Prototyping to explore MLS/DBMS design
نویسندگان
چکیده
This paper examines protoryping as a rcscarch tool for studying multilcvcl secure databases (MLS/DBMS). The paper proposes that an MLS/DSMS design can be quickly prototypcd in Prolog. The prototype is then used as a research tool to expcritnent with the policies and models of the MLVDBMS. To illustrate the principle, we built a Prolog prototype based on the dell and LaPadula model. This prototype emphasizes a modular security policy to encourage reuse for other security tncchanisnx. The prototype also supports an inference control mechanism. It has proved to be a useful research tool for studying MLS/DBMS policies aud models. Furthertnorc, since a prototype using Prolog can be built very quickly, WC suggest that future MLS/DRMS models be prototyped and studied before costly mistakes are incurred in a full-scale implcnicntation.
منابع مشابه
MLS DBMS Interoperability Study
Interoperability among heterogeneous databases is a fundamental requirement of many emerging Department of Defense (DoD) systems. Often these systems also have requirements for Multilevel-Secure (MLS) operation, where data is labeled to reflect its sensitivity level (e.g., UNCLASSIFIED, SECRET, etc.). The Air Force Rome Laboratory MLS Database Management System (DBMS) Interoperability Study has...
متن کاملDesign and Implementation of Multilevel Databases
This paper brie y describes ongoing research at GMU on the problem of designing and implementing multilevel databases. In a nutshell the objective of our research is to close the semantic gap between sophisticated requirements of MLS applications and the relatively meager facilities provided by emerging MLS DBMS products. There is a missing links in previous research in the MLS database arena. ...
متن کاملDesign and Implementation of a Database Inference Controller
The Inference Problem compromises database systems which are usually considered to be secure. Here, users pose sets of queries and infer unauthorized information from the responses that they obtain. An Inference Controller is a device that prevents and/or detects security violations via inference. We are particularly interested in the inference problem which occurs in a multilevel operating env...
متن کاملPerformance study of a COTS distributed DBMS adapted for multilevel security
Multilevel secure database management system (MLS/DBMS) products no longer enjoy direct commercial-off-the-shelf (COTS) support. Meanwhile, existing users of these MLS/DBMS products continue to rely on them to satisfy their multilevel security requirements. This calls for a new approach to developing MLS/DBMS systems, one that relies on adapting the features of existing COTS database products r...
متن کاملThe deductive filter approach to MLS database prototyping
of the database. The goal of the prototype is to achieve a concise and non-conflicting specification of the security constraints. Based on a concrete example of the application domain, the database designer and the security officer (or trusted users) are able to examine by using the prototype the adequacy of the database design and of the security classifications specified. In this paper we giv...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Computers & Security
دوره 8 شماره
صفحات -
تاریخ انتشار 1989