Title :
A probabilistic approach to assurance of database design
Author_Institution :
Argonne Nat. Lab., IL, USA
Abstract :
A probabilistic framework for decision-making is developed. It is based on the recognition that if it is impossible to consider every case in which security might be comprised, at the least a rational method of controlling estimated risk is desirable. Multilevel secure databases are considered. The author describes several principle aggregation and inference problems, and shows how the solutions are externalized to the database designer. These externalized problems are reformulated in a context of approximate reasoning or probability. An overview of probability issues is provided and classified into two orthogonal approaches. These concepts are applied to the database design problem, and policies are provided that can be used to control decision-making for controlling in turn the probability of database inference
Keywords :
database management systems; security of data; aggregation problems; approximate reasoning; database design; database design problem; decision-making; estimated risk; inference problems; multilevel secure databases; probability; Computer security; Costs; Data security; Database systems; Decision making; Laboratories; Multilevel systems; National security; Operating systems; Relational databases;
Conference_Titel :
Computer Assurance, 1992. COMPASS '92. 'Systems Integrity, Software Safety and Process Security: Building the System Right.', Proceedings of the Seventh Annual Conference on
Conference_Location :
Gaithersburg, MD
Print_ISBN :
0-7803-0579-5
DOI :
10.1109/CMPASS.1992.235763
