The SeaView security model

Denning, Dorothy E.; Lunt, Teresa F.; Schell, Roger R.; Shockley, W.R.; Heckman, Mark

doi:10.1109/secpri.1988.8114

Cited by 81 publications

(32 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…If an index only plan is selected then the label column is not available and therefore the access rules from the label access policy associated with the table cannot be evaluated. MLS RDBMS extended the primary key on an MLS relation with the security label column in order to allow the simultaneous existence of multiple tuples with the same (non extended) primary key (i.e., polyinstantiation) [1]. We borrow this idea from the MLS work to extend every index created on a labeled table (including the primary key) with the row label column(s).…”

Section: Index-only Access Methodsmentioning

confidence: 99%

“…The Sea View model [1] was the pioneering formal multilevel secure relational database designed to provide mandatory access control. It extended the concept of a database relation to include the security labels.…”

Section: Multilevel Secure Relational Database Modelsmentioning

confidence: 99%

“…The Sea View model also coined the concept of polyinstantiation, which refers to the simultaneous existence of multiple tuples with the same primary key, where such tuples are distinguished by their security labels. In order to avoid covert channels, subjects with different security labels are allowed to operate on the same database relation through the use of polyinstantiation [1]. The Jajodia-Sandhu model [2] was derived from the Sea View model.…”

Section: Multilevel Secure Relational Database Modelsmentioning

confidence: 99%

See 2 more Smart Citations

A Multi-Purpose Implementation of Mandatory Access Control in Relational Database Management Systems

RJAIBI¹,

BIRD²

2004

Proceedings 2004 VLDB Conference

View full text Add to dashboard Cite

Mandatory Access Control (MAC) implementations in Relational Database Management Systems (RDBMS) have focused solely on Multilevel Security (MLS). MLS has posed a number of challenging problems to the database research community, and there has been an abundance of research work to address those problems. Unfortunately, the use of MLS RDBMS has been restricted to a few government organizations where MLS is of paramount importance such as the intelligence community and the Department of Defense. The implication of this is that the investment of building an MLS RDBMS cannot be leveraged to serve the needs of application domains where there is a desire to control access to objects based on the label associated with that object and the label associated with the subject accessing that object, but where the label access rules and the label structure do not necessarily match the MLS two security rules and the MLS label structure. This paper introduces a flexible and generic implementation of MAC in RDBMS that can be used to address the requirements from a variety of application domains, as well as to allow an RDBMS to efficiently take part in an end-to-end MAC enterprise solution. The paper also discusses the extensions made to the SQL compiler component of an RDBMS to incorporate the label

show abstract

Section: Index-only Access Methodsmentioning

confidence: 99%

Section: Multilevel Secure Relational Database Modelsmentioning

confidence: 99%

Section: Multilevel Secure Relational Database Modelsmentioning

confidence: 99%

See 1 more Smart Citation

A Multi-Purpose Implementation of Mandatory Access Control in Relational Database Management Systems

RJAIBI¹,

BIRD²

2004

Proceedings 2004 VLDB Conference

View full text Add to dashboard Cite

show abstract

“…As shown, the response time increases as the granularity of labeling scheme becomes 7 To measure the response time of a query, we measured the time to retrieve the selected tuples into a relation; thus, the reported response times here include the time for inserting the selected tuples, in addition to the time for retrieving the tuples. 8 As we had not implemented the query modification algorithm, each query was modified manually before the experiment. Our future work includes a full implementation of the query modification method in a public domain database management system.…”

Section: Methodsmentioning

confidence: 99%

“…Previous work on multilevel secure relational databases [14,4,15,8] also provides many valuable insights for designing a fine-grained secure data model. In a multilevel relational database system, every piece of information is classified into a security level, and every user is assigned a security clearance.…”

Section: Related Workmentioning

confidence: 99%

Relational Database Systems

Schmidt¹,

Brodie²

1983

View full text Add to dashboard Cite

In this paper, we present a comprehensive approach for privacy preserving access control based on the notion of purpose. Purpose information associated with a given data element specifies the intended use of the data element, and our model allows multiple purposes to be associated with each data element. A key feature of our model is that it also supports explicit prohibitions, thus allowing privacy officers to specify that some data should not be used for certain purposes. Another important issue addressed in this paper is the granularity of data labeling, that is, the units of data with which purposes can be associated. We address this issue in the context of relational databases and propose four different labeling schemes, each providing a different granularity. In the paper we also propose an approach to representing purpose information, which results in very low storage overhead, and we exploit query modification techniques to support data access control based on purpose information.

show abstract