1991.213008

Filename

213008