Title :
The SeaView security model
Author :
Lunt, Teresa F. ; Denning, Dorothy E. ; Schell, Roger R. ; Heckman, Mark ; Shockley, William R.
Author_Institution :
SRI Int., Menlo Park, CA, USA
fDate :
6/1/1990 12:00:00 AM
Abstract :
A multilevel database is intended to provide the security needed for database systems that contain data at a variety of classifications and serve a set of users having different clearances. A formal security model for such a system is described. The model is formulated in two layers, one corresponding to a reference monitor that enforces mandatory security, and the second an extension of the standard relational model defining multilevel relations and formalizing policies for labeling new and derived data, data consistency, and discretionary security. The model also defines application-independent properties for entity integrity, referential integrity, and polyinstantiation integrity
Keywords :
relational databases; security of data; software engineering; SeaView security model; application-independent properties; classifications; clearances; data consistency; derived data; discretionary security; entity integrity; formal security model; labeling; mandatory security; multilevel database; multilevel relations; new data; policy formalization; polyinstantiation integrity; reference monitor; referential integrity; standard relational model; users; Authorization; Data security; Database systems; Labeling; Military computing; Monitoring; Multilevel systems; Protection; Relational databases; Transaction databases;
Journal_Title :
Software Engineering, IEEE Transactions on
