Abstract--- We develop a formal framework of MAC policies in multilevel relational databases. We identify the important components of MAC policies and their desirable properties. The framework provides a basis for systematically specifying MAC policies and characterizing their potential mismatches. Based on the framework, we compare and unify the MAC policies and policy components that are proposed in the literature or imposed in existing systems. Our framework could be used to capture and resolve MAC policy mismatches in the trusted interoperation of heterogeneous multilevel relational databases.
|
409
|
Cryptography and Data Security
– Denning
- 1984
|
|
212
|
Principles of Database and
– Ullman
- 1989
|
|
117
|
Formal Models for Computer Security
– Landwehr
- 1981
|
|
97
|
M.: The seaview security model
– Denning, Lunt, et al.
- 1988
|
|
63
|
A logic for reasoning about security
– Glasgow, MacEwen, et al.
- 1992
|
|
44
|
R.S.: Polyinstantiation integrity in multilevel relations
– Jajodia, Sandhu
- 1990
|
|
26
|
Computational Issues in Secure Interoperation
– Gong, Qian
- 1996
|
|
20
|
A New Polyinstantiation Integrity Constraint for Multilevel Relations
– Sandhu, Jajodia, et al.
- 1990
|
|
20
|
Entity modeling in the MLS relational model
– Smith, Winslett
- 1992
|
|
17
|
Canonical security modeling for federated databases
– Pernul
- 1992
|
|
15
|
A Novel Decomposition of Multilevel Relations Into Single-Level Relations
– Jajodia, Sandhu
- 1991
|
|
15
|
Modeling security-relevant data semantics
– Smith
- 1990
|
|
12
|
The LDV secure relational DBMS model
– Haigh, O'Brien, et al.
- 1991
|
|
12
|
Inference channel-free integrity constraints in multilevel relational databases
– Qian
- 1994
|
|
12
|
Tuple-level vs. element-level classification
– Qian, Lunt
- 1993
|
|
10
|
Data base: Theory vs. interpretation
– Nicolas, Gallaire
- 1978
|
|
9
|
Integrity Versus Security in Multi-Level Secure Databases
– Meadows, Jajodia
- 1988
|
|
9
|
Use of an Experimental Policy workbench: Description and Preliminary Results
– Sibley, Michael, et al.
- 1992
|
|
9
|
A Nonmonotonic Typed Multilevel Logic for Multilevel Secure Database/Knowledge-Base Management Systems
– Thuraisingham
- 1991
|
|
7
|
Integrity and Secrecy: Fundamental Conflicts in the Database Environment
– Burns
- 1990
|
|
6
|
The semantics and expressive power of the MLR data model
– Chen, Sandhu
- 1995
|
|
6
|
ASD Views
– Garvey, Wu
- 1988
|
|
6
|
Multilevel data model for the trusted ONTOS prototype
– Schaefer, Martel, et al.
- 1995
|
|
5
|
Control of confidentiality in databases
– WISEMAN
- 1990
|
|
4
|
Secure Distributed Data Views Security Policy and Interpretation for DMBS for a Class A1
– Lunt, Neumann, et al.
- 1989
|
|
4
|
The structure of permissions: A normative framework for access rights
– Morris, McDermid
- 1991
|
|
4
|
A semantic framework of the multilevel secure relational model
– Qian, Lunt
- 1997
|
|
3
|
Integrating security policies
– Hosmer
- 1990
|
|
3
|
On the axiomatization of security policy: Some tentative observations about logic representation
– Michael, Sibley, et al.
- 1993
|
|
2
|
Eliminating polyinstantiation securely
– Sandhu, Jajodia
- 1992
|
|
1
|
Support for security modeling in information systems design
– Steinke, Jarke
- 1993
|
