Zusammenfassung
Ein Informationssystem soll große Mengen strukturierter Daten dauerhaft und verläßlich für viele und verschiedenartige Benutzer verfügbar halten, sowie Anfragen und Änderungen effizient bearbeiten. Innerhalb eines “Unternehmens„ wird ein Informationssystem typischerweise als technisches Hilfsmittel für die betriebliche Kommunikation verwendet. Das Informationssystem vermittelt dabei mit folgenden Besonderheiten die Mitteilungen der kommunikativ handelnden Personen:
-
i)
Es sind im allgemeinen schon eine große Anzahl von Mitteilungen eingegangen, und alle entsprechenden Daten stehen zur weiteren Vermittlung zur Verfügung.
-
ii)
Die Vermittlung erfolgt im allgemeinen zeitlich verzögert, indem das System im wesentlichen ein dreischrittiges Verfahren durchführt:
-
Annahme (oder Ablehnung) der Mitteilung gemäß den vereinbarten semantischen Bedingungen,
-
dauerhaftes Speichern der entsprechenden Daten gemäß der im Schema vereinbarten Formate,
-
Zusammenstellung oder Ableitung der durch eine Anfrage angeforderten Daten und ihre anschließende Duplizierung.
-
-
iii)
Die Qualität der Vermittlung wird verläßlich gesichert durch die Einhaltung semantischer Bedingungen und korrekte Ausführung von Transaktionen.
-
iv)
Die Vermittlung wird im allgemeinen vielen und verschiedenartigen Handelnden angeboten, die im allgemeinen aufgrund unterschiedlicher Verpflichtungen tätig sind.
-
v)
Die Vermittlung muß effizient erfolgen.
Dies ist eine gekürzte Fassung eines Beitrags für den Sammelband: G. Vossen, K.-U. Witt (Hrsg.), Entwicklungstendenzen bei Datenbank-Systemen, R. Oldenbourg Verlag, München, 1991. Autor und Herausgeber danken für die freundliche Genehmigung zum Abdruck in diesem Tagungsband.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Literaturverzeichnis
S.G., Akl, P.D. Taylor, Cryptographic solution to a problem of access control in a hierarchy, ACM Transactions on Computer Systems, Vol.1, No.3, 1983, pp. 239–248.
S.R. Ames, Security kernels: a solution or a problem?, Proc. IEEE Symp. on Security and Privacy, Oakland, 1981, pp. 141–150.
D.E. Bell, L.J. LaPadula, Secure Computer Systems, Mitre Corporation, Bedford, 1974.
J. Biskup, Privacy Respecting Permissions and Rights, Database Security: Status and Prospects (ed.: C.E. Landwehr), North-Holland, Amsterdam etc., 1988, pp. 173–185.
J. Biskup, H.H. Brüggemann, The personal model of data - towards a privacy-oriented information system, Computers & Security 7 (1988), pp. 575–597.
J. Biskup, H.H. Brüggemann, Das datenschutzorientierte Informationssystem DORIS: Stand der Entwicklung und Ausblick, 2. GI-Fachtagung Verläßliche Informationssysteme, Karlsruhe 1991, dieser Band.
J. Biskup, H.-W. Graf, Analysis of the privacy model for the information system DORIS, Database Security, II: Status and Prospects (ed.: C.E. Landwehr), North-Holland, Amsterdam etc., 1989, pp. 123–140.
D.A. Bonyun, The secure relational database management system kernel - three years after-, Proc. IEEE Symp. on Security and Privacy, Oakland, 1980, pp. 34–37.
H.H. Brüggemann, Interaction of authorities and acquaintances in the DORIS privacy model of data, Proc. MFDBS 89, Lecture Notes in Computer Science 364, Springer, 1989, pp. 85–99.
Bundesverfassungsgericht, Urteil vom 15. Dezember 1983 zum Volkszählungsgesetz 1983, Bundesanzeiger 35, 241a (1983).
D.D. Clark, D.R. Wilson, A comparison of commercial and military computer security policies, Proc. IEEE Symp. on Security and Privacy, 1987, Oakland, pp. 184–194.
Congress, 93rd - 2nd Session, Privacy Act of 1974, Public Law 93–579.
