Skip to main content
SpringerLink
Log in
Book cover

Sicherheitsaspekte in der Informationstechnik pp 119–143Cite as

State of the Art and Trends in Trusted DBMS

  • Chapter

  • 32 Accesses

Abstract

In the Summer of 1982, the Committee on Multilevel Data Management Sccurity conducted a Summer Study to identify the formal mathematical concepts, policy issues, techniques and technology required to create certifiable multilevel secure database management systems and applications. Since then, several efforts have been undertaken to apply the findings and recommendations of the published study. Also since the study was conducted, criteria have been written to identify (or mandate) requirements for the evaluation, procurement specification or certification of trusted operating systems and networks, and such criteria are currently being drafted and reviewed for trusted database management systems. This paper assesses the status and trends being taken in current trusted database management technology and applied research in the United States.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Joachim Biskup. “Protection of Privacy and Confidentiality in Medical Information Systems: Problems and Guidelines”, in Workshop on Database Security Monterey, California, September 1888. IFIP WG 11.3.

    Google Scholar 

  2. David A. Bonyun, Michael J. Grohn, et al. A Model of a Protected Data Management System. Technical Report ESD-TR-7 6-289, ESD/Air Force Systems Command, Hanscom Air Force Base, Massachusetts, June 1976.

    Google Scholar 

  3. John R. Campbell. “An Interim Report on the Development of Secure Database Prototypes at the National Computer Security Center”, in Workshop on Database Security Monterey, California, September 1989. IFIP WG 11.3.

    Google Scholar 

  4. D. E. Deuning et al. A Multilevel Relational Data Model. in Proc. 1987 IEEE Symp. Security and Privacy pages 220–234, Oakland, CA, 1987.

    Google Scholar 

  5. D.E. Denning et al. The SeaView Formal Security Policy Model. Technical Report A003: Interim Report, SRI for RADC, July 1987.

    Google Scholar 

  6. D.E. Denning et al. “The SeaView Security Model”. in Proceedings, 1988 Symposium on Security and Privacy. IEEE, April 1988.

    Google Scholar 

  7. Dorothy E. R. Denning. “Commutative Filters for Reducing Inference Threats in Multilevel Database Systems”. in IEEE Symposium on Computer Security and Privacy. IEEE, April 1987.

    Google Scholar 

  8. John Dobson. “Conversation Structures as a Means of Specifying Security Policy”. in Workshop on Database Security, Monterey, California, September 1989. IFIP WG 11.3.

    Google Scholar 

  9. DoD. Department of Defense Trusted Computer System Evaluation Criteria. DoD 5200.28-STD. Department of Defense, Washington, D. C., 1985.

    Google Scholar 

  10. P. T. Cummings D. A. Fullam et al. “Compartmented Mode Workstation: Results through Prototyping”. in IEEE Symposium on Computer Security and Privacy. IEEE, April 1987.

    Google Scholar 

  11. Richard D. Graubart. “The Integrity-Lock Approach to Secure Database Management”. in IEEE Symposium on Security and Privacy, Oakland, California, 1984. IEEE.

    Google Scholar 

  12. Richard D. Graubart. “Design Overview for Retrofitting Integrity-Lock onto a Commercial DBMS”. in IEEE Symposium on Security and Privacy, Oakland, California, 1985. IEEE.

    Google Scholar 

  13. J. T. Haigh et al. Secure Distributed Data Views. Technical Report F30602-86-C-0003 CDRL A007, Honeywell Inc. Secure Computing Technology Center, June 1989.

    Google Scholar 

  14. M. Harrison, W. Russo, and J. Ullman. “Protection in Operating Systems”. in Communications of the ACM, pages 461–471. ACM, August 1976.

    Google Scholar 

  15. Thomas H. Hinke. “Inference Aggregation Detection in Database Management Systems”. in Proc. 1987 IEEE Symp. Security and Privacy, Oakland, CA, April 1988.

    Google Scholar 

  16. Thomas H. Hinke and Marvin Schaefer. Secure Data Base Management System; Final Report. Technical report, Rome Air Development Center, AFSC, Griffis AFB, Rome, N.Y., November 1975.

    Google Scholar 

  17. R. B. Knode and R. A. Hunt. “Making Databases Secure with TRUDATA Technology”. in AIAA/ASIS/IEEE Third Aerospace Computer Security Conference; Applying Technology to Systems, Orlando, Florida, December 1988. AIAA/ASIS/IEEE.

    Google Scholar 

  18. C. E. Landwehr and C. L. Heitmeyer. Military Message Systems: Requirements and Security ModeL NRL Memorandum Report 4925, Computer Science and Systems Branch, Information Technology Division, Naval Research Laboratory, September 1982.

    Google Scholar 

  19. Dr. Henry C. Lefkovits et al. Multilevel Secure Entity-Relationship DBMS. Technical Report RADC-TR-88310, AOG Systems Corporation, January 1989.

    Google Scholar 

  20. Teresa F. Lunt et al. “A Near-Term Design for the SeaView Multilevel Database System”. in 1988 IEEE Symposium on Computer Security and Privacy, Oakland, CA, April 1988. IEEE.

    Google Scholar 

  21. Teresa F. Lunt et al. “Element-Level Classification with A1 Assurance”. Computers and Security, 1988.

    Google Scholar 

  22. John A. McDermid and Ernest S. Hocking. “Security Policies for Integrated Project Support Environments”, in Workshop on Database Security, Monterey, California, September 1989. IFIP WG 11.3.

    Google Scholar 

  23. Catherine Meadows. “Constructing Containers Using a Multilevel Data Model”, in Workshop on Database Security. IFIP WG 11.3, September 1989.

    Google Scholar 

  24. NCSC. Proceedings of the National Computer Security Center Invitational Workshop on Database Security. National Computer Security Center, Baltimore, Maryland, June 1986.

    Google Scholar 

  25. NCSC. Trusted Network Interpretation. Technical Report NCSC-TG-005, National Compater Security Center, Baltimore, Maryland, 1987.

    Google Scholar 

  26. LouAnna Notargiacomo, Catherine D. Jensen, et al. Secure Distributed Database Management System (SD-DBMS). Technical Report TM-WD-8905/022, VNiSYS, February 1989.

    Google Scholar 

  27. Committee on Multilevel Data Management Security. Multilevel Data Management Security. Air Force Studies Board, National Research Council, National Academy Press, Washington, D.C., 1983.

    Google Scholar 

  28. P. A. Rougeau and E. D. Sturms. “The Sybase Secure Dataserver: A Solution to the Multilevel Secure DBMS. Problem”. in Proceedings of the 10th National Computer Security Conference, Baltimore, Maryland, September 1987.

    Google Scholar 

  29. M. Schaefer et al. “Auditing: A Relevant Contribution to Trusted Database Management Systems”. in Proceedings of the Fifth Annual Computer Security Applications Conference, Tucson, Arisona, December 1989. AIAA/ASIS/IEEE.

    Google Scholar 

  30. M. Schaefer and R. Schell. “Toward an understanding of extensible architectures for evaluated trusted computer system products”. in IEEE Symposium on Security and Privacy, pages 41–49, Oakland, CA, April 1984.

    Google Scholar 

  31. Lawrence J. Shirley and Roger R. Schell. “Mechanism Sufficiency Validation By Assignment”. in Proceedings of the 1981 Symposium on Security and Privacy, pages 26–32, Oakland, CA, April 1981.

    Google Scholar 

  32. William R. Shockley and Roger R. Schell. “TCB Subsets for Incremental Evaluation”. in AIAA/ASIS/IEEE Third Aerospace Computer Security Conference: Applying Technology to Systems, Orlando, Florida, December 1987. AIAA/ASIS/IEEE.

    Google Scholar 

  33. Gary W. Smith. “Inference and Aggregation Security Attach Analysis”. Technical report, George Mason University, Fairfax, Virginia, September 1988.

    Google Scholar 

  34. T. C. Ting. “Application Information Security Semantics: A Case of Mental Health Delivery”. in Workshop on Database Security, Monterey, California, September 1989. IFIP WG 11.3.

    Google Scholar 

  35. B. T. Tretick, M. R. Cornwell, C. E. Landwehr, et al. User’s Manual to the Secure Military Message System M2 Prototype. Technical Report NRL Memorandum Report 5757, Naval Research Laboratory, Washington, DC, March 1986.

    Google Scholar 

  36. Linda Vetter, Bill Maimone, et al. Oracle RDBMS Database Administrator’s Guide. version 6.0. Oracle, Corp., 1989.

    Google Scholar 

  37. John P. L. Woodward. “Exploiting the Dual Nature of Sensitivity Labels”. in IEEE Symposium on Computer Security and Privacy. IEEE, April 1987.

    Google Scholar 

  38. T. D. Wormington and C. E. Giesler. Secure DBMS. Technical Report RADC-TR-81-394, Harris Corporation, February 1982.

    Google Scholar 

Download references

Authors
  1. Marvin Schaefer
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Dietrich Cerny Heinrich Kersten

Rights and permissions

Reprints and permissions

Copyright information

© 1991 Friedr. Vieweg & Sohn Verlagsgesellschaft mbH, Braunschweig

About this chapter

Cite this chapter

Schaefer, M. (1991). State of the Art and Trends in Trusted DBMS. In: Cerny, D., Kersten, H. (eds) Sicherheitsaspekte in der Informationstechnik. Vieweg+Teubner Verlag. https://doi.org/10.1007/978-3-322-83911-4_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-322-83911-4_9

  • Publisher Name: Vieweg+Teubner Verlag

  • Print ISBN: 978-3-528-05157-0

  • Online ISBN: 978-3-322-83911-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation