The Formal Model of DBMS Enforcing Multiple Security Polices
نویسندگان
چکیده
The formal security policy model and security analysis is necessary to help Database Management System (DBMS) to attain a higher assurance level. In this paper we develop a formal security model for a DBMS enforcing multiple security policies including mandatory multilevel security policy, discretionary access control policy and role based access control policy. A novel composition scheme of policies is introduced. And the security properties are comprehensively and accurately specified in terms of about 17 state invariants and state transition constraints. Furthermore, the security of the model is proved with the Z/EVES theorem prover.
منابع مشابه
Computationally secure multiple secret sharing: models, schemes, and formal security analysis
A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secur...
متن کاملWorSE: A Workbench for Model-based Security Engineering
IT systems with sophisticated security requirements increasingly apply problemspecific security policies for specifying, analyzing, and implementing security properties. Due to their key role for defining and enforcing strategic security concepts, security polices are extremely critical, and quality assets such as policy correctness or policy consistency are essential objectives in policy engin...
متن کاملA short introduction to two approaches in formal verification of security protocols: model checking and theorem proving
In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as n example of this...
متن کاملNoninterference , Transitivity , and Channel - Control Security Policies 1
We consider noninterference formulations of security policies [7] in which the “interferes” relation is intransitive. Such policies provide a formal basis for several real security concerns, such as channel control [17, 18], and assured pipelines [4]. We show that the appropriate formulation of noninterference for the intransitive case is that developed by Haigh and Young for “multidomain secur...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JSW
دوره 5 شماره
صفحات -
تاریخ انتشار 2010