Skip to main content
SpringerLink
Log in

Event Detection in Multilevel Secure Active Databases

  • Conference paper
Information Systems Security (ICISS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3803))

Included in the following conference series:

Abstract

The event-condition-action paradigm (also known as triggers or rules) is a powerful technology. It gives a database “active” capabilities – the ability to react automatically to changes in the database or in the environment. One potential use of this technology is in the area of multilevel secure (MLS) data processing, such as, military, where the subjects and objects are classified into different security levels and mandatory access control rules govern who has access to what. Although a lot of research appears in MLS databases, not much work has been done in the area of MLS active databases. In this paper, we look at one very important aspect of an MLS active database – event detection.

An MLS rule, like any other object in an MLS database, is associated with a security level. Events in an MLS database are also associated with security levels. Since an MLS rule can be triggered by an event that is at a different security level than the rule, we cannot use the event detection techniques designed for non-MLS active databases. Using such techniques cause illegal information flow. Our goal is to propose new algorithms that prevent such illegal information flow. We first present an approach to detect primitive events – events that cannot be decomposed. Different types of primitive events can be combined using the event composition operators to form composite events. We also describe how to detect composite events using event graphs in an MLS database.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agarwal, R., Gehani, N.: Ode (Object database and environment): The language and the data model. In: Proceedings of the ACM-SIGMOD International Conference on Management of Data, Portland, OR, pp. 36–45 (May 1989)

    Google Scholar 

  2. Berson, T.A., Lunt, T.F.: Multilevel Security for Knowledge-Based Systems. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 235–242 (April 1987)

    Google Scholar 

  3. Boulahia-Cuppens, N., Cuppens, F., Gabillon, A., Yazdanian, K.: Virtual View Model to Design a Secure Object-Oriented Database. In: Proceedings of the National Computer Security Conference, Baltimore, MD, pp. 66–76 (October 1994)

    Google Scholar 

  4. Buchman, A.P., Branding, H., Kundrass, T., Zimmermann, J.: REACH: A REal-time ACtive and Heterogeneous Mediator System. Bulletin of the IEEE Technical Committee on Data Engineering 15(4) (December 1992)

    Google Scholar 

  5. Ceri, S., Manthey, R.: Consolidated specification of Chimera, the conceptual interface of idea. Technical Report IDEA.DD.2P.004, Politecnico di Milano, Milan, Italy (June 1993)

    Google Scholar 

  6. Chakravarthy, S., Hanson, E., Su, S.Y.W.: Active data/knowledge base research at the University of Florida. Bulletin of the IEEE Technical Committee on Data Engineering 15(4), 35–39 (1992)

    Google Scholar 

  7. Collet, C., Coupaye, T., Svensen, T.: NAOS– efficient and modular reactive capabilities in an object-oriented database system. In: Proceedings of the Twentieth International Conference on Very Large Databases, Santiago, Chile, pp. 132–143 (1994)

    Google Scholar 

  8. Denning, D., Lunt, T.F.: A multilevel relational data model. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 220–234 (May 1987)

    Google Scholar 

  9. Dwyer, P.A., Gelatis, G.D., Thuraisingham, M.B.: Multilevel security in database management systems. Computers and Security 6(3), 252–260 (1987)

    Article  Google Scholar 

  10. Garvey, T.D., Lunt, T.F.: Multilevel Security for Knowledge-Based Systems. In: Proceedings of the Sixth Computer Security Applications Conference, Tucson, AZ, pp. 148–159 (December 1990)

    Google Scholar 

  11. Gatziu, S., Geppert, A., Dittrich, K.R.: Integrating active concepts into an object-oriented database system. In: Proceedings of the Third International Workshop on Database Programming Languages, Nafplion, Greece (August 1991)

    Google Scholar 

  12. Haigh, J.T., O’Brien, R.C., Thomsen, D.J.: The LDV Secure Relational DBMS Model. In: Jajodia, S., Landwehr, C.E. (eds.) Database Security IV: Status and Prospects, pp. 265–279. Elsevier Science Publishers B.V., North-Holland (1991)

    Google Scholar 

  13. Hanson, E.: Rule condition testing and action execution in Ariel. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, San Diego, CA, pp. 49–58 (June 1992)

    Google Scholar 

  14. Hsiao, D.K., Kohler, M.J., Stround, S.W.: Query Modifications as Means of Controlling Access to Multilevel Secure Databases. In: Jajodia, S., Landwehr, C.E. (eds.) Database Security IV: Status and Prospects, pp. 221–240, Elsevier Science Publishers B.V. North-Holland (1991)

    Google Scholar 

  15. Jajodia, S., Sandhu, R.: Toward a Multilevel Relational Data Model. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, Denver, CO, pp. 50–59 (1991)

    Google Scholar 

  16. Keefe, T.F., Tsai, W.T., Thuraisingham, M.B.: A Multilevel Security Model for Object-Oriented Systems. In: Proceedings of the National Computer Security Conference, Baltimore, MD, pp. 1–9 (October 1988)

    Google Scholar 

  17. McCarthy, D.R., Dayal, U.: The architecture of an active database management system. In: Proceedings of the ACM-SIGMOD International Conference on Management of Data, Portland, OR, pp. 215–224 (May 1989)

    Google Scholar 

  18. Millen, J.K., Lunt, T.F.: Security for Object-Oriented Database Systems. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 260–272 (May 1992)

    Google Scholar 

  19. Morgenstern, M.: Security and Inference in Multilevel Database and Knowledge-Base Systems. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, San Francisco, CA, pp. 357–373 (May 1987)

    Google Scholar 

  20. Ray, I.: Multi-level secure active database rules and its impact on the design of active databases. In: Proceedings of the Twentieth British National Conference On Databases, Coventry, U.K. (July 2003)

    Google Scholar 

  21. Rosenthal, A., Chakravarthy, S., Blaustein, B., Blakeley, J.: Situation monitoring for active databases. In: Proceedings of the Fifteenth International Conference On Very Large Databases, Amsterdam, The Netherlands, pp. 455–464 (August 1989)

    Google Scholar 

  22. Sandhu, R., Jajodia, S.: Referential Integrity in Multilevel Secure Databases. In: Proceedings of the National Computer Security Conference, Baltimore, MD, pp. 39–52 (September 1993)

    Google Scholar 

  23. Schlipper, L.M., Filsinger, J., Doshi, V.M.: A Multilevel Secure Database Management System Benchmark. In: Proceedings of the National Computer Security Conference, Baltimore, MD, pp. 399–408 (October 1992)

    Google Scholar 

  24. Smith, K., Winslett, M.: Multilevel secure rules: Integrating the multilevel and the active data model. Technical Report UIUCDCS-R-92-1732, University of Illinois, Urbana-Champaign, IL (March 1992)

    Google Scholar 

  25. Stachour, P.D., Thuraisingham, M.B.: Design of LDV: A Multilevel Secure Relational Database Management System. IEEE Transactions on Knowledge and Data Engineering 2(3), 190–209 (1990)

    Article  Google Scholar 

  26. Stonebraker, M., Kemnitz, G.: The POSTGRES Next-Generation Database Management System. Communications of the ACM 34(10), 78–92 (1991)

    Article  Google Scholar 

  27. Widom, J.: The Starburst Rule System: Language Design, Implementation and Application. Bulletin of the IEEE Technical Committee on Data Engineering 15(4), 15–18 (1992)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Colorado State University, Fort Collins, CO, 80523-1873, USA

    Indrakshi Ray & Wei Huang

Authors
  1. Indrakshi Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wei Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, VA 22030, Fairfax, USA

    Sushil Jajodia

  2. Jadavpur University, 7000032, Kolkata, India

    Chandan Mazumdar

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ray, I., Huang, W. (2005). Event Detection in Multilevel Secure Active Databases. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2005. Lecture Notes in Computer Science, vol 3803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11593980_13

Download citation

  • DOI: https://doi.org/10.1007/11593980_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30706-8

  • Online ISBN: 978-3-540-32422-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation