Abstract
The event-condition-action paradigm (also known as triggers or rules) is a powerful technology. It gives a database “active” capabilities – the ability to react automatically to changes in the database or in the environment. One potential use of this technology is in the area of multilevel secure (MLS) data processing, such as, military, where the subjects and objects are classified into different security levels and mandatory access control rules govern who has access to what. Although a lot of research appears in MLS databases, not much work has been done in the area of MLS active databases. In this paper, we look at one very important aspect of an MLS active database – event detection.
An MLS rule, like any other object in an MLS database, is associated with a security level. Events in an MLS database are also associated with security levels. Since an MLS rule can be triggered by an event that is at a different security level than the rule, we cannot use the event detection techniques designed for non-MLS active databases. Using such techniques cause illegal information flow. Our goal is to propose new algorithms that prevent such illegal information flow. We first present an approach to detect primitive events – events that cannot be decomposed. Different types of primitive events can be combined using the event composition operators to form composite events. We also describe how to detect composite events using event graphs in an MLS database.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Agarwal, R., Gehani, N.: Ode (Object database and environment): The language and the data model. In: Proceedings of the ACM-SIGMOD International Conference on Management of Data, Portland, OR, pp. 36–45 (May 1989)
Berson, T.A., Lunt, T.F.: Multilevel Security for Knowledge-Based Systems. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 235–242 (April 1987)
Boulahia-Cuppens, N., Cuppens, F., Gabillon, A., Yazdanian, K.: Virtual View Model to Design a Secure Object-Oriented Database. In: Proceedings of the National Computer Security Conference, Baltimore, MD, pp. 66–76 (October 1994)
Buchman, A.P., Branding, H., Kundrass, T., Zimmermann, J.: REACH: A REal-time ACtive and Heterogeneous Mediator System. Bulletin of the IEEE Technical Committee on Data Engineering 15(4) (December 1992)
Ceri, S., Manthey, R.: Consolidated specification of Chimera, the conceptual interface of idea. Technical Report IDEA.DD.2P.004, Politecnico di Milano, Milan, Italy (June 1993)
Chakravarthy, S., Hanson, E., Su, S.Y.W.: Active data/knowledge base research at the University of Florida. Bulletin of the IEEE Technical Committee on Data Engineering 15(4), 35–39 (1992)
Collet, C., Coupaye, T., Svensen, T.: NAOS– efficient and modular reactive capabilities in an object-oriented database system. In: Proceedings of the Twentieth International Conference on Very Large Databases, Santiago, Chile, pp. 132–143 (1994)
Denning, D., Lunt, T.F.: A multilevel relational data model. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 220–234 (May 1987)
Dwyer, P.A., Gelatis, G.D., Thuraisingham, M.B.: Multilevel security in database management systems. Computers and Security 6(3), 252–260 (1987)
Garvey, T.D., Lunt, T.F.: Multilevel Security for Knowledge-Based Systems. In: Proceedings of the Sixth Computer Security Applications Conference, Tucson, AZ, pp. 148–159 (December 1990)
Gatziu, S., Geppert, A., Dittrich, K.R.: Integrating active concepts into an object-oriented database system. In: Proceedings of the Third International Workshop on Database Programming Languages, Nafplion, Greece (August 1991)
Haigh, J.T., O’Brien, R.C., Thomsen, D.J.: The LDV Secure Relational DBMS Model. In: Jajodia, S., Landwehr, C.E. (eds.) Database Security IV: Status and Prospects, pp. 265–279. Elsevier Science Publishers B.V., North-Holland (1991)
Hanson, E.: Rule condition testing and action execution in Ariel. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, San Diego, CA, pp. 49–58 (June 1992)
Hsiao, D.K., Kohler, M.J., Stround, S.W.: Query Modifications as Means of Controlling Access to Multilevel Secure Databases. In: Jajodia, S., Landwehr, C.E. (eds.) Database Security IV: Status and Prospects, pp. 221–240, Elsevier Science Publishers B.V. North-Holland (1991)
Jajodia, S., Sandhu, R.: Toward a Multilevel Relational Data Model. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, Denver, CO, pp. 50–59 (1991)
Keefe, T.F., Tsai, W.T., Thuraisingham, M.B.: A Multilevel Security Model for Object-Oriented Systems. In: Proceedings of the National Computer Security Conference, Baltimore, MD, pp. 1–9 (October 1988)
McCarthy, D.R., Dayal, U.: The architecture of an active database management system. In: Proceedings of the ACM-SIGMOD International Conference on Management of Data, Portland, OR, pp. 215–224 (May 1989)
Millen, J.K., Lunt, T.F.: Security for Object-Oriented Database Systems. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 260–272 (May 1992)
Morgenstern, M.: Security and Inference in Multilevel Database and Knowledge-Base Systems. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, San Francisco, CA, pp. 357–373 (May 1987)
Ray, I.: Multi-level secure active database rules and its impact on the design of active databases. In: Proceedings of the Twentieth British National Conference On Databases, Coventry, U.K. (July 2003)
Rosenthal, A., Chakravarthy, S., Blaustein, B., Blakeley, J.: Situation monitoring for active databases. In: Proceedings of the Fifteenth International Conference On Very Large Databases, Amsterdam, The Netherlands, pp. 455–464 (August 1989)
Sandhu, R., Jajodia, S.: Referential Integrity in Multilevel Secure Databases. In: Proceedings of the National Computer Security Conference, Baltimore, MD, pp. 39–52 (September 1993)
Schlipper, L.M., Filsinger, J., Doshi, V.M.: A Multilevel Secure Database Management System Benchmark. In: Proceedings of the National Computer Security Conference, Baltimore, MD, pp. 399–408 (October 1992)
Smith, K., Winslett, M.: Multilevel secure rules: Integrating the multilevel and the active data model. Technical Report UIUCDCS-R-92-1732, University of Illinois, Urbana-Champaign, IL (March 1992)
Stachour, P.D., Thuraisingham, M.B.: Design of LDV: A Multilevel Secure Relational Database Management System. IEEE Transactions on Knowledge and Data Engineering 2(3), 190–209 (1990)
Stonebraker, M., Kemnitz, G.: The POSTGRES Next-Generation Database Management System. Communications of the ACM 34(10), 78–92 (1991)
Widom, J.: The Starburst Rule System: Language Design, Implementation and Application. Bulletin of the IEEE Technical Committee on Data Engineering 15(4), 15–18 (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ray, I., Huang, W. (2005). Event Detection in Multilevel Secure Active Databases. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2005. Lecture Notes in Computer Science, vol 3803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11593980_13
Download citation
DOI: https://doi.org/10.1007/11593980_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30706-8
Online ISBN: 978-3-540-32422-5
eBook Packages: Computer ScienceComputer Science (R0)