Implementing the message filter object-oriented security model without trusted subjects (1992) [7 citations — 4 self]

Download:

by Roshan K. Thomas, Ravi S. S

Proc. of the IFIP 11.3 Workshop on Database Security

http://www.list.gmu.edu/confrnc/ifip/pdf_ver/i92oo.pdf

Add To MetaCart

Popular Tags

No tags have been applied to this document.

BibTeX | Add To MetaCart

@INPROCEEDINGS{Thomas92implementingthe,
    author = {Roshan K. Thomas and Ravi S. S},
    title = {Implementing the message filter object-oriented security model without trusted subjects},
    booktitle = {Proc. of the IFIP 11.3 Workshop on Database Security},
    year = {1992},
    pages = {15--34},
    publisher = {North-Holland}
}

Abstract:

We propose a new architectural framework and implementation scheme, for the message lter multilevel security model for object-oriented databases. Major complications in implementing the model arise from the intrinsic nature of object-oriented computations which are abstract and often involve arbitrarily complex write-up actions. Dealing with the timing of write-up operations has broad implications on security (due to the potential for signaling channels), integrity, and performance. A fundamental insight, gained in the course of our research, has been to close these channels by allowing concurrent computations in what is otherwise a logically sequential computation. However in closing these channels one has to meet the con icting goals of integrity and performance. Our earlier work investigated an architecture that called for a trusted subject (session manager) to manage a tree of concurrent multilevel computations generated by a user session. In this paper we provide an alternate achitecture that eliminates the need for trusted subjects and the associated central coordination and management of concurrent computations. This revised architecture is a kernelized one as no subject is exempted from the simplesecurity and? properties. Hence security comes for free while we continue to meet the additional con icting requirements for integrity and performance.

Citations

149	Development of an object-oriented DBMS – Maier, Stein, et al. - 1986
38	Integrating an Object-oriented Data Model With Multilevel Security – Jajodia, Kogan - 1990
11	et al. Features of the Orion objectoriented database system – Kim - 1989
10	A Multilevel Security Model For Object-Oriented Systems – Keefe, Tsai, et al. - 1988
9	Secure Knowledge-based Systems – Lunt, Millen - 1989
8	IRIS: An object-oriented database management system – Fisherman - 1987
7	Multilevel Secure Object-Oriented Data Model: Issues on Noncomposite Objects, Composite Objects, and Versioning – Thuraisingham - 1991
6	Supporting timing-channel free computations in multilevel secure object-oriented databases – Sandhu, Thomas, et al. - 1991
5	Prototyping the SODA security model – Keefe, Tsai - 1989
5	A Secure Kernelized Architecture for Multilevel Object-Oriented Databases – Sandhu, Thomas, et al. - 1991

View or Download | Add to My Collection | Correct Errors