Abstract
A design environment for security critical database applications that should be implemented by using multilevel technology is proposed. For this purpose, the Entity-Relationship model is extended to capture security semantics. Important security semantics are defined and a language to express them in an ER model by means of security constraints is developed. The main contribution consists of the development and implementation of a rule-based system with which security semantics specified may be checked for conflicting constraints. The check involves application independent as well as application dependent integrity constraints and leads to a non conflicting conceptual representation of the security semantics of a multilevel secure database application.
Preview
Unable to display preview. Download preview PDF.
References
P. Chen. The Entity-Relationship Model: Towards a Unified View of Data. ACM Trans. on Database Systems (ToDS). Vol. 1, No. 1, 1976.
D. E. Bell, L. J. LaPadula. Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report MTR-2997. MITRE Corp. Bedford, Mass, 1976.
S. Jajodia, R. S. Sandhu. Toward a Multilevel Secure Relational Data Model. Proc. 1991 ACM Int'l. Conf. on Management of Data (SIGMOD'91), 50–59.
K. Smith, M. Winslett. Entity Modeling in the MLS Relational Model. Proc. 18th Conf. on Very Large Databases (VLDB'92), Vancouver, BC, 1992.
D. E. Denning, T. F. Lunt, R. R. Schell, W. R. Shockley, M. Heckaman. The SeaView Security Model. Proc. 1988 IEEE Symposium on Research in Security and Privacy, 218–233.
T. F. Lunt, D. Denning, R. R. Schell, M. Heckman, W. R. Shockley. The SeaView Security Model. IEEE Trans. on Software Engineering (TOSE), Vol. 16, No. 6 (1990), 593–607.
G. W. Smith. The Semantic Data Model for Security: Representing the Security Semantics of an Application. Proc. of the 6th Int. Conf. on Data Engineering (ICDE'90), 322–329, IEEE Computer Society Press 1990.
G. W. Smith. Modeling Security Relevant Data Semantics. Proc. 1990 IEEE Symposium on Research in Security and Privacy, 384–391.
S. D. Urban. ‘ALICE': an assertion language for integrity constraint expression. Proc. Computer Software and Appl. Conf., Sept. 1989.
S. Wiseman. Abstract and Concrete Models for Secure Database Applications. Proc. 5th IFIP WG 11.3. Working Conf. on Database Security. Shepherdstown, WV, Nov. 1991.
P. J. Sell. The SPEAR Data Design Method. Proc. 6th IFIP WG 11.3. Working Conf. on Database Security. Burnaby, BC, Aug. 1992.
J. M. Spivey. The Z-Notation: A Reference Manual. Prentice Hall International, 1989.
R. K. Burns. A Conceptual Model for Multilevel Database Design. Proc. 5th Rome Laboratory Database Security Workshop, Oct. 1992.
G. Pernul. Security Constraint Processing During MLS Database Design. Proc. 8th Ann. Computer Security Applications Conf. (ACSAC'92). IEEE Computer Society Press.
M. Collins, W. Ford, B. Thuraisingham. Security Constraint Processing During the Update Operation in a MLS DBMS. Proc. 7th Annual Computer Security Applications Conf. (ACSAC'91). IEEE Computer Society Press.
G. Pernul, W. Winiwarter, A. M. Tjoa. The Deductive Filter Approach to MLS Database Prototyping. Proc. 9th Annual Computer Security Applications Conference (ACSAC'93), Orlando, FL, Dec. 1993. IEEE Computer Society Press.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1994 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pernul, G., Winiwarter, W., Tjoa, A.M. (1994). The entity-relationship model for multilevel security. In: Elmasri, R.A., Kouramajian, V., Thalheim, B. (eds) Entity-Relationship Approach — ER '93. ER 1993. Lecture Notes in Computer Science, vol 823. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0024365
Download citation
DOI: https://doi.org/10.1007/BFb0024365
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-58217-5
Online ISBN: 978-3-540-48575-9
eBook Packages: Springer Book Archive