Title :
Implications of multilevel systems on the data dictionary of a secure relational DBMS
Author :
Jensen, Nancy R.
Author_Institution :
TRW Defense Syst. Group, Redondo Beach, CA, USA
Abstract :
The security policy of a secure DBMS (database management system) states how users may access the database. The author concludes that the same security policies, enforced for access to user data are applicable to the data dictionary. A data dictionary that is subject to the rules of a general security policy is presented as an example. The semantics of associating a sensitivity label with information in the data dictionary are discussed, and some subtle side effects are revealed. Included among them are the relationship between the sensitivity label of a relation´s definition in the data dictionary and the sensitivity labels of the relation´s tuples, its discretionary access list, and the processes that read and write it. It is shown that polyinstantiation of data dictionary entries can occur, and alternative ways of dealing with it are proposed. Several other security-relevant data dictionary issues are discussed, including integrity and covert channels
Keywords :
data integrity; relational databases; security of data; covert channels; database management system; discretionary access list; integrity; multilevel systems; polyinstantiation; relation definition; relation tuples; secure relational DBMS; security policy; security-relevant data dictionary issues; semantics; sensitivity label; user data; Artificial intelligence; Certification; Data security; Database languages; Dictionaries; Information security; Multilevel systems; Prototypes; Relational databases; Variable speed drives;
Conference_Titel :
Aerospace Computer Security Applications Conference, 1988., Fourth
Conference_Location :
Orlando, FL
Print_ISBN :
0-8186-0895-1
DOI :
10.1109/ACSAC.1988.113418
