Title :
A comparison of multilevel structured query language (SQL) implementations
Author :
Burns, Rae K. ; Koh, Yi-Fang
Author_Institution :
AGCS Inc., USA
Abstract :
The current commercial multilevel secure (MLS) database management system (DBMS) products provide extensions to SQL to support multilevel database applications. However, the DBMS vendors have implemented a variety of mechanisms that are both difficult to understand and ineffective in addressing a number of application concerns. The paper documents and compares the SQL extensions for Informix Online/Secure, Trusted Oracle, Trusted Rubix, and Sybase Secure SQL server. Based on the vendors´ current implementations, we have developed recommendations for an MLS SQL standard that would support interoperability both among the MLS DBMS products and with standard SQL client applications. We have also analyzed the vendors´ approaches to polyinstantiation and signaling channels; our recommendations include improved support for cover stories and better control of inherent signaling channels
Keywords :
SQL; distributed databases; open systems; security of data; DBMS vendors; Informix Online/Secure; MLS DBMS products; MLS SQL standard; SQL extensions; Sybase Secure SQL server; Trusted Oracle; Trusted Rubix; commercial multilevel secure database management system; cover stories; inherent signaling channels; interoperability; multilevel database applications; multilevel structured query language implementations; polyinstantiation; signaling channels; standard SQL client applications; Contracts; Database languages; Database systems; Labeling; Laboratories; Multilevel systems; National security; Signal analysis; Spatial databases; Standards development;
Conference_Titel :
Computer Security Applications Conference, 1996., 12th Annual
Conference_Location :
San Diego, CA
Print_ISBN :
0-8186-7606-X
DOI :
10.1109/CSAC.1996.569698
