More Web Proxy on the site http://driver.im/

research-article

The SeaView Security Model

Authors:

W. R. ShockleyAuthors Info & Claims

IEEE Transactions on Software Engineering, Volume 16, Issue 6

Pages 593 - 607

https://doi.org/10.1109/32.55088

Published: 01 June 1990 Publication History

Abstract

A multilevel database is intended to provide the security needed for database systems that contain data at a variety of classifications and serve a set of users having differentclearances. A formal security model for such a system is described. The model is formulated in two layers, one corresponding to a reference monitor that enforces mandatory security, and the second an extension of the standard relational model defining multilevel relations and formalizing policies for labeling new and derived data, data consistency, and discretionary security. The model also defines application-independent properties for entity integrity, referential integrity, and polyinstantiation integrity.

References

[1]

{1} Nat. Comput. Security Center, Dep. Defense Trusted Computer System Evaluation Criteria, Tech. Rep. DOD 5200.28-STD, Dec. 1985.

[2]

{2} T. F. Lunt, D. E. Denning, P. G. Neumann, R. R. Schell, M. Heckman, and W. R. Shockley, Final Report Vol. 1: Security Policy and Policy Interpretation for a Class Al Multilevel Secure Relational Database System. Comput. Sci. Lab., SRI International, Menlo Park, CA, Tech. Rep., 1988.

[3]

{3} T. F. Lunt and R. A. Whitehurst, Final Report Vol. 3A: The SeaView Formal Top Level Specifications. Comput. Sci. Lab., SRI International, Menlo Park, CA, Tech. Rep., 1989.

[4]

{4} T. F. Lunt, R. R. Schell, W. R. Shockley, M. Heckman, and D. Warren, "Toward a multilevel relational data language," in Proc. Fourth Aerospace Computer Security Applications Conf., Orlando, FL, IEEE Computer Society Press, Dec. 1988.

[5]

{5} J. S. Crow, R. Lee, J. M. Rushby, F. W. von Henke, and R. A. Whitehurst, "EHDM verification environment: An overview," in Proc. 11th Nat. Computer Security Conf., Nat. Bureau Standards/ National Computer Security Center, Baltimore, MD, Oct. 1988.

[6]

{6} R. A. Whitehurst and T. F. Lunt, "The SeaView verification," in Proc. Second Workshop Foundations of Computer Security, Franconia, NH, IEEE Computer Society Press, June 1989.

[7]

{7} D. E. Denning, Cryptography and Data Security. Reading, MA: Addison-Wesley, 1982.

Digital Library

[8]

{8} T. F. Lunt, R. R. Schell, W. R. Shockley, M. Heckman, and D. Warren, "A near-term design for the SeaView multilevel database system," in Proc. 1988 IEEE Symp. Security and Privacy, Oakland, CA, IEEE Computer Society Press, Apr. 1988.

[9]

{9} T. F. Lunt, "Multilevel database systems: Meeting class Al," in Database Security II, Status and Prospects. New York: Elsevier Science, Oct. 1988.

[10]

{10} T. H. Hinke and M. Schaefer, "Secure data management system," System Development Corp., Tech. Rep. RADC-TR-75-266, Nov. 1975.

[11]

{11} M. J. Grohn, "A model of a protected data management system," I. P. Sharp Associates Ltd., Tech. Rep. ESD-TR-76-289, June 1976.

[12]

{12} T. H. Hinke, C. Garvey, N. Jensen, J. Wilson, and A. Wu, "Al secure DBMS design," in Postscript to Proc. 11th Nat. Computer Security Conf., Nat. Bureau Standards/Nat. Comput. Security Center, Baltimore, MD, Oct. 1988.

[13]

{13} R. D. Graubart and J. P. L. Woodward, "A preliminary naval surveillance DBMS security model," in Proc. 1982 IEEE Symp. Security and Privacy., Oakland, CA. IEEE Computer Society Press, Apr. 1982.

