Design and implementation of a database inference controller |
| |
Authors: | Bhavani Thuraisingham William Ford Marie Collins Jonathan O'Keeffe |
| |
Affiliation: | The MITRE Corporation, Burlington Road, Bedford, MA 01730, USA |
| |
Abstract: | The Inference Problem compromises database systems which are usually considered to be secure. here, users pose sets of queries and infer unauthorized information from the responses that they obtain. An Inference Controller is a device that prevents and/or detects security violations via inference. We are particularly interested in the inference problem which occurs in a multilevel operating environment. In such an environment, the users are cleared at different security levels and they access a multilevel database where the data is classified at different sensitivity levels. A multilevel secure database management system (MLS/DBMS) manages a multilevel database where its users cannot access data to which they are not authorized. However, providing a solution to the inference problem, where users issue multiple requests and consequently infer unauthorized knowledge is beyond the capability of currently available MLS/DBMSs. This paper describes the design and prototype development of an Inference Controller for a MLS/DBMS that functions during query processing. To our knowledge this is the first such inference controller prototype to be developed. We also describe some extensions to the inference controller so that an integrated solution can be provided to the problem. |
| |
Keywords: | Multilevel Secure Database Management System inference problem inference controller security constraints |
本文献已被 ScienceDirect 等数据库收录! |