Abstract
The event-condition-action paradigm (also known as triggers or rules) gives a database “active” capabilities — the ability to react automatically to changes in the database or in the environment. One potential use of this technology is in the area of multilevel secure (MLS) data processing, such as, military, where the subjects and objects are classified into different security levels and mandatory access control rules govern who has access to what. Unfortunately, not much work has been done in the area of multilevel secure active database system. In this paper we define the structure of MLS rules and identify what effects these rules have on the execution semantics of an active database system. Such knowledge is essential before developing a multilevel secure active database system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
R. Agarwal and N. Gehani. Ode (Object database and environment): The language and the data model. In Proceedings of the ACM-SIGMOD International Conference on Management of Data, pages 36–45, Portland, OR, May 1989.
V. Atluri, S. Jajodia, T.F. Keefe, C. McCollum, and R. Mukkamala. Multilevel Secure Transaction Processing: Status and Prospects. In P. Samarati and R.S. Sandhu, editors, Database Security X: Status and Prospects, chapter 6, pages 79–98. Chapman & Hall, 1997.
D. E. Bell and L. J. LaPadula. Secure computer system: Unified exposition and multics interpretation. Technical Report MTR-2997, MITRE Corporation, Bedford, MA, July 1975.
T. A. Berson and T. F. Lunt. Multilevel Security for Knowledge-Based Systems. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 235–242, Oakland, CA, April 1987.
E. Bertino and S. Jajodia. Modeling Multilevel Entities using Single Level Objects. In Proceedings of the Third International Conference on Deductive and Object-Oriented Databases, volume 760 of Lecture Notes in Computer Science, pages 416–428, Phoenix, AZ, December 1993. Springer-Verlag.
N. Boulahia-Cuppens, F. Cuppens, A. Gabillon, and K. Yazdanian. Virtual View Model to Design a Secure Object-Oriented Database. In Proceedings of the National Computer Security Conference, pages 66–76, Baltimore, MD, October 1994.
A.P. Buchman, H. Branding, T. Kundrass, and J. Zimmermann. REACH: A REal-time ACtive and Heterogeneous Mediator System. Bulletin of the IEEE Technical Committee on Data Engineering, 15(4), December 1992.
S. Ceri and R. Manthey. Consolidated specification of Chimera, the conceptual interface of idea. Technical Report IDEA.DD.2P.004, Politecnico di Milano, Milan, Italy, June 1993.
S. Chakravarthy, E. Hanson, and S.Y.W. Su. Active data/knowledge base research at the University of Florida. Bulletin of the IEEE Technical Committee on Data Engineering, 15(4):35–39, December 1992.
C. Collet, T. Coupaye, and T. Svensen. NAOS—efficient and modular reactive capabilities in an object-oriented database system. In Proceedings of the Twentieth International Conference on Very Large Databases, pages 132–143, Santiago, Chile, 1994.
O. Costich and J. McDermott. Amultilevel transaction problem for multilevel secure database system and its solution for the replicated architecture. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 192–203, Oakland, CA, May 1992.
D. Denning and T. F. Lunt. A multilevel relational data model. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 220–234, Oakland, CA, May 1987.
P. A. Dwyer, G. D. Gelatis, and M. B. Thuraisingham. Multilevel security in database management systems. Computers and Security, 6(3):252–260, June 1987.
T. D. Garvey and T. F. Lunt. Multilevel Security for Knowledge-Based Systems. In Proceedings of the Sixth Computer Security Applications Conference, pages 148–159, Tucson, AZ, December 1990.
S. Gatziu, A. Geppert, and K. R. Dittrich. Integrating active concepts into an object-oriented database system. In Proceedings of the Third International Workshop on Database Programming Languages, Nafplion, Greece, August 1991.
J. T. Haigh, R. C. O’Brien, and D. J. Thomsen. The LDV Secure Relational DBMS Model. In S. Jajodia and C.E. Landwehr, editors, Database Security IV: Status and Prospects, pages 265–279. Elsevier Science Publishers B.V. (North-Holland), 1991.
E. Hanson. Rule condition testing and action execution in Ariel. In Proceedings of the ACM SIGMOD International Conference on Management of Data, pages 49–58, San Diego, CA, June 1992.
D. K. Hsiao, M. J. Kohler, and S.W. Stround. Query Modifications as Means of Controlling Access to Multilevel Secure Databases. In S. Jajodia and C.E. Landwehr, editors, Database Security IV: Status and Prospects, pages 221–240. Elsevier Science Publishers B.V. (North-Holland), 1991.
