Skip to main content
Springer Nature Link
Log in

Modeling a multi-level secure object-oriented database using views

  • Session 6: Access Control
  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 1996)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1172))

Included in the following conference series:

  • 144 Accesses

Abstract

In this paper, we employ the view model given by Bertino to propose a new design approach for a secure multi-level object-oriented database system. The central idea is to provide the user with a multilevel view derived from a single-level secure object-oriented database. Hence the database operations performed on the multi-level views are decomposed into a set of operations on the single-level objects which can be implemented on any conventional mandatory security kernel.

We show that this approach allows us to overcome the difficulties of handling content and context dependent classification, dynamic classification, and aggregation and inference problems in multi-level object-oriented databases.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. S. Abiteboul and A. Bonner, “Objects and Views,” in Proceedings of the 1991 ACM SIGMOD International Conference on Management of Data (J. Clifford and R. King, eds.), pp. 238–247, SIGMOD RECORD, ACM Press, 1991.

    Google Scholar 

  2. A. Baraani-Dastjerdi, J. Pieprzyk, R. Safavi-Naini, and J. R. Getta, “A Model of Authorization for Object-Oriented Databases based on Object Views,” in Proceedings of The Fourth International Conference on Deductive and Object-Oriented Databases (T. Ling, A. Mendelzon, and L. Vielle, eds.), vol. 1013 of Lecture Notes in Computer Science, (Singapore), pp. 503–520, Springer-Verlag, Dec. 1995.

    Google Scholar 

  3. D. Bell and L. LaPadula, “Secure Computer System: Unified Exposition and Multics Interpretation,” Technical Report MTR-2997, MITRE Corporation, Bedford, MA, July 1975.

    Google Scholar 

  4. E. Bertino, “A View Mechanism for Object-Oriented Databases,” in Proceedings 3rd International Conference on Extending Data Base Technology (EDBT), vol. 580 of Lecture Notes in Computer Science, (Vienna, Austria), pp. 136–151, Springer-Verlag, Mar. 1992.

    Google Scholar 

  5. E. Bertino and S. Jajodia, “Modeling Multilevel Entities Using Single Level Objects,” in Proceedings of the Deductive and Object-Oriented Databases, Third International Conference, DOOD'93, vol. 760 of Lecture Notes in Computer Science, (Phoenix, Arizona, USA), pp. 415–428, Springer-Verlag, Dec. 1993.

    Google Scholar 

  6. N. Boulahia-Cuppens, F. Cuppens, A. Gabillon, and K. Yazdanian, “Decomposition of Multilevel Objects in an Object-Oriented Database,” in Computer Security ESORICS 94, Third European Symposium on Research in Computer Security, vol. 875 of Lecture Notes in Computer Science, pp. 375–402, Springer-Verlag, Nov. 1994.

    Google Scholar 

  7. U. Dayal, “Queries and views in an Object-Oriented Data Model,” International Workshop on Data Base Programming Languages, vol. 2, 1989.

    Google Scholar 

  8. D. E. Denning and T. F. Lunt, “A Multilevel Relational Data Model,” in Proceedings of Symposium on Computer Security and Privacy, (Oakland, CA.), pp. 220–234, IEEE Computer Society Press, 1987.

    Google Scholar 

  9. P. A. Dwyer, G. D. Jelatis, and M. B. Thuraisingham, “Multilevel Security in Database Management Systems,” Computers & Security, vol. 6, pp. 252–260, June 1987.

    Google Scholar 

  10. G. E. Gajnak, “Some Result from the Entity/Relationship Multilevel Secure DBMS Project,” in Discussions of topics presented at a Workshop held at the Vallombrosa, Conference and Retreat Centre, Menlo Park, CA May 1988, Research Directions in Database Security (T. Lunt, ed.), pp. 173–190, Springer-Verlag, 1992.

    Google Scholar 

  11. S. Heiler and S. Zdonik, “Object Views: Extending the Vision,” in Proceedings 6th Data Engineering Conference, pp. 86–93, IEEE Computer Society Press, 1990.

    Google Scholar 

  12. S. Jajodia and B. Kogan, “Integrating an Object-Oriented Data Model with Multilevel Security,” IEEE Computer Society Press, pp. 76–85, 1990.

    Google Scholar 

  13. T. F. Keefe and W. T. Tsai, “Prototyping the SODA Security Model,” in Database Security II(D. L. Spooner and C. E. Landwehr, eds.), pp. 211–235, Elsevier Science Publishers B. V. (North-Holland) IFIP, 1990.

    Google Scholar 

  14. T. F. Lunt, “Multilevel Security for Object-Oriented Database Systems,” in Database Security III (D. L. Spooner and Landwehr, eds.), pp. 199–209, Elsevier Science Publishers B. V. (North-Holland) IFIP, 1990.

    Google Scholar 

  15. J. K. Millen and T. F. Lunt, “Security for Object-Oriented Database Systems,” in Proceedings of IEEE computer Society Symposium on Research in Security and Privacy, (Oakland, CA.), pp. 260–272, IEEE Computer Society Press, May 1992.

    Google Scholar 

  16. M. S. Olivier and S. H. V. Solms, “A Taxonomy for Secure Object-Oriented Databases,” ACM Transactions on Database Systems, vol. 19, pp. 3–46, Mar. 1993.

    Google Scholar 

  17. M. H. Scholl, C. Laasch, and M. Tresch, “Updatable Views in Object-Oriented Databases,” in Proceedings of the Deductive and Object-Oriented Databases, Second International Conference, DOOD'91 (C. Delobel, M. Kifer, and Y. Masunga, eds.), vol. 566 of Lecture Notes in Computer Science, (München, FRG), pp. 189–207, Springer-Verlag, Dec. 1991.

    Google Scholar 

  18. G. W. Smith, “Identifying and Representing the Security Semantics of an Application,” in Proceedings of the Fourth Aerospace Computer Security Applications Conference, Dec. 1988.

    Google Scholar 

  19. M. B. Thuraisingham, “Mandatory Security in Object-Oriented Database Systems,” in Proceedings International Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), (New Orleans), pp. 203–210, Oct. 1989.

    Google Scholar 

  20. J. Wilson, “Views as the Security Objects in a Multilevel Secure Relational Database Management System,” in Proceedings of Symposium on Computer Security and Privacy, (Oakland, CA.), IEEE Computer Society Press, Apr. 1988.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Wollongong, 2522, Wollongong, NSW, Australia

    Ahmad Baraani-Dastjerdi, Josef Pieprzyk & Reihaneh Safavi-Naini

Authors
  1. Ahmad Baraani-Dastjerdi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Josef Pieprzyk
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Reihaneh Safavi-Naini
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Josef Pieprzyk Jennifer Seberry

Rights and permissions

Reprints and permissions

Copyright information

© 1996 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Baraani-Dastjerdi, A., Pieprzyk, J., Safavi-Naini, R. (1996). Modeling a multi-level secure object-oriented database using views. In: Pieprzyk, J., Seberry, J. (eds) Information Security and Privacy. ACISP 1996. Lecture Notes in Computer Science, vol 1172. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0023299

Download citation

  • DOI: https://doi.org/10.1007/BFb0023299

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-61991-8

  • Online ISBN: 978-3-540-49583-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics