Toward a tool to detect and eliminate inference problems in the design of multilevel databases
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Tuple-level vs. element-level classification
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
Entity Modeling in the MLS Relational Model
VLDB '92 Proceedings of the 18th International Conference on Very Large Data Bases
Structured Name-Spaces in Secure Databases
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
The Effect of Confidentiality on the Structure of Databases
Proceedings of the IFIP WG 11.3 Thirteenth International Conference on Database Security: Research Advances in Database and Information Systems Security
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Comparing Two Information Flow Security Properties
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Hi-index | 0.00 |
The handling of classified paper-based documents follows well established mandatory security policies and the mandatory access control model of Bell and LaPadula convincingly demonstrates how to implement these policies in operating systems. In view of the many difficulties encountered by Sea View's attempt to provide full support for these policies in relational databases, this work pursues the less ambitious aim to use a relational database only for the management of classified documents in concordance with mandatory security policies. In the first part we present the options for the conceptual design of the database, ie the database scheme and the adaptation of the data manipulation language. In the second part we address operational aspects related to the possible use of the database by untrustworthy programs. This investigation yields valuable hints to the solution of the more complex problem of constructing a complete multi-level relational database with sound static and dynamic semantics.