Advertisement

Decomposition of multilevel objects in an object-oriented database

  • N. Boulahia-Cuppens
  • F. Cuppens
  • A. Gabillon
  • K. Yazdanian
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 875)

Abstract

For many reasons, multilevel relations are decomposed. Several decomposition algorithms have been proposed but we show that many difficulties would appear when implementing them — especially performance loss and problems to propagate low classified updates to higher classified relations. In this paper, we propose a security model which provides means to protect all characteristics of an object including object existence, attribute tuple values and attribute set values and we show how to decompose a multilevel object oriented database which supports these complex multilevel objects into a collection of single level databases. This idea is similar to the idea already proposed for multilevel relational databases. However, our approach takes fully advantage of the object oriented model. Hence, we claim that the kernelized architecture we suggest for object oriented databases does not suffer from the drawbacks noticed for relational systems based on this architecture. In particular, it does not cause important performance losses and the semantics of update operations is straightforward in comparison with the one previously developed for multi-level relations.

Keywords

Security Level Decomposition Algorithm Integrity Constraint Cover Story Covert Channel 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. [Air83]
    Air Force Studies Board. Multilevel Data Management Security. Committee on Multilevel Data Management Security. National Research Council. 1983.Google Scholar
  2. [Ban92]
    F. Bancilhon, C. Delobel and P. Kanellakis. Building an Object-Oriented Database System. Morgan Kaufmann 1992.Google Scholar
  3. [Ber93]
    E. Bertino and S. Jajodia. Modeling Multilevel Entities Using Singlelevel Objects. Proc. of the Third Conference on Deductive and Object-Oriented Databases. Springer-Verlag Lecture Notes in Computer Science, Vol. 760. December 1993.Google Scholar
  4. [Ber94]
    E. Bertino, L. Mancini and S. Jajodia. Collecting Garbage in Multilevel Secure Object Stores. Proc. of the 1994 IEEE Symposium on Research in Security and Privacy. Oakland. 1994.Google Scholar
  5. [BCGY93]
    N. Boulahia-Cuppens, F. Cuppens, A. Gabillon, K. Yazdanian. Multiview Model for MultiLevel Object-Oriented Database. Proc. of the Ninth Annual Computer Security Applications Conference. Orlando, Florida. December 1993.Google Scholar
  6. [BCG Y94]
    N. Boulahia-Cuppens, F. Cuppens, A. Gabillon, K. Yazdanian. Virtual View Model to Design a Secure Object-Oriented Database. Proc. of the 17th National Computer Security Conference. Baltimore, Maryland. October 1994.Google Scholar
  7. [Cup92]
    F. Cuppens, K. Yazdanian. A “Natural” Decomposition of Multi-level Relations. Proc. of the 1992 IEEE Symposium on Research in Security and Privacy. Oakland. 1992.Google Scholar
  8. [Den87]
    D. Denning, T. Lunt, R. Shell, M. Heckman and W. Shockley. A Multilevel Relational Data Model. IEEE Symposium on Research in Security and Privacy. Oakland. 1987.Google Scholar
  9. [Den88]
    D. Denning. Lessons learned from modeling a Secure Multilevel Relational Database System. Database Security I: Status and Prospects. C. Landwehr. (North-Holland). 1988.Google Scholar
  10. [Fro89]
    J. Frosher and C. Meadows. Achieving a Trusted Database Management System Using Parallelism. Database Security II: Status and Prospects. Elsevier Science Publisher B.V. (North-Holland). IFIP 1989.Google Scholar
  11. [Gar90]
    C. Garvey, T. Hinke, N. Jensen, J. Solomon and A. Wu. A Layered TCB Implementation versus the Hinke-Schaefer Approach. Database Security III: Status and Prospects. Elsevier Science Publisher B.V. (North-Holland). IFIP 1990.Google Scholar
  12. [Gra90]
    R. Graubart. A Comparison of Three Secure DBMS Architectures. In Database Security III, Status and Prospects. North-Holland 1990.Google Scholar
  13. [Gro76]
    M. Grohn. A model of protected data management system. ESD-TR-76-289. Bedford Mass. I. P. Sharp Associates ltd. 1976.Google Scholar
  14. [Hai90]
    J.T. Haigh, R.C. O'Brien, P.D. Stachour and D.L. Toups. The LDV Approach to Database Security. Database Security III: Status and Prospects. Elsevier Science Publisher B.V. (North-Holland). IFIP 1990Google Scholar
  15. [Hai91]
    J.T. Haigh, R.C. O'Brien, D. J. Thomsen. The LDV Secure Relational DBMS Model. Database Security IV: Status and Prospects. Elsevier Science Publisher B.V. (North-Holland). IFIP 1991.Google Scholar
  16. [Hin75]
    T. Hinke and M. Schaeffer. Secure data management system. RADC-TR-75-266. System Development Corporation. 1975.Google Scholar
  17. [Jaj90a]
    S. Jajodia and R. Sandhu. Polyinstantiation Integrity in Multilevel Relations. IEEE Symposium on Research in Security and Privacy. Oakland. 1990.Google Scholar
  18. [Jaj90b]
    S. Jajodia, B. Kogan. Transaction Processing in Multilevel Secure Database Using the Replicated Architecture. Proc. of the 1990 IEEE Symposium on Research in Security and Privacy. 1990.Google Scholar
  19. [Jaj90c]
    S. Jajodia and B. Kogan. Integrating an object-oriented data model with multi-level security. Proc. of the 1990 IEEE Symposium on Security and Privacy. 1990.Google Scholar
  20. [Jaj90d]
    S. Jaiodia and R. Sandhu and E. Sibley. Update Semantics for Multilevel Relations. Proc. of the Sixth Annual Computer Security Applications Conference. Tucson Arizona. 1990.Google Scholar
  21. [Jaj91]
    S. Jajodia and R. Sandhu. A novel Decomposition of Multilevel Relations Into Single-level Relations. IEEE Symposium on Research in Security and Privacy. Oakland. 1991.Google Scholar
  22. [Kee89]
    T.F. Keefe, W.T. Tsai and M.B. Thuraisingham. SODA: A Secure Object-Oriented Database System. Computer & Security, Vol 8, N °6, 1989.Google Scholar
  23. [Lun90]
    T.F. Lunt. Multilevel Security for Object-Oriented Database Systems. Database Security III: Status and Prospects. Elsevier Science Publisher B.V. (North-Holland). IFIP 1990.Google Scholar
  24. [Lun91]
    T.F. Lunt. Polyinstantiation: an Inevitable Part of a Multilevel World. Proc. of the IEEE Workshop on Computer Security Foundations. Franconia, New Hampshire. June 1991.Google Scholar
  25. [Mil92]
    J.K. Millen and T.F. Lunt. Security for Object-Oriented Database Systems. Proc. of the 1992 IEEE Symposium on Research in Security and Privacy. 1992.Google Scholar
  26. [McC92]
    C. McCollum and L. Notargiacomo. Distributed concurrency control with optional data replication. Database Security V: Status and Prospects. Elsevier Science Publisher B.V. (North-Holland). IFIP 1992Google Scholar
  27. [San90]
    R. Sandhu and S. Jajodia and T. Lunt. A New Polyinstantiation Integrity Constraint for Multilevel Relations. Proc of the Computer Security Foundations Workshop III. Franconia 1990.Google Scholar
  28. [San91]
    R. Sandhu and S. Jajodia. Honest Databases That Can Keep Secrets. Proc. of the 14th National Computer Security Conference. 1991Google Scholar
  29. [Var91]
    V. Varadharajan and S. Black. Multilevel Security in a Distributed Object-Oriented System. Computer & Security, 10 (1991).Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1994

Authors and Affiliations

  • N. Boulahia-Cuppens
    • 1
  • F. Cuppens
    • 1
  • A. Gabillon
    • 1
  • K. Yazdanian
    • 1
  1. 1.ONERA/CERTToulouse cedexFrance

Personalised recommendations