Kurzfassung
Der Artikel stellt Datenbankmanagementsysteme (DBMSe) mit Zielrichtung der Realisierung eines hohen Informationsschutzes vor. Die einzelnen Systeme beinhalten benutzerbestimmbare Zugriffskontrolle, regelbasierende Zugriffskontrolle oder unterstützen das Privacy-Modell. Es wird kurz auf die theoretischen Voraussetzungen für vertrauenswürdige DBMSe eingegangen bevor SeaView, LDV, ASD_Views, Trudata, Sword und DORIS hinsichtlich logischem Datenmodell, Sicherheitspolitik und Systemarchitektur betrachtet werden.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Literatur
Trusted Computer System Evaluation Criteria. US National Computer Security Center,1985. DoD 5200.28-STD.
IT Security Criteria. Criteria for the Evaluation of Trustworthiness of Information Technology (IT) Systems. German Information Security Agency, 1989.
The Canadian Trusted Computer Product Evaluation Criteria. Canadian System Security Centre. Version 2.1e, July 1991.
Information Technology Security Evaluation Criteria (ITSEC), Provisional Harmonized Criteria. June 1991. Commission of the European Communities,Brussels.
Trusted Database Management Interpretation of the Trusted Computer System Evaluation Criteria. US National Computer Security Center,August 1990, NCSC-TG021, Version 1.
P. P. Griffiths, B. W. Wade. An authorization mechanism for a relational database system. ACM Trans. on Database Systems (TODS), Vol. 1, Nr. 3 (1976), 242–253.
M. Stonebraker, P. Rubinstein. The Ingres Protection System. Proc. 1976 ACM Annual Conference.
D. E. Bell and L. J. LaPadula. Secure Computer System: Unified Exposition and Multics Interpretation. Tech. Report MTR-2997, Mitre Corp.,Bedford, Mass., Mar. 1976, available as NTIS AD A023588.
S. Jajodia, R. S. Sandhu. Toward a Multilevel Secure Relational Data Model. Proc. 1991 ACM Intl Conf. on Management of Data (SIGMOD),50–59.
D. E. Denning, T. F. Lunt, R. R. Schell, M. Heckman, W. R. Schockley. A Multilevel Relational Data Model. Proc. 1987 IEEE Symposium on Research in Security and Privacy,220–234.
T. F. Lunt, R. R. Schell, W. R. Shockley, M. Heckman, D. Warren. A Near-Term Design for the SeaView Multilevel Database System. Proc. 1988 IEEE Symposium on Research in Security and Privacy,234–244.
D. E. Denning, T. F. Lunt, R. R. Schell, W. R. Shockley, M. Heckman. The SeaView Security Model. Proc. 1988 IEEE Symposium on Research in Security and Privacy,218–233.
D. Denning, S. Acid, M. Heckman, T. Lunt, M. Morgenstern, P. Neumann, R. Schell. Views for Multilevel Database Security. In: Advances in Computer Security,Volume III, Artech House Inc., 1988. (reprinted from IEEE TOSE, SE-13, 2, 1987),223–233.
T. F. Lunt, D. Denning, R. R. Schell, M. Heckman, W. R. Shockley. The SeaView Security Model. IEEE Trans. on Software Engineering (TOSE), Vol. 16, No. 6 (1990), 593–607.
S. Jajodia and R.S. Sandhu. A Formal Framework for Single Level Decomposition of Multilevel Relations. Proc. IEEE Workshop on Computer Security Foundations, Franconia, New Hampshire, June 1990, 152–158.
S. Jajodia, R. S. Sandhu. A novel decomposition of Multilevel Relations into Single-level Fragments. Proc. 1991 IEEE Symposium on Research in Security and Privacy.
G. Pernul, G. Luef. A Multilevel Secure Relational Data Model Based on Views. Proc. 1991 IEEE Computer Security Applications Conference.
F. Cuppens. K. Yazdanian. A “Natural” Decomposition of Multi-level Relations. Proc. 1992 IEEE Symposium on Research in Security and Privacy.
A. Hentschel. Studie: Sicherheit in Datenbanksystemen, ZFE IS SOF4, Siemens München, Nov. 1991.
J. T. Haigh et al. The LDV Secure Relational DBMS Model. Proc. 4th IFIP WG 11.3 Workshop on Database Security, 1990.
P. D. Stachour, M. B. Thuraisingham. Design of LDV: A multilevel secure relational database management system. IEEE Trans. on Knowledge and Data Engineering (TKDE), Vol. 2, No. 2, (1990), 190–209.
C. Garvey, A. Wu. ASD_Views, Proc. 1988 IEEE Symposium on Research in Security and Privacy, 85–95.
J. Wilson. A Security Policy for an Al DBMS (a Trusted Subject). Proc. 1989 IEEE Symposium on Research in Security and Privacy, 70–84.
R. B. Knode, R. A. Hunt. Making Databases Secure with Trudata Technology. Intercon Systems Corporation. Proc. 1988 IEEE US Nat’l Computer Security Conference.
A. W. Wood. The Sword Model of Multilevel Secure Databases. RSRE Report No. 90008, Malvern, Worcestershire, UK, June 1992.
A. W. Wood, S. R. Lewis, S. R. Wiseman. The Sword Multilevel Secure DBMS. RSRE Report No. 92005, Malvern, Worcestershire, UK, Feb. 1992.
J. Biskup, H. H. Brüggemann. Das datenschutzorientierte Informationssystem DORIS: Stand der Entwicklung und Ausblick. Proc. 2. GI-Fachtagung Verläßliche Informationssysteme (VIS’91), Informatik Fachberichte 271, Springer Verlag 1991.
J. Biskup, H. H. Brüggemann. The Personal Model of Data: Towards a Privacy-Oriented Informtion System. Computers & Security, Vol. 7, North Holland (Elsevier) 1988.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1993 Friedr. Vieweg & Sohn Verlagsgesellschaft mbH, Braunschweig/Wiesbaden
About this chapter
Cite this chapter
Pernul, G., Tjoa, A.M., Hotz-Behofsits, J.T. (1993). Datenbankmanagementsysteme mit hohem Sicherheitsanspruch. In: Weck, G., Horster, P. (eds) Verläßliche Informationssysteme. DuD-Fachbeiträge. Vieweg+Teubner Verlag, Wiesbaden. https://doi.org/10.1007/978-3-322-88782-5_24
Download citation
DOI: https://doi.org/10.1007/978-3-322-88782-5_24
Publisher Name: Vieweg+Teubner Verlag, Wiesbaden
Print ISBN: 978-3-528-05344-4
Online ISBN: 978-3-322-88782-5
eBook Packages: Springer Book Archive