Title :
A multilevel secure relational data model based on views
Author :
Pernul, G. ; Luef, G.
Author_Institution :
Inst. of Stat. & Comput. Sci., Vienna Univ., Austria
Abstract :
In order to overcome certain limitations when applied to relational databases, a data model is introduced that is not fully based on the bell-LaPadula security paradigm. The starting point is a conceptual relational database schema and a set of views, representing user groups and applications. Based on the definition of views, the relations of the conceptual schema are decomposed in a set of disjoint fragments. Fragments and views are the granularity of data to which they provide automated security labeling. In order to keep fragmented databases consistent during database update, they give algorithms useful to keep the integrity. Databases based on this model contain data at a variety of classifications, serve a set of users cleared only to access certain data items and may be implemented by using a general purpose database management system extended by a trusted component supporting mandatory access control
Keywords :
data integrity; relational databases; security of data; automated security labeling; conceptual relational database schema; conceptual schema; fragmented databases; granularity of data; integrity; mandatory access control; multilevel secure relational data model; relational databases; security paradigm; trusted component; user groups; views; Access control; Data models; Data security; Database systems; Employee rights; Information security; Invasive software; Labeling; Protection; Relational databases;
Conference_Titel :
Computer Security Applications Conference, 1991. Proceedings., Seventh Annual
Conference_Location :
San Antonio, TX
Print_ISBN :
0-8186-2280-6
DOI :
10.1109/CSAC.1991.213008
