This paper studies referential integrity in multilevel relations with element-level labeling. Our principal contribution is resolution of an impasse left by previous work in this area. We show that the previous work leaves us with a choice of either accepting referential ambiguity, or severely curtailing the modeling power of multilevel relations. We then show how to escape this impasse by elim...

The use of security policy enforcement mechanisms has been a topic in recent literature. Particular focus has been on the class of policies that can be enforced by these mechanisms but not on the security policy guiding the execution of the monitoring mechanisms. It has been a challenge to enforce information confidentiality in a multi-level secure system since malicious users can exploit cover...

Steele et al. (2005) describe a general framework for the analysis of correlated event histories, with an application to a study of partnership transitions and fertility among a cohort of British women. A multilevel multistate competing risks model is used to examine the relationship between prior fertility outcomes (the presence and characteristics of children and current pregnancy) and the di...

Since 1990, transaction processing in multilevel secure database management systems (DBMSs) has been receiving a great deal of attention from the database research community. Transaction processing in these systems requires modiication of conventional scheduling algorithms and commit protocols. These modiications are necessary because preserving the usual transaction properties when transaction...

Reeexive ow policies provide abstract characterizations of certain multilevel conndentiality requirements. This paper describes how reeexive ow policies can be used to construct and reason about large/complex multilevel policies. In particular, we describe how reeexive policies can be used to develop and reason about security policies for multilevel relational databases. Our approach facilitate...

A design environment for security critical database applications that should be implemented by using multilevel technology is proposed. For this purpose, the Entity-Relationship model is extended to capture security semantics. Important security semantics are defined and a language to express them in an ER model by means of security constraints is developed. The main contribution consists of th...

In a multilevel secure distributed database management system, users cleared at different security levels access and share a distributed database consisting of data at different sensitivity levels. An approach to assigning sensitivity levels, also called security levels, to data is one which utilizes constraints or classification rules. Security constraints provide an effective classification p...

Multilevel Security (MLS) is a capability that allows information with different classifications to be available in an information system, with users having different security clearances and authorizations, while preventing users from accessing information for which they are not cleared or authorized. It is a security policy that has grown out of research and development efforts funded mostly b...