S. Jajodia and B. Kogan. Transaction Processing in Multilevel Secure Databases using Replicated Architecture. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 360–368, Oakland, CA, May 1990.
S. Jajodia and R. Sandhu. Polyinstantiation Integrity in Multilevel elations Revisited. In S. Jajodia and C.E. Landwehr, editors, Database Security IV: Status and Prospects, pages 297–307. Elsevier Science Publishers B.V. (North-Holland), 1991.
S. Jajodia and R. Sandhu. Toward a Multilevel Relational Data Model. In Proceedings of the ACM SIGMOD International Conference on Management of Data, pages 50–59, Denver, CO, 1991.
T. F. Keefe, W. T. Tsai, and M. B. Thuraisingham. A Multilevel Security Model for Object-Oriented Systems. In Proceedings of the National Computer Security Conference, pages 1–9, Baltimore, MD, October 1988.
T. F. Lunt and E. B. Fernandez. Database Security. SIGMOD Record, 19(4):90–97, December 1990.
D.R. McCarthy and U. Dayal. The architecture of an active database management system. In Proceedings of the ACM-SIGMOD International Conference on Management of Data, pages 215–224, Portland, OR, May 1989.
J. K. Millen and T.F. Lunt. Security for Object-Oriented Database Systems. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 260–272, Oakland, CA, May 1992.
M. Morgenstern. Security and Inference in Multilevel Database and Knowledge-Base Systems. In Proceedings of the ACM SIGMOD International Conference on Management of Data, pages 357–373, San Francisco, CA, May 1987.
M. Morgenstern. A Security Moddel for Multilevel Object with Bidirectional Relationship. In S. Jajodia and C.E. Landwehr, editors, Database Security IV: Status and Prospects, pages 53–71. Elsevier Science Publishers B.V. (North-Holland), 1991.
M.S. Olivier and S. H. Von Solms. A Taxonomy for Secure Object-Oriented Databases. ACM Transactions on Database Systems, 19(1):3–46, March 1993.
N.W. Paton and O. Diaz. Active Database Systems. ACM Computing Surveys, 31(1):63–103, 1999.
A. Rosenthal, S. Chakravarthy, B. Blaustein, and J. Blakeley. Situation monitoring for active databases. In Proceedings of the Fifteenth International Conference On Very Large Databases, pages 455–464, Amsterdam, The Netherlands, August 1989.
R. Sandhu and S. Jajodia. Referential Integrity in Multilevel Secure Databases. In Proceedings of the National Computer Security Conference, pages 39–52, Baltimore, MD, September 1993.
L. M. Schlipper, J. Filsinger, and V. M. Doshi. A Multilevel Secure Database Management System Benchmark. In Proceedings of the National Computer Security Conference, pages 399–408, Baltimore, MD, October 1992.
K. Smith and M. Winslett. Multilevel secure rules: Integrating the multilevel and the active data model. Technical Report UIUCDCS-R-92-1732, University of Illinois, Urbana-Champaign, IL, March 1992.
P. D. Stachour and M. B. Thuraisingham. Design of LDV: A Multilevel Secure Relational Database Management System. IEEE Transactions on Knowledge and Data Engineering, 2(3):190–209, June 1990.
M. Stonebraker and G. Kemnitz. The POSTGRES Next-Generation Database Management System. Communications of the ACM, 34(10):78–92, October 1991.
M. B. Thuraisingham. Mandatory Security in Object-Oriented Database Systems. In Proceedings of the International Conference on Object-Oriented Programming Systems, Languages and Applications, pages 203–210, New Orleans, LA, October 1989.
J. Widom. The Starburst Rule System: Language Design, Implementation and Application. Bulletin of the IEEE Technical Committee on Data Engineering, 15(4):15–18, December 1992.
J. Widom and S. Ceri. Active Database Systems Triggers and Rules For Advanced Database Processing. Morgan Kaufmann, San Francisco, CA, 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ray, I. (2003). Multilevel Secure Rules and Its Impact on the Design of Active Database Systems. In: James, A., Younas, M., Lings, B. (eds) New Horizons in Information Management. BNCOD 2003. Lecture Notes in Computer Science, vol 2712. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45073-4_18
Download citation
DOI: https://doi.org/10.1007/3-540-45073-4_18
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40536-8
Online ISBN: 978-3-540-45073-3
eBook Packages: Springer Book Archive