Abstract
When implementing a multilevel security policy for Object-Oriented Databases (OODBs), several aspects have to be investigated. One of these aspect is the design of multilevel OODBs. In an OODB, data are organized in a complex structure built using different constructs (classes, objects, attributes, links ...). Therefore, a first problem is to determine what constructs of the object-oriented model should be associated with a security level. A second problem is then to define semantics for each assignment of a security level to an object-oriented construct. While assigning the security levels, we have also to be careful with the inference problems which may occur due to the integrity constraints inherent in the object-oriented paradigm. Therefore, a last purpose of this paper is to define a set of general rules to cope with this problem.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
N. Boulahia-Cuppens, F. Cuppens, A. Gabillon and K. Yazdanian. Decomposition of Multilevel Objects in an Object-Oriented Database. In European Symposium on Research in Computer Security. UK 1994. Springer Verlag.
E. Bertino, S. Jajodia. Modelling Multilevel Entities Using Single Level Objects. Proc. of the 3th international conference on Deductive and Object-Oriented Databases (DOOD93).
D. Bell and L. LaPadula. Secure Computer Systems: Unified Exposition and Multics Interpretation. Technical Report ESD-TR-75-306, MTR 2997, MITRE, Bedford, Mass. 1975.
F. Cuppens and A. Gabillon. A Logical Approach to Model a Multilevel Object-Oriented Database. Proc. of the 10th Annual IFIP WG 11.3 Working Conference on Database Security. Como Italy. 1996.
S. Demurjian, M. Hu, T. Dagget and T. Ting. User-Role Based Security Enforcement Mechanisms for Object-Oriented Systems and Applications. Proc. IFIP WG 11.3 Workshop on Database Security. Rensselaer USA. 1995.
D. Denning, T. Lunt, R. Schell, W. Shockley and M. Heckman. The Sea View Security Model. Proc. of the 1988 IEEE Symposium on Research in Security and Privacy. Oakland. 1988.
A. Gabillon. Sécurite multi-niveaux dans les bases de données à objets. Ph.D. dissertation. ENSAE 1995.
S. Jajodia and B. Kogan. Integrating an Object-Oriented Data Model with Multilevel Security. Proc. of the 1990 IEEE Symposium on Security and Privacy. Oakland. 1990.
T. Keefe, W. Tsai and B. Thuraisingham. SODA: A Secure Object-Oriented Database System. Computer and Security, 8(6), 1989.
T.F. Lunt. Multilevel Security for Object-Oriented Database Systems. In D.L. Spooner and C. Landwehr editors. Database Security III: Status and Prospects. North-Holland 1990. Result of the IFIP WG 11.3 Workshop on Database Security.
J.K. Millen and T.F. Lunt. Security for Object-Oriented Database Systems. Proc. of the 1992 IEEE Symposium on Research in Security and Privacy. Oakland. 1992.
D. Marks, P. Sell and B. Thuraisingham. MOMT: A Multilevel Object Modelling Technique for designing secure database applications. Journal of Object-Oriented Programming. July–August 1996.
M. Olivier and S. Von Solms. A Taxonomy for Secure Object-Oriented Databases. ACM Transactions on Database Systems. Vol 19 (1). March 1994.
H. Pfefferle, M. Hartig, K. Dittrich. Discretionary Access Control in Structurally Object-Oriented Database Systems. Proc. IFIP WG 11.3 Workshop on Database Security. 1988.
V. Varadharajan and S. Black. Multilevel Security in a Distributed Object-Oriented System. Computer and Security, Vol 10. 1991.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cuppens, F., Gabillon, A. (1998). Rules for designing multilevel Object-Oriented Databases. In: Quisquater, JJ., Deswarte, Y., Meadows, C., Gollmann, D. (eds) Computer Security — ESORICS 98. ESORICS 1998. Lecture Notes in Computer Science, vol 1485. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055862
Download citation
DOI: https://doi.org/10.1007/BFb0055862
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65004-1
Online ISBN: 978-3-540-49784-4
eBook Packages: Springer Book Archive