|
|||||
|
|
Modelling data secrecy and integrity |
|
| Authors: | Günther Pernul AMin Tjoa Werner Winiwarter |
| Affiliation: | a Information Systems Department, University of Essen, Universitätsstr. 9, D-45141, Essen, Germany b Institute of Software Technology, Technical University of Vienna, Resselgasse 3, A-1040, Vienna, Austria c Department of Information Science, Faculty of Engineering, Kyoto University, Sakyo, Kyoto, 606-01, Japan |
| Abstract: | The paper describes a semantic data model used as a design environment for multilevel secure database applications. The proposed technique is built around the concept of security classification constraints (security semantics) and takes into account that security restrictions may either have effects on the static part of a system, on the behavior of the system (the system functions), or on both. As security constraints may influence each other appropriate integrity mechanisms are necessary and modelling of a multilevel application must be data as well as function driven. This functionality is included in the proposed semantic data model for multilevel security by developing secure data schemas, secure function schemas, a procedure for alternating iterative refinements on either schema, and a powerful integrity system to check the consistency of the classification constraints and of the multilevel secure database application. |
| Keywords: | Secrecy Integrity Security semantics Database security Information modelling |
| 本文献已被 ScienceDirect 等数据库收录! | |