Title :
Identifying and representing the security semantics of an application
Author_Institution :
Sch. of Inf. Technol. & Eng., George Mason Univ., Fairfax, VA, USA
Abstract :
The author approaches database security from the semantic level. He identifies the need to classify outputs from multilevel secure database systems at a level which accurately reflects the contents. Specifically, he addresses the question of what really makes information classified, that is, the security semantics of an application. A multidimensional taxonomy of generic secrecy constraints is presented with examples that illustrate application-specific security semantics. Using labels to represent security semantics is shown to be ambiguous and therefore ineffective. Representing security semantics external to the database is proposed and several approaches are discussed. Finally, the use of a semantic data model, on top of a logic-based representation, is proposed to explicitly represent the security semantics of an application
Keywords :
data integrity; database management systems; security of data; software reliability; application-specific; database security; generic secrecy constraints; logic-based representation; multidimensional taxonomy; multilevel secure database systems; security semantics; semantic data model; Computer security; Data engineering; Data models; Data security; Database systems; Information security; Information technology; Multidimensional systems; Operating systems; Taxonomy;
Conference_Titel :
Aerospace Computer Security Applications Conference, 1988., Fourth
Conference_Location :
Orlando, FL
Print_ISBN :
0-8186-0895-1
DOI :
10.1109/ACSAC.1988.113427