G.I. Davida, R.A. DeMillo, RJ. Lipton, A system architecture to support a verifiably secure multilevel security system, Proc. IEEE Symp. on Security and Privacy, Oakland, 1980, pp. 137–144.
G.I. Davida, D.L. Wells, J.B. Kam, A database encryption system with subkeys, ACM Transactions on Database Systems, Vol. 6, No. 2, 1981, pp. 312–328.
G.I. Davida, Y. Yeh, Cryptographic relational algebra, Proc. IEEE Symp. on Security and Privacy, Oakland, 1982, pp. 111–116.
D.E. Denning, Cryptographic checksums for multilevel database security, Proc. IEEE Symp. on Security and Privacy, 1984, Oakland, pp. 52–61.
D.E. Denning, Lessons learned from modeling a secure multilevel relational database system, Database Security : Status and Prospects (ed. C.E. Landwehr), North-Holland, Amsterdam etc., 1988, pp. 35–43.
D.E. Denning, T.F. Lunt, R.R. Schell, M. Heckman, W. Shockley, A multilevel relational data model, Proc. IEEE Symp. on Security and Privacy, Oakland, 1987, pp. 220–234.
K. Dittrich, M. Härtig, H. Pfefferle, Discretionary Access control in structurally object- oriented database systems, Database Security, II: Status and Prospects (ed.: C.E. Landwehr), North-Holland, Amsterdam etc., 1989, pp. 105–121.
J. Dobson, Security and Databases: A Personal View, Database Security: Status and Prospects (ed.: C.E. Landwehr), North-Holland, Amsterdam etc., 1988, pp. 11–21.
J. Dobson, Conversation structures as a means of specifying security policy, Database Security, III: Status and Prospects (eds: D.L. Spooner, C.E. Landwehr), North-Holland, Amsterdam etc., 1990, pp. 25–39.
Department of Defense Computer Security Center, Trusted Computer Systems Evaluation Criteria, CSC-STD-011–83, Fort Meode, 1983.
J.E. Dobson, J.A. McDermid, Security models and enterprise models, Database Security, II : Status and Prospects (ed. C.E. Landwehr), North-Holland, Amsterdam etc., 1989, pp. 1–39.
D. Downs, G. Popek, A kernel design for a secure data base managment system, Proc. 3rd Int. Conf. on Very Large Data Bases, 1977, pp. 507–514.
M. Fugini, Secure database development methodologies, Database Security: Status and Prospects (ed.: C.E. Landwehr), North-Holland, Amsterdam etc., 1988, pp. 103–129.
W. Gerhardt, Datensicherheit in Datenbanksystemen - Methoden und Trends, Rostocker Informatik-Berichte, Heft 10 (1990).
R. Graubart, The integrity-lock approach to secure database management, Proc. IEEE Symp. on Security and Privacy, 1984, Oakland, pp. 62–74.
R. Graubart, A comparison of three secure dbms architectures, Database Security, III: Status and Prospects (eds: D.L. Spooner, C.E. Landwehr), North-Holland, Amsterdam etc., 1990, pp. 167–190.
E. Gudes, The design of a cryptography based secure file system, Proc. IEEE Transactions on Software Engineering, Vol. SE-6, No.5, 1980, pp. 411–420.
J.T. Haigh, Modeling database security requirements, Database Security: Status and Prospects (ed.: C.E. Landwehr), North-Holland, Amsterdam etc., 1988, pp. 103–129.
T.F. Keefe, W.T. Tsai, Prototyping the SODA security model, Database Security, III: Status and Prospects (eds: D.L. Spooner, C.E. Landwehr), North-Holland, Amsterdam etc., 1990, pp.211–235.
C.E. Landwehr, editor, Database Security: Status and Prospects, North-Holland, Amsterdam etc., 1988.
C.E. Landwehr, editor, Database Security, II: Status and Prospects, North-Holland, Amsterdam etc., 1989.
M. Larrondo-Petrie, E. Gudes, H. Song, E.B. Fernandez, Security policies in object- oriented databases, Database Security, III: Status and Prospects (eds: D.L. Spooner, C.E. Landwehr), North-Holland, Amsterdam etc., 1990, pp.257–268.