[14]

{14} P. Dwyer, E. Onuegbe, P. Stachour, and B. Thuraisingham, "Query processing in LDV: A secure database system," in Proc. Fourth Aerospace Computer Security Applications Conf., Orlando, FL, IEEE Computer Society Press, Dec. 1988.

[15]

{15} O. S. Saydjari, J. M. Beckman, and J. R. Leaman, "LOCK trek: Navigating uncharted space," in Proc. 1989 Symp. Research in Security and Privacy, Oakland, CA, IEEE Computer Society Press, May 1989.

[16]

{16} D. E. Bell and L. J. LaPadula, "Secure computer systems: Unified exposition and multics interpretation," MITRE Corp., Bedford, MA, Tech. Rep. ESD-TR-75-306, Mar. 1976.

[17]

{17} R. R. Schell, T. F. Tao, and M. Heckman, "Designing the GEMSOS security kernel for security and performance," in Proc. 8th Nat. Computer Security Conf., Nat. Bureau Standards/Nat. Comput. Security Center, 1985.

[18]

{18} T. F. Lunt, D. E. Denning, R. R. Schell, M. Heckman, and W. R. Shockley, "Final report Vol. 2: The SeaView formal security policy model," Comput. Sci. Lab., SRI International, Menlo Park, CA, Tech. Rep., 1989.

[19]

{19} D. E. Denning, T. F. Lunt, R. R. Schell, W. R. Shockley, and M. Heckman, "The SeaView security model," in Proc. 1988 IEEE Symp. Security and Privacy., Oakland, CA, IEEE Computer Society Press, Apr. 1988.

[20]

{20} S. Jajodia and R. Sandhu, "Polyinstantiation integrity in multilevel relations," Center of Excellence for Command, Contr., Commun., Intell., George Mason Univ., Fairfax, VA, unpublished paper, 1989.

[21]

{21} G. E. Gajnak, "Some results from the entity/relationship multilevel secure DBMS project," in Proc. Fourth Aerospace Computer Security Applications Conf., Orlando, FL, IEEE Computer Society Press, Dec. 1988.

[22]

{22} D. E. Denning, T. F. Lunt, R. R. Schell, M. Heckman, and W. R. Shockley, "A multilevel relational data model," in Proc. 1987 IEEE Symp. Security and Privacy., Oakland, CA, IEEE Computer Society Press, Apr. 1987.

[23]

{23} P. P. Griffiths and B. W. Wade, "An authorization mechanism for a relational database system," ACM Trans. Database Syst., vol. 1, no. 3, Sept. 1976.

Digital Library

Cited By

Link S(2022)Object Normal Form, Fourth Normal Form and Their Application to Database SecurityConceptual Modeling10.1007/978-3-031-17995-2_25(349-364)Online publication date: 17-Oct-2022
https://dl.acm.org/doi/10.1007/978-3-031-17995-2_25
Harley KCooper R(2021)Information IntegrityACM Computing Surveys10.1145/343681754:2(1-35)Online publication date: 9-Feb-2021
https://dl.acm.org/doi/10.1145/3436817
Yang JHance TAustin TSolar-Lezama AFlanagan CChong S(2016)Precise, dynamic information flow for database-backed applicationsACM SIGPLAN Notices10.1145/2980983.290809851:6(631-647)Online publication date: 2-Jun-2016
https://dl.acm.org/doi/10.1145/2980983.2908098
Show More Cited By

Index Terms

The SeaView Security Model

Recommendations

The semantics of an extended referential integrity for a multilevel secure relational data model

To prevent information leakage in multilevel secure data models, the concept of polyinstantiation was inevitably introduced. Unfortunately, when it comes to references through foreign key in multilevel relational data models, the polyinstantiation ...
Design of LDV: A Multilevel Secure Relational Database Management

