Advertisement

Multilevel Secure Rules and Its Impact on the Design of Active Database Systems

  • Indrakshi Ray
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2712)

Abstract

The event-condition-action paradigm (also known as triggers or rules) gives a database “active” capabilities — the ability to react automatically to changes in the database or in the environment. One potential use of this technology is in the area of multilevel secure (MLS) data processing, such as, military, where the subjects and objects are classified into different security levels and mandatory access control rules govern who has access to what. Unfortunately, not much work has been done in the area of multilevel secure active database system. In this paper we define the structure of MLS rules and identify what effects these rules have on the execution semantics of an active database system. Such knowledge is essential before developing a multilevel secure active database system.

Keywords

Security Level Composite Event Execution Model Covert Channel Active Database 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    R. Agarwal and N. Gehani. Ode (Object database and environment): The language and the data model. In Proceedings of the ACM-SIGMOD International Conference on Management of Data, pages 36–45, Portland, OR, May 1989.Google Scholar
  2. 2.
    V. Atluri, S. Jajodia, T.F. Keefe, C. McCollum, and R. Mukkamala. Multilevel Secure Transaction Processing: Status and Prospects. In P. Samarati and R.S. Sandhu, editors, Database Security X: Status and Prospects, chapter 6, pages 79–98. Chapman & Hall, 1997.Google Scholar
  3. 3.
    D. E. Bell and L. J. LaPadula. Secure computer system: Unified exposition and multics interpretation. Technical Report MTR-2997, MITRE Corporation, Bedford, MA, July 1975.Google Scholar
  4. 4.
    T. A. Berson and T. F. Lunt. Multilevel Security for Knowledge-Based Systems. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 235–242, Oakland, CA, April 1987.Google Scholar
  5. 5.
    E. Bertino and S. Jajodia. Modeling Multilevel Entities using Single Level Objects. In Proceedings of the Third International Conference on Deductive and Object-Oriented Databases, volume 760 of Lecture Notes in Computer Science, pages 416–428, Phoenix, AZ, December 1993. Springer-Verlag.Google Scholar
  6. 6.
    N. Boulahia-Cuppens, F. Cuppens, A. Gabillon, and K. Yazdanian. Virtual View Model to Design a Secure Object-Oriented Database. In Proceedings of the National Computer Security Conference, pages 66–76, Baltimore, MD, October 1994.Google Scholar
  7. 7.
    A.P. Buchman, H. Branding, T. Kundrass, and J. Zimmermann. REACH: A REal-time ACtive and Heterogeneous Mediator System. Bulletin of the IEEE Technical Committee on Data Engineering, 15(4), December 1992.Google Scholar
  8. 8.
    S. Ceri and R. Manthey. Consolidated specification of Chimera, the conceptual interface of idea. Technical Report IDEA.DD.2P.004, Politecnico di Milano, Milan, Italy, June 1993.Google Scholar
  9. 9.
    S. Chakravarthy, E. Hanson, and S.Y.W. Su. Active data/knowledge base research at the University of Florida. Bulletin of the IEEE Technical Committee on Data Engineering, 15(4):35–39, December 1992.Google Scholar
  10. 10.
    C. Collet, T. Coupaye, and T. Svensen. NAOS—efficient and modular reactive capabilities in an object-oriented database system. In Proceedings of the Twentieth International Conference on Very Large Databases, pages 132–143, Santiago, Chile, 1994.Google Scholar
  11. 11.
    O. Costich and J. McDermott. Amultilevel transaction problem for multilevel secure database system and its solution for the replicated architecture. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 192–203, Oakland, CA, May 1992.Google Scholar
  12. 12.
    D. Denning and T. F. Lunt. A multilevel relational data model. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 220–234, Oakland, CA, May 1987.Google Scholar
  13. 13.
    P. A. Dwyer, G. D. Gelatis, and M. B. Thuraisingham. Multilevel security in database management systems. Computers and Security, 6(3):252–260, June 1987.CrossRefGoogle Scholar
  14. 14.
    T. D. Garvey and T. F. Lunt. Multilevel Security for Knowledge-Based Systems. In Proceedings of the Sixth Computer Security Applications Conference, pages 148–159, Tucson, AZ, December 1990.Google Scholar
  15. 15.
    S. Gatziu, A. Geppert, and K. R. Dittrich. Integrating active concepts into an object-oriented database system. In Proceedings of the Third International Workshop on Database Programming Languages, Nafplion, Greece, August 1991.Google Scholar
  16. 16.
    J. T. Haigh, R. C. O’Brien, and D. J. Thomsen. The LDV Secure Relational DBMS Model. In S. Jajodia and C.E. Landwehr, editors, Database Security IV: Status and Prospects, pages 265–279. Elsevier Science Publishers B.V. (North-Holland), 1991.Google Scholar
  17. 17.
    E. Hanson. Rule condition testing and action execution in Ariel. In Proceedings of the ACM SIGMOD International Conference on Management of Data, pages 49–58, San Diego, CA, June 1992.Google Scholar
  18. 18.
    D. K. Hsiao, M. J. Kohler, and S.W. Stround. Query Modifications as Means of Controlling Access to Multilevel Secure Databases. In S. Jajodia and C.E. Landwehr, editors, Database Security IV: Status and Prospects, pages 221–240. Elsevier Science Publishers B.V. (North-Holland), 1991.Google Scholar
  19. 19.
    S. Jajodia and B. Kogan. Transaction Processing in Multilevel Secure Databases using Replicated Architecture. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 360–368, Oakland, CA, May 1990.Google Scholar
  20. 20.
    S. Jajodia and R. Sandhu. Polyinstantiation Integrity in Multilevel elations Revisited. In S. Jajodia and C.E. Landwehr, editors, Database Security IV: Status and Prospects, pages 297–307. Elsevier Science Publishers B.V. (North-Holland), 1991.Google Scholar
  21. 21.
    S. Jajodia and R. Sandhu. Toward a Multilevel Relational Data Model. In Proceedings of the ACM SIGMOD International Conference on Management of Data, pages 50–59, Denver, CO, 1991.Google Scholar
  22. 22.
    T. F. Keefe, W. T. Tsai, and M. B. Thuraisingham. A Multilevel Security Model for Object-Oriented Systems. In Proceedings of the National Computer Security Conference, pages 1–9, Baltimore, MD, October 1988.Google Scholar
  23. 23.
    T. F. Lunt and E. B. Fernandez. Database Security. SIGMOD Record, 19(4):90–97, December 1990.CrossRefGoogle Scholar
  24. 24.
    D.R. McCarthy and U. Dayal. The architecture of an active database management system. In Proceedings of the ACM-SIGMOD International Conference on Management of Data, pages 215–224, Portland, OR, May 1989.Google Scholar
  25. 25.
    J. K. Millen and T.F. Lunt. Security for Object-Oriented Database Systems. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 260–272, Oakland, CA, May 1992.Google Scholar
  26. 26.
    M. Morgenstern. Security and Inference in Multilevel Database and Knowledge-Base Systems. In Proceedings of the ACM SIGMOD International Conference on Management of Data, pages 357–373, San Francisco, CA, May 1987.Google Scholar
  27. 27.
    M. Morgenstern. A Security Moddel for Multilevel Object with Bidirectional Relationship. In S. Jajodia and C.E. Landwehr, editors, Database Security IV: Status and Prospects, pages 53–71. Elsevier Science Publishers B.V. (North-Holland), 1991.Google Scholar
  28. 28.
    M.S. Olivier and S. H. Von Solms. A Taxonomy for Secure Object-Oriented Databases. ACM Transactions on Database Systems, 19(1):3–46, March 1993.CrossRefGoogle Scholar
  29. 29.
    N.W. Paton and O. Diaz. Active Database Systems. ACM Computing Surveys, 31(1):63–103, 1999.CrossRefGoogle Scholar
  30. 30.
    A. Rosenthal, S. Chakravarthy, B. Blaustein, and J. Blakeley. Situation monitoring for active databases. In Proceedings of the Fifteenth International Conference On Very Large Databases, pages 455–464, Amsterdam, The Netherlands, August 1989.Google Scholar
  31. 31.
    R. Sandhu and S. Jajodia. Referential Integrity in Multilevel Secure Databases. In Proceedings of the National Computer Security Conference, pages 39–52, Baltimore, MD, September 1993.Google Scholar
  32. 32.
    L. M. Schlipper, J. Filsinger, and V. M. Doshi. A Multilevel Secure Database Management System Benchmark. In Proceedings of the National Computer Security Conference, pages 399–408, Baltimore, MD, October 1992.Google Scholar
  33. 33.
    K. Smith and M. Winslett. Multilevel secure rules: Integrating the multilevel and the active data model. Technical Report UIUCDCS-R-92-1732, University of Illinois, Urbana-Champaign, IL, March 1992.Google Scholar
  34. 34.
    P. D. Stachour and M. B. Thuraisingham. Design of LDV: A Multilevel Secure Relational Database Management System. IEEE Transactions on Knowledge and Data Engineering, 2(3):190–209, June 1990.CrossRefGoogle Scholar
  35. 35.
    M. Stonebraker and G. Kemnitz. The POSTGRES Next-Generation Database Management System. Communications of the ACM, 34(10):78–92, October 1991.CrossRefGoogle Scholar
  36. 36.
    M. B. Thuraisingham. Mandatory Security in Object-Oriented Database Systems. In Proceedings of the International Conference on Object-Oriented Programming Systems, Languages and Applications, pages 203–210, New Orleans, LA, October 1989.Google Scholar
  37. 37.
    J. Widom. The Starburst Rule System: Language Design, Implementation and Application. Bulletin of the IEEE Technical Committee on Data Engineering, 15(4):15–18, December 1992.Google Scholar
  38. 38.
    J. Widom and S. Ceri. Active Database Systems Triggers and Rules For Advanced Database Processing. Morgan Kaufmann, San Francisco, CA, 1996.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Indrakshi Ray
    • 1
  1. 1.Colorado State UniversityFort Collins

Personalised recommendations