C.E. Landwehr, C.L. Heitmeyer, J. McLean, A security model for military message systems, ACM Trans, on Computer Systems, Vol. 2, No. 3, 1984, pp. 198–222.
C.P. Louwerse, J.M.L. Kouwenberg, Data protection aspects in an integrated hospital information system, Computers & Security, Vol. 3, 1984, pp. 286–294.
F.H. Lochovsky, C.C. Woo, Role-based security in data base management systems, Database Security: Status and Prospects (ed.: C.E. Landwehr), North-Holland, Amsterdam etc., 1988, pp. 209–222.
T.F. Lunt, Multilevel security for object-oriented database systems, Database Security, III: Status and Prospects (eds.: D.L. Spooner, C.E. Landwehr), North-Holland, Amsterdam etc., 1990, pp. 199–209.
J.A. McDermid, E.S. Hocking, Security policies for integrated project support environments, Database Security, III: Status and Prospects (eds.: D.L. Spooner, C.E. Landwehr), North-Holland, Amsterdam etc., 1990, pp. 41–74.
C. Meadows, The integrity lock architecture and its application to message systems: reducing cover channels, Proc. IEEE Symp. on Security and Privacy, 1987, Oakland, pp. 212–218.
C. Meadows, Constructing container using a multilevel relational data model, Database Security, III: Status and Prospects (eds.: D.L. Spooner, C.E. Landwehr), North-Holland, Amsterdam etc., 1990, pp. 127–141.
C. Meadows, S. Jajodia, Integrity versus security in multi-level secure databases, Database Security : Status and Prospects (ed. C.E. Landwehr), North-Holland, Amsterdam etc., 1988, pp. 89–101.
Nationale IT-Sicherheitskriterien, Bundesanzeiger-Verlag, 1989.
K.A. Omar, D.L. Wells, Modified architecture for the sub-keys model, Proc. IEEE Symposium on Security and Privacy, 1983, Oakland, pp. 79–86.
F. Rabitti, D. Woelk, W. Kim, A model of authorization for object-oriented and semantic databases, Proc. Int. Conf. on Extending Database Technology, Venice, March 1988, Lecture Notes in Computer Science 303, Springer, 1988, pp. 231–250.
R.L. Rivest, L. Adleman, M.L. Dertouzos, On data banks and privacy homomorphisms, in: Foundation of Secure Computation (eds: DeMillo, Dobkin, Jones, Lipton), Academic Press, New York, 1978, pp. 169–177.
R., Sandhu, Mandatory controls for database integrity, Database Security, III: Status and Prospects (eds.: D.L. Spooner, C.E. Landwehr), North-Holland, Amsterdam etc., 1990, pp. 143–150.
R. Sawinski, P. Haas, Interaktive Definition und Pflege von datenschutzorientierten Benutzerschnittstellen, Proc. 31. Jahrestagung GMDS, 1986, Göttingen, Medizinische Informatik und Statistik 64, Springer, pp. 295–298.
D. Spooner, A.M. Keller, G. Wiederhold, J. Solasin, D. Heystek, Framework for the security component of an ADA DBMS, Proc. 12 th. Int. Conf. on Very Large Data Bases, Kyoto, 1986, pp. 347–354.
D.L. Spooner, C.E. Landwehr, editors, Database Security, III: Status and Prospects, North- Holland, Amsterdam etc., 1990.
T.C. Ting, A user-role based data security approach, Database Security: Status and Prospects (ed.: C.E. Landwehr), North-Holland, Amsterdam etc., 1988, pp. 187–208.
M.-T. Tinnefeid, H. Tubies, Datenschutzrecht, Oldenbourg, München-Wien, 1988.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1987 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biskup, J. (1987). Sicherheit in Informationssystemen Gewährleistung und Begrenzung des Informationsflusses. In: Pfitzmann, A., Raubold, E. (eds) VIS ’91 Verläßliche Informationssysteme. Informatik-Fachberichte, vol 271. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-76562-9_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-76562-9_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-53911-7
Online ISBN: 978-3-642-76562-9
eBook Packages: Springer Book Archive