Abstract
SeaView is a multilevel secure database system targeted for Class A1. SeaView provides for individual data elements to be labeled with their classifications. SeaView has defined a query language called MSQL, for multilevel SQL, that allows data to be manipulated and controlled based on their classifications. The MSQL operations have been specified in a formal language and have been partially verified, using an automated theorem prover, to correspond to the SeaView security model. SeaView’s design makes use of existing security kernel and database technology so as to be quickly implementable.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
T. A Berson and T. F. Lunt. Multilevel security for knowledge-based systems. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, April 1987.
National Computer Security Center. Department of defense trusted computer system evaluation criteria. Technical Report DOD 5200.28-STD, Department of Defense, December 1985.
J. S. Crow, S. T. Jefferson, R. Lee, P. M. Melliar-Smith, J. M. Rushby, R. L. Schwartz, R. E. Shostak, and F. W. von Henke. SRI specification and verification system version 3.1 — user’s guide. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, October 1986.
J. S. Crow, S. T. Jefferson, R. Lee, P. M. Melliar-Smith, J. M. Rushby, R. L. Schwartz, R. E. Shostak, and F. W. von Henke. SRI specification and verification system version 3.0 — preliminary definition of the revised special specification language. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, May 1986.
J. S. Crow, R. Lee, J. M. Rushby, F. W. von Henke, and R. A. Whitehurst. EHDM verification environment: An overview. In Proceedings of the 11th National Computer Security Conference, October 1988.
D. E. Denning. Cryptography and Data Security. Addison-Wesley, Reading, Massachusetts, 1982.
D. E. Denning. The inference problem in multilevel database systems. In Proceedings of the National Computer Security Center Invitational Workshop on Database Management Security, June 1986.
D. E. Denning. Secure databases and safety: Some unexpected conflicts. In Proceedings of the Safety and Security Symposium, Centre for Software Reliability, October 1986.
D. E. Denning, T. F. Lunt, R. R. Schell, M. Heckman, and W. R. Shockley. A multilevel relational data model. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, April 1987.
T. F. Lunt and T. A. Berson. Security considerations for knowledge-based systems. In Proceedings of the Third Expert Systems in Government Conference, October 1987.
T. F. Lunt, A. Downing, and I. Greenberg. Issues in distributed database security. In Proceedings of the 5th Aerospace Computer Security Conference, December 1989.
T. F. Lunt, D. E. Denning, P. G. Neumann, R. R. Schell, M. Heckman, and W. R. Shockley. Final report Vol. 1: Security policy and policy interpretation for a class A1 multilevel secure relational database system. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, 1988.
T. F. Lunt, D. E. Denning, R. R. Schell, M. Heckman, and W. R. Shockley. Element-level classification with A1 assurance. Computers and Security, February 1988.
T. F. Lunt, D. E. Denning, R. R. Schell, M. Heckman, and W. R. Shockley. Final report Vol. 2: The SeaView formal security policy model. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, 1989.
T. F. Lunt, R. R. Schell, W. R. Shockley, M. Heckman, and D. Warren. A near-term design for the SeaView multilevel database system. In Proceedings of the 1988 IEEE Symposium on Security and Privacy, April 1988.
T. F. Lunt, R. R. Schell, W. R. Shockley, M. Heckman, and D. Warren. Toward a multilevel relational data language. In Proceedings of the Fourth Aerospace Computer Security Applications Conference, December 1988.
T. F. Lunt. Multilevel database systems: Meeting class A1. In Proceedings of the 2nd IFIP WG11.3 Workshop on Database Security, October 1988.
T. F. Lunt. Aggregation and inference: Facts and fallacies. In Proceedings of the 1989 IEEE Symposium on Research in Security and Privacy, May 1989.
T. F. Lunt. Final report Vol. 4: Secure distributed data views: Identification of deficiencies and directions for future research. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, 1989.
T. F. Lunt and R. A. Whitehurst. Final report Vol. 3a: The seaview formal top level specifications. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, 1989.
M. Morgenstern. Security and inference in multilevel database and knowledge-base systems. In Proceedings of the ACM International Conference on Management of Data (SIGMOD-87), May 1987.
M. Morgenstern. Controlling logical inference in multilevel database systems. In Proceedings of the 1988 IEEE Symposium on Security and Privacy, April 1988.
R. R. Schell and D. E. Denning. Integrity in trusted database systems. In Proceedings of the 9th National Computer Security Conference, 1986.
R. Alan Whitehurst and T. F. Lunt. Final report Vol. 3b: The SeaView formal verification: Proofs. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, 1989.
R. Alan Whitehurst and T. F. Lunt. The SeaView verification. In Proceedings of the Second Workshop on the Foundations of Computer Security, June 1989.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1992 Springer-Verlag New York, Inc.
About this chapter
Cite this chapter
Lunt, T.F. (1992). SeaView. In: Lunt, T.F. (eds) Research Directions in Database Security. Springer, New York, NY. https://doi.org/10.1007/978-1-4612-2870-7_2
Download citation
DOI: https://doi.org/10.1007/978-1-4612-2870-7_2
Publisher Name: Springer, New York, NY
Print ISBN: 978-0-387-97736-2
Online ISBN: 978-1-4612-2870-7
eBook Packages: Springer Book Archive