Toward a multilevel secure relational data model
SIGMOD '91 Proceedings of the 1991 ACM SIGMOD international conference on Management of data
Database security
Asserting beliefs in MLS relational models
ACM SIGMOD Record
Multilevel secure transaction processing: status and prospects
Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
The multilevel relational (MLR) data model
ACM Transactions on Information and System Security (TISSEC)
Concurrent reading and writing
Communications of the ACM
Information Security: An Integrated Collection of Essays
Information Security: An Integrated Collection of Essays
Advanced Transaction Processing in Multilevel Secure File Stores
IEEE Transactions on Knowledge and Data Engineering
Multilevel Secure Database Concurrency Control
Proceedings of the Sixth International Conference on Data Engineering
Entity Modeling in the MLS Relational Model
VLDB '92 Proceedings of the 18th International Conference on Very Large Data Bases
A Timestamp Ordering Algorithm for Secure, Single-Version, Multi-Level Databases
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
An introduction to multilevel secure relational database management systems
CASCON '04 Proceedings of the 2004 conference of the Centre for Advanced Studies on Collaborative research
Distribution-based methods of preserving data privacy in Distributed Spatial Data Warehouse
International Journal of Business Intelligence and Data Mining
A flexible mandatory access control policy for XML databases
Proceedings of the 2nd international conference on Scalable information systems
Enabling policy-based access control in BI applications
Data & Knowledge Engineering
P4A: A New Privacy Model for XML
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
A practical mandatory access control model for XML databases
Information Sciences: an International Journal
Efficient inference control for open relational queries
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Hi-index | 0.00 |
Mandatory Access Control (MAC) implementations in Relational Database Management Systems (RDBMS) have focused solely on Multilevel Security (MLS). MLS has posed a number of challenging problems to the database research community, and there has been an abundance of research work to address those problems. Unfortunately, the use of MLS RDBMS has been restricted to a few government organizations where MLS is of paramount importance such as the intelligence community and the Department of Defense. The implication of this is that the investment of building an MLS RDBMS cannot be leveraged to serve the needs of application domains where there is a desire to control access to objects based on the label associated with that object and the label associated with the subject accessing that object, but where the label access rules and the label structure do not necessarily match the MLS two security rules and the MLS label structure. This paper introduces a flexible and generic implementation of MAC in RDBMS that can be used to address the requirements from a variety of application domains, as well as to allow an RDBMS to efficiently take part in an end-to-end MAC enterprise solution. The paper also discusses the extensions made to the SQL compiler component of an RDBMS to incorporate the label access rules in the access plan it generates for an SQL query, and to prevent unauthorized leakage of data that could occur as a result of traditional optimization techniques performed by SQL compilers.