Abstract
Database security has been the subject of active research for the past several years. In the last five years, rapid progress has been made in defining what, security means for such systems and in developing laboratory prototypes and even products that meet those definitions. However, much more work remains to be done in certain key re- search areas. This paper provides an overview of the database security issues for both mandatory and discretionary security and describcs areas of ongoing research.
This work was supported by the U. S. Air Force, RADC. under contract. F30602-89-C-015S.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Robert W. Baldwin. Naming and grouping privileges to simplifysecurity management in large databases. In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy. May 1990.
EHDM Specification and Verification System Version 4.1 User’s Guide. Computer Science Laboratory, SRI International, Menlo Park, CA 94025, November 1988. See [4] for the updates to Version 5.1.
EHDM Specification and Verification System Version 5.0 Description of the EHDM Specification Language. Computer Science Laboratory, SRI International, Menlo Park, CA 94025, January 1990. See [4] for the updates to Version 5.1.
EHDM Specification and Verification System — Version 5.1 Supplement to User’s and Language Manuals. Computer Science Laboratory, SRI International, Menlo Park, CA 94025, April 1990.
J._S. Crow, R. Lee, J. M. Rushby, F. W. von Henke, and R. A. Whitehurst. EHDM verification environment: An overview. In Proceedings of the 11th National Computer Security Conference,October 1988.
D.E. Denning. Cryptography and Data Security. Addison-Wesley, Reading, Massachusetts, 1982.
D.E. Denning, T. F. Lunt, R. R. Schell, M. Heckman, and W. R. Shockley. A multilevel relational data model. In Proceedings of the 1987 IEEE Symposium on Security and Privacy,April 1987.
Department of Defense Trusted Computer System Evaluation Criteria, DOD 5200.28-STD. Department of Defense, December 1985. A. Do
A. Downing, I. Creenberg, and T. F. Lunt. Issues in distributed database security. In Proceedings of the 5th Aerospace Computer Securiiy Conference,December 1989.
D. D. Downs, J. R. Rub, K.C. Kung, and C.S. Jordan. Issues in discretionary access control. In Proceedings of the 1985 IEEE Symposium on Securiiy and Privacy,1985.
T. D. Garvey and T. F. Lunt. Multilevel Security for Knowledge-Based Systems. In Proceedings the EISS Workshop on Database Security,European Institute for System Security, Karlsruhe, W. Germany, April 1990.
T. D. Garvey, T. F. Lunt, and M. E. Stickel. approximate reasoning models for characterizing inference channels. In Proceedings of the Fourth Workshop on the Foundations of Computer Security,June 1991.
G. S. Graham and P. J. Denning. Protection—principles and practice. In Proceedings of the Spring Joint Computer Conference,volume 40, Montvale, New Jersey. 1972. AF1PS Press.
R. D. Graubart and J. P. L. Woodward. A preliminary naval surveillance DBMS security model. In Procttdings of the 1982 IEEE Symposium on Securiiy and Privacy,April 1982.
P. P. Griffiths and B. W. Wade. An authorization mechanism for a relational database system. ACM Transactions on Database Systems,1(3), September 1976.
T. H. Hinke. DBMS trusted computing base taxonomy. In Proceedings of the Third IFIP Workshop on Database Security,September 1989.
T. H. Hinke, C. Garvey, N. Jensen, J. Wilson, and A. Wu. A1 secure DBMS design. In Proceedings of the 11th National Computer Security Conference — Appendix,October 1988.
T. H. Hinke and M. Schaefer. Secure Data Management System. Technical Report RADC-TR-75-266, System Development Corporation, November 1975.
S. Jajodia and B. Kogan. Integrating an object-oriented data model with multilevel security. In Proceedings of the 1990 IEEE Symposium on Security and Privacy,May 1990.
T. F. Keefe, W. T. Tsai, and M. B. Thuraisingham. SODA: A secure object-oriented database system. Technical report, TR89-12, University of Minnesota, Computer Science Department, 1989.
J. Landauer, T. Redmond, and T. Benzel. Formal policies for trusted processes. In Proceedings of the Second Workshop on the Foundations of Computer Security,June 1989.
C. E. Landwehr, C. L. Heitmeyer, and J. McLean. A security model for military message systems. ACM Transactions on Computer Systems,2(3), August 1984.
