Abstract
Managing data securely is a critical issue in modern organizations. Multilevel database systems offer one approach to security that assigns various security levels or clearances to the data in a database and to users of a database. The objective of multilevel databases is to share data that have been assigned different security levels, while preventing unauthorized access to data by a user with a given clearance level to data at a higher security classification. Current models store information in different security levels separately to prevent unauthorized access to data by users at different levels. However, leakages could still occur in cases such as those involving null values and those where sensitive data is included in the key field(s) of a relation. In this research, we design a novel security model, the instance-based multilevel security model, to solve problems associated with existing security models. We define the model, propose data access and integrity rules, and develop a two-layered access control method. Finally, we prove that the model is secure and identify areas for future research.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lunt, T., Denning, D., Schell, R., Heckman, M., Shockley, W.: The SeaView Security Model. IEEE transaction on software engineering 16(6), 593–607 (1990)
Elmasri, R., Navathe, S.B.: Fundamentals of Database Systems. Addison Wesley Longman, Inc., Amsterdam (2000) ISBN 0-8053-1755-4
Bell, E., LaPadula, L.: Secure computer systems: Unified exposition and multics interpretation. Technical Report MTR-2997, The Mitre Corporation, Burlington Road, Bedford, MA, USA (1973)
Sandhu, R., Chen, F.: The Multilevel Relational Data Model. ACM transaction on information and system security 1(1), 93–132 (1998)
Pranjic, M., Jukic, N., Fertalj, K.: Implementing belief-consistent multilevel secure relational data model: issues and solutions. Journal of Computing and Information Technology 11(3), 225–232 (2003)
Parsons, J., Wand, Y.: Emancipating Instances from the Tyranny of Classes in Information Modeling. ACM Transactions on Database Systems 25(2), 228–268 (2000)
Su, J., Parsons, J.: Analysis of Data Structures to Support the Instance-based Database Model. In: Proceedings of Design Science Research in Information Systems and Technology (DESRIST), Claremont, CA, pp. 107–130 (2006)
Bunge, M.: Treatise on Basic Philosophy: Ontology I: The Furniture of the World, vol. 3. Reidel, New York (1977)
Parsons, J., Wand, Y.: A question of class. Nature 455(4216), 1040–1041 (2008)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 11–20. IEEE Computer Society Press, Los Alamitos (1982)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Parsons, J., Su, J. (2010). The Instance-Based Multilevel Security Model. In: Winter, R., Zhao, J.L., Aier, S. (eds) Global Perspectives on Design Science Research. DESRIST 2010. Lecture Notes in Computer Science, vol 6105. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13335-0_25
Download citation
DOI: https://doi.org/10.1007/978-3-642-13335-0_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13334-3
Online ISBN: 978-3-642-13335-0
eBook Packages: Computer ScienceComputer Science (R0)