A probabilistic approach to assurance of database design

Author

Russell, Lucian

Author_Institution

Argonne Nat. Lab., IL, USA

fYear

1992

fDate

15-18 Jun 1992

Firstpage

37

Lastpage

45

Abstract

A probabilistic framework for decision-making is developed. It is based on the recognition that if it is impossible to consider every case in which security might be comprised, at the least a rational method of controlling estimated risk is desirable. Multilevel secure databases are considered. The author describes several principle aggregation and inference problems, and shows how the solutions are externalized to the database designer. These externalized problems are reformulated in a context of approximate reasoning or probability. An overview of probability issues is provided and classified into two orthogonal approaches. These concepts are applied to the database design problem, and policies are provided that can be used to control decision-making for controlling in turn the probability of database inference

Keywords

database management systems; security of data; aggregation problems; approximate reasoning; database design; database design problem; decision-making; estimated risk; inference problems; multilevel secure databases; probability; Computer security; Costs; Data security; Database systems; Decision making; Laboratories; Multilevel systems; National security; Operating systems; Relational databases;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Assurance, 1992. COMPASS '92. 'Systems Integrity, Software Safety and Process Security: Building the System Right.', Proceedings of the Seventh Annual Conference on

Conference_Location

Gaithersburg, MD

Print_ISBN

0-7803-0579-5

Type

conf

DOI

10.1109/CMPASS.1992.235763

Filename

235763