T. F. Lunt. Access control policies for database systems. In C. E. Landwehr, editor, Database Security 11: Status and Prospects. North Holland, 1989.
T. F. Lunt. Access control policies: Some unanswered questions. Computers and Security,February 1989.
T. F. Lunt. Aggregation and inference: Facts and fallacies. In Proceedings of the 1989 IEEE Symposium on Research in Security and Privacy,May 1989.
T. F. Lunt. Multilevel security for object-oriented database systems. In D. L. Spooner and C. E. Landwehr, editors, Database Security I11: Status and Prospects. Elsevier, 1990.
T. F. Lunt. The true meaning of polyinstantiation: Proposal for an operational semantics for a multilevel relational database system. In Proceedings of the Third RADC Database Security Workshop,June 1990.
T. F. Lunt, D. E. Denning. R. R. Schell, W. R. Shockley, and M. Heckman. The SeaView security model. IEEE Transactions on Software Engineering,June 1990.
T. F. Lunt and D. Hsieh. The SeaView secure database system: A progress report. In Proceedings of the 1990 European Symposium on Research in Computer Security,October 1990.
T. F. Lunt and D. Hsieh. Update semantics for a multilevel relational database system. In Proceedings of the 4th IFIP WG 11.3 Workshop on Databast Security,Halifax, England, September 1990.
T. F. Lunt, R. R. Schell, W. R. Shockley, M. Heckman, and D. Warren. A near-term design for the SeaView multilevel database system. In Proceedings of the 1983 IEEE Symposium on Security and Privacy,April 1988.
T. F. Lunt, R. R. Schell, W. R. Shockley, M. Heckman, and D. Warren. Toward a multilevel relational data language. In Proceedings of the Fourth Atrospact Computer Security Applications Conference,December 19S8.
W. T. Maimone and 1. B. Greenberg. Single-level mulliversion schedulers for multilevel secure database systems. In Proceedings of the Sixth Annual Computer Security Applications Conference,December 1990.
J. K. Milien and T. F. Lunt. Secure knowledge-based systems. Technical Report SRI-CSL-90-04, Computer Science Laboratory, SRI International, Menlo Park, California, August 1989.
P. A. Rougeau and E. D. Sturms. Sybase secure dataserver: A solution to the multilevel secure dbms problem. In Proceedings of the 10th National Computer Security Conference,September 1987.
M. Schaefer and R. R. Schell. Toward an understanding of extensible architectures for evaluated trusted computer system products. In Proceedings of the 1984 IEEE Symposium on Security and Privacy,April 1984.
W. R. Shockley and R. R. Schell. TCB subsetling for incremental evaluation. In Proceedings of tht Third AIAA Conference on Computer Security,December 1987.
P. D. Stachour and B. Thuraisingham. Design of ldv: A multilevel secure relational database management system. IEEE Transactions on Knowledge and Data Engineering,2:2, June 1990.
Friedrich von Henke and John Rushby. Introduction to EUDM. Computer Science Laboratory, SRI International, Menlo Park, CA 94025, September 28, 1988.
Friedrich von Henke, Natarajan Shankar, and John Rushby. Formal Semantics of EHDM. Computer Science Laboratory, SRI International, Menlo Park, CA 94025, January 1990. This document describes EHDM Version 5.0, see [4] for informal descriptions of the changes in Version 5.1.
R. Alan Whitehurst and T. F. Lunt. The SeaView verification. In Proceedings of the Second Workshop on the Foundations of Computer Security,June 1989.
R. Alan Whitehurst and T. F. Lunt. The SeaView verification effort. In Proceedings of the 12th National Computer Security Conference,October 1989.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1991 Springer Fachmedien Wiesbaden
About this chapter
Cite this chapter
Lunt, T.F. (1991). Security in Database Systems - from a Researcher’s View. In: Lippold, H., Schmitz, P., Kersten, H. (eds) Sicherheit in Informationssystemen. Vieweg+Teubner Verlag, Wiesbaden. https://doi.org/10.1007/978-3-322-89434-2_31
Download citation
DOI: https://doi.org/10.1007/978-3-322-89434-2_31
Publisher Name: Vieweg+Teubner Verlag, Wiesbaden
Print ISBN: 978-3-528-05178-5
Online ISBN: 978-3-322-89434-2
eBook Packages: Springer Book Archive