Title :
Views for Multilevel Database Security
Author :
Denning, Dorothy E. ; Akl, Selim G. ; Heckman, Mark ; Lunt, Teresa F. ; Morgenstern, Matthew ; Neumann, Peter G. ; Schell, Roger R.
Author_Institution :
SRI International
Abstract :
Because views on relational database systems mathematically define arbitrary sets of stored and derived data, they have been proposed as a way of handling context-and content-dependent classification, dynamic classification, inference, aggregation, and sanitization in multilevel database systems. This paper describes basic view concepts for a multilevel-secure relational database model that addresses the above issues. All data entering the database are labeled according to views called classification constraints, which specify access classes for related data. In addition, views called aggregation constraints restrict access to aggregates of information. All data accesses are confined to a third set of views called access views.
Keywords :
Classification; multilevel security; protection; relational databases; security; views; Aggregates; Computer security; Data security; Database systems; Helium; Information security; Multilevel systems; National security; Protection; Relational databases; Classification; multilevel security; protection; relational databases; security; views;
Journal_Title :
Software Engineering, IEEE Transactions on
DOI :
10.1109/TSE.1987.232889
