The instance-based multilevel security model

Authors:
Jeffrey Parsons;Jianmin Su
Affiliations:
Faculty of Business Administration, Memorial University of Newfoundland, St John's, Canada;Department of Computer Science, Memorial University of Newfoundland, St John's, Canada
Venue:
DESRIST'10 Proceedings of the 5th international conference on Global Perspectives on Design Science Research
Year:
2010

Citing 4
Cited 0

The SeaView Security Model

IEEE Transactions on Software Engineering
The multilevel relational (MLR) data model

ACM Transactions on Information and System Security (TISSEC)
Emancipating instances from the tyranny of classes in information modeling

ACM Transactions on Database Systems (TODS)
Fundamentals of Database Systems

Fundamentals of Database Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Managing data securely is a critical issue in modern organizations Multilevel database systems offer one approach to security that assigns various security levels or clearances to the data in a database and to users of a database The objective of multilevel databases is to share data that have been assigned different security levels, while preventing unauthorized access to data by a user with a given clearance level to data at a higher security classification Current models store information in different security levels separately to prevent unauthorized access to data by users at different levels However, leakages could still occur in cases such as those involving null values and those where sensitive data is included in the key field(s) of a relation In this research, we design a novel security model, the instance-based multilevel security model, to solve problems associated with existing security models We define the model, propose data access and integrity rules, and develop a two-layered access control method Finally, we prove that the model is secure and identify areas for future research.