Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Logic in Databases

LID 1996: Logic in Databases pp 303–319Cite as

An axiomatic interpretation of confidentiality demands in logic-based relational databases

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1154))

Abstract

Secure multilevel relational database models based on Bell and La Padula's interpretation of mandatory security policies suffer from severe semantic problems. We claim that the intention of these policies can be reduced to a single generic confidentiality demand. We interpret it in the context of a logic-based database as a distortion of the intended model and state it as an axiom in addition to the axioms of a relational database. We then show that many security properties can already be proved from these few axioms. These properties characterise a mandatory-security-policy-conforming database with an unequivocal semantics of the data and a notion of integrity identical to that of relational databases.

This is a preview of subscription content, log in via an institution.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  • Bell, David Elliott, and Leonard J. La Padula. (1975) Secure computer system: Unified exposition and multics interpretation. MITRE Technical Report 2997. MITRE Corp, Bedford, MA

    Google Scholar 

  • Bonatti, Piero, Sarit Kraus and V.S. Subrahmanian. (1992) ‘Declarative Foundations of Secure Deductive Databases'. Ed Joachim Biskup and Richard Hull. 4th International Conference on Database Theory — ICDT'92. LNCS, vol 646. Berlin, Heidelberg: Springer-Verlag. pp 391–406. [Also in: IEEE Transactions on Knowledge and Data Engineering 7.3 (1995):406–422.]

    Google Scholar 

  • Bonyun, David A. (1980) ‘The Secure Relational Database Management System Kernel: Three Years After'. 1980 IEEE Symposium on Security and Privacy. IEEE Computer Society Press. pp 34–37.

    Google Scholar 

  • Bourbaki, Nicolas. (1968) Theory of Sets. Paris: Hermann.

    Google Scholar 

  • Cremers, Armin B., Ulrike Griefahn and Ralf Hinze. (1994) Deduktive Datenbanken. Braunschweig: Vieweg.

    Google Scholar 

  • Denning, Dorothy E., Teresa F. Lunt, Roger R. Schell, Mark Heckman and William R. Shockley. (1987) ‘A Multilevel Relational Data Model'. 1987 IEEE Symposium on Security and Privacy. IEEE Computer Society Press. pp 220–234.

    Google Scholar 

  • -,-,-, William R. Shockley and Mark Heckman. (1988) ‘The SeaView Security Model'. 1988 Symposium on Security and Privacy. IEEE Computer Society Press. pp 218–233.

    Google Scholar 

  • Feiertag, R.J., K.N. Levitt and L. Robinson. (1977) ‘Proving multilevel security of a system design'. 6th ACM Symposium on Operating System Principles. ACM SIGOPS Operating System Review 11.5:57–65.

    Google Scholar 

  • Graubart, Richard D., and John P.L. Woodward. (1982) ‘A Preliminary Naval Surveillance DBMS Security Model'. 1982 IEEE Symposium on Security and Privacy. IEEE Computer Society Press. pp 21–37.

    Google Scholar 

  • Landwehr, Carl E. (1981) ‘Formal Models for Computer Security'. ACM Computing Surveys 13.3:247–278.

    Google Scholar 

  • Qian, Xiaolei. (1994) ‘Inference Channel-Free Integrity Constraints in Multilevel Relational Databases'. 1994 IEEE Symposium on Research in Security and Privacy. IEEE Computer Society Press. pp 158–167.

    Google Scholar 

  • -and Teresa F. Lunt. (1992) ‘Tuple-level vs. element-level classification'. Ed Bhavani M. Thuraisingham and Carl E. Landwehr. Database Security VI. IFIP WG11.3 Workshop on Database Security 1993. Amsterdam: North-Holland, 1993. pp 301–315.

    Google Scholar 

  • Sicherman, George L., Wiebren de Jonge and Reind P. van de Riet. (1983) ‘Answering Queries Without Revealing Secrets'. ACM Transactions on Database Systems 8.1:41–59.

    Google Scholar 

  • Spalka, Adrian. (1994) ‘Secure Logic Databases Allowed to Reveal Indefinite Information on Secrets'. Ed Joachim Biskup, Matthew Morgenstern and Carl E. Landwehr. Database Security VIII. IFIP WG11.3 Working Conference on Database Security 1994. Amsterdam: North-Holland. pp 297–316.

    Google Scholar 

  • -. (1996a) A Study of the Extensibility of Logic-Based Databases with Confdentiality Capabilities. PhD Thesis. Universtity of Bonn, Germany.

    Google Scholar 

  • -. (1996b) ‘The Non-Primitiveness of the Simple-Security Property and its Non-Applicability to Relational Databases'. 9th IEEE Computer Security Foundations Workshop 1996. IEEE Computer Society Press.

    Google Scholar 

  • Winslett, Marianne, Kenneth Smith and Xiaolei Qian. (1994) ‘Formal Query Languages for Secure Relational Databases'. ACM Transactions on Database Systems 19.4:626–662.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science III, University of Bonn, Roemerstrasse 164, D-53117, Bonn, Germany

    Adrian Spalka & Armin B. Cremers

Authors
  1. Adrian Spalka
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Armin B. Cremers
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Dino Pedreschi Carlo Zaniolo

Rights and permissions

Reprints and permissions

Copyright information

© 1996 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Spalka, A., Cremers, A.B. (1996). An axiomatic interpretation of confidentiality demands in logic-based relational databases. In: Pedreschi, D., Zaniolo, C. (eds) Logic in Databases. LID 1996. Lecture Notes in Computer Science, vol 1154. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0031748

Download citation

  • DOI: https://doi.org/10.1007/BFb0031748

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-61814-0

  • Online ISBN: 978-3-540-70683-0

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation