Views for Multilevel Database Security
IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Principles of database and knowledge-base systems, Vol. I
Principles of database and knowledge-base systems, Vol. I
Tuple-level vs. element-level classification
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Assured discretionary access control for trusted RDBMS
Proceedings of the ninth annual IFIP TC11 WG11.3 working conference on Database security IX : status and prospects: status and prospects
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
Using Views in a Multilevel Secure Database Management System
SP '83 Proceedings of the 1983 IEEE Symposium on Security and Privacy
| Hi-index | 0.00 |
View-based access control enables content-based and context-based security, as opposed to container-based security provided in operating systems. However, view-based access control in multilevel secure (MLS) databases suffers from two problems: safety and assurance. We investigate view-based access control in MLS relational databases for a large class of views expressible as project-select-join queries. We develop a polynomial-time label compilation algorithm that transforms view-level labeling to tuple-level labeling in such a way that guarantees safety and high assurance. We identify two problems related to optimal label compilation, and show that they are both NP-complete even for totally ordered security lattices of size two.