Title :
On flow control mechanisms and their impacts upon statistical databases
Author :
Ding, Yiping ; Ting, T.C.
Author_Institution :
Dept. of Comput. Sci. & Eng., Connecticut Univ., Storrs, CT, USA
Abstract :
The effect of mixing two or more independently designed data security policies has not been well analyzed. There has been concern that it may create unexpected violations. The authors show that the widely used *-property flow control policy in multi-level data security systems can contribute to the compromise of statistical databases. They further conclude that additions of unclassified data into a statistical database alone may undermine inference control policies and mechanisms. Fundamental insights obtained from this study must be taken into account during data security policy analysis and formulation
Keywords :
data integrity; database management systems; security of data; statistical analysis; data security policy analysis; flow control policy; independently designed data security policies; inference control policies; multi-level data security systems; statistical databases; unclassified data; unexpected violations; Access control; Computer science; Control systems; Data engineering; Data security; Databases; Inference mechanisms; Information security; Information systems; Protection;
Conference_Titel :
Applied Computing, 1991., [Proceedings of the 1991] Symposium on
Conference_Location :
Kansas City, MO
Print_ISBN :
0-8186-2136-2
DOI :
10.1109/SOAC.1991.143867