The authors describe the design of a secure database system,LDV (Lock Data Views), that builds upon the classical security policies for operating systems. LDV is hosted on the LOgical Coprocessing Kernel (LOCK) Trusted Computing Base (TCB). LDVs ...
The SeaView security model
SP'88: Proceedings of the 1988 IEEE conference on Security and privacy

A formal security policy model that uses basic view concepts for a secure multilevel relational database system is described. The model is formulated in two layers, one corresponding to a security kernel or reference monitor that enforces mandatory ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image IEEE Transactions on Software Engineering

IEEE Transactions on Software Engineering Volume 16, Issue 6

June 1990

113 pages

ISSN:0098-5589

Editor:
Victor R. Basili
Univ. of Maryland, College Park

Issue’s Table of Contents

Copyright © Copyright © 1990 IEEE. All Rights Reserved.

Publisher

IEEE Press

Publication History

Published: 01 June 1990

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

68
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Link S(2022)Object Normal Form, Fourth Normal Form and Their Application to Database SecurityConceptual Modeling10.1007/978-3-031-17995-2_25(349-364)Online publication date: 17-Oct-2022
https://dl.acm.org/doi/10.1007/978-3-031-17995-2_25
Harley KCooper R(2021)Information IntegrityACM Computing Surveys10.1145/343681754:2(1-35)Online publication date: 9-Feb-2021
https://dl.acm.org/doi/10.1145/3436817
Yang JHance TAustin TSolar-Lezama AFlanagan CChong S(2016)Precise, dynamic information flow for database-backed applicationsACM SIGPLAN Notices10.1145/2980983.290809851:6(631-647)Online publication date: 2-Jun-2016
https://dl.acm.org/doi/10.1145/2980983.2908098
Yang JHance TAustin TSolar-Lezama AFlanagan CChong SKrintz CBerger E(2016)Precise, dynamic information flow for database-backed applicationsProceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation10.1145/2908080.2908098(631-647)Online publication date: 2-Jun-2016
https://dl.acm.org/doi/10.1145/2908080.2908098
Yost J(2016)The March of IDESIEEE Annals of the History of Computing10.1109/MAHC.2015.4138:4(42-54)Online publication date: 1-Oct-2016
https://dl.acm.org/doi/10.1109/MAHC.2015.41
Biskup J(2016)Selected Results and Related Issues of Confidentiality-Preserving Controlled Interaction ExecutionProceedings of the 9th International Symposium on Foundations of Information and Knowledge Systems - Volume 961610.1007/978-3-319-30024-5_12(211-234)Online publication date: 7-Mar-2016
https://dl.acm.org/doi/10.1007/978-3-319-30024-5_12
Jo HHong SChang JChoi D(2014)Offloading data encryption to GPU in database systemsThe Journal of Supercomputing10.1007/s11227-014-1159-069:1(375-394)Online publication date: 1-Jul-2014
https://dl.acm.org/doi/10.1007/s11227-014-1159-0
Schultz DLiskov BHanzálek ZHärtig HCastro MKaashoek M(2013)IFDBProceedings of the 8th ACM European Conference on Computer Systems10.1145/2465351.2465357(43-56)Online publication date: 15-Apr-2013
https://dl.acm.org/doi/10.1145/2465351.2465357
Bezzi MDe Capitani di Vimercati SForesti SLivraga GSamarati PSassi R(2012)Modeling and preventing inferences from sensitive value distributions in data releaseJournal of Computer Security10.5555/2590602.259060620:4(393-436)Online publication date: 1-Jul-2012
https://dl.acm.org/doi/10.5555/2590602.2590606
Sapra PKumar SRathy RMeghanathan NWozniak M(2012)Performance analysis of decomposition techniques in multilevel secure relational database systemsProceedings of the Second International Conference on Computational Science, Engineering and Information Technology10.1145/2393216.2393307(544-549)Online publication date: 26-Oct-2012
https://dl.acm.org/doi/10.1145/2393216.2393307
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents