Abstract
In the Summer of 1982, the Committee on Multilevel Data Management Sccurity conducted a Summer Study to identify the formal mathematical concepts, policy issues, techniques and technology required to create certifiable multilevel secure database management systems and applications. Since then, several efforts have been undertaken to apply the findings and recommendations of the published study. Also since the study was conducted, criteria have been written to identify (or mandate) requirements for the evaluation, procurement specification or certification of trusted operating systems and networks, and such criteria are currently being drafted and reviewed for trusted database management systems. This paper assesses the status and trends being taken in current trusted database management technology and applied research in the United States.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Joachim Biskup. “Protection of Privacy and Confidentiality in Medical Information Systems: Problems and Guidelines”, in Workshop on Database Security Monterey, California, September 1888. IFIP WG 11.3.
David A. Bonyun, Michael J. Grohn, et al. A Model of a Protected Data Management System. Technical Report ESD-TR-7 6-289, ESD/Air Force Systems Command, Hanscom Air Force Base, Massachusetts, June 1976.
John R. Campbell. “An Interim Report on the Development of Secure Database Prototypes at the National Computer Security Center”, in Workshop on Database Security Monterey, California, September 1989. IFIP WG 11.3.
D. E. Deuning et al. A Multilevel Relational Data Model. in Proc. 1987 IEEE Symp. Security and Privacy pages 220–234, Oakland, CA, 1987.
D.E. Denning et al. The SeaView Formal Security Policy Model. Technical Report A003: Interim Report, SRI for RADC, July 1987.
D.E. Denning et al. “The SeaView Security Model”. in Proceedings, 1988 Symposium on Security and Privacy. IEEE, April 1988.
Dorothy E. R. Denning. “Commutative Filters for Reducing Inference Threats in Multilevel Database Systems”. in IEEE Symposium on Computer Security and Privacy. IEEE, April 1987.
John Dobson. “Conversation Structures as a Means of Specifying Security Policy”. in Workshop on Database Security, Monterey, California, September 1989. IFIP WG 11.3.
DoD. Department of Defense Trusted Computer System Evaluation Criteria. DoD 5200.28-STD. Department of Defense, Washington, D. C., 1985.
P. T. Cummings D. A. Fullam et al. “Compartmented Mode Workstation: Results through Prototyping”. in IEEE Symposium on Computer Security and Privacy. IEEE, April 1987.
Richard D. Graubart. “The Integrity-Lock Approach to Secure Database Management”. in IEEE Symposium on Security and Privacy, Oakland, California, 1984. IEEE.
Richard D. Graubart. “Design Overview for Retrofitting Integrity-Lock onto a Commercial DBMS”. in IEEE Symposium on Security and Privacy, Oakland, California, 1985. IEEE.
J. T. Haigh et al. Secure Distributed Data Views. Technical Report F30602-86-C-0003 CDRL A007, Honeywell Inc. Secure Computing Technology Center, June 1989.
M. Harrison, W. Russo, and J. Ullman. “Protection in Operating Systems”. in Communications of the ACM, pages 461–471. ACM, August 1976.
Thomas H. Hinke. “Inference Aggregation Detection in Database Management Systems”. in Proc. 1987 IEEE Symp. Security and Privacy, Oakland, CA, April 1988.
Thomas H. Hinke and Marvin Schaefer. Secure Data Base Management System; Final Report. Technical report, Rome Air Development Center, AFSC, Griffis AFB, Rome, N.Y., November 1975.
R. B. Knode and R. A. Hunt. “Making Databases Secure with TRUDATA Technology”. in AIAA/ASIS/IEEE Third Aerospace Computer Security Conference; Applying Technology to Systems, Orlando, Florida, December 1988. AIAA/ASIS/IEEE.
C. E. Landwehr and C. L. Heitmeyer. Military Message Systems: Requirements and Security ModeL NRL Memorandum Report 4925, Computer Science and Systems Branch, Information Technology Division, Naval Research Laboratory, September 1982.
Dr. Henry C. Lefkovits et al. Multilevel Secure Entity-Relationship DBMS. Technical Report RADC-TR-88310, AOG Systems Corporation, January 1989.
Teresa F. Lunt et al. “A Near-Term Design for the SeaView Multilevel Database System”. in 1988 IEEE Symposium on Computer Security and Privacy, Oakland, CA, April 1988. IEEE.
Teresa F. Lunt et al. “Element-Level Classification with A1 Assurance”. Computers and Security, 1988.
John A. McDermid and Ernest S. Hocking. “Security Policies for Integrated Project Support Environments”, in Workshop on Database Security, Monterey, California, September 1989. IFIP WG 11.3.
Catherine Meadows. “Constructing Containers Using a Multilevel Data Model”, in Workshop on Database Security. IFIP WG 11.3, September 1989.
NCSC. Proceedings of the National Computer Security Center Invitational Workshop on Database Security. National Computer Security Center, Baltimore, Maryland, June 1986.
NCSC. Trusted Network Interpretation. Technical Report NCSC-TG-005, National Compater Security Center, Baltimore, Maryland, 1987.
LouAnna Notargiacomo, Catherine D. Jensen, et al. Secure Distributed Database Management System (SD-DBMS). Technical Report TM-WD-8905/022, VNiSYS, February 1989.
Committee on Multilevel Data Management Security. Multilevel Data Management Security. Air Force Studies Board, National Research Council, National Academy Press, Washington, D.C., 1983.
P. A. Rougeau and E. D. Sturms. “The Sybase Secure Dataserver: A Solution to the Multilevel Secure DBMS. Problem”. in Proceedings of the 10th National Computer Security Conference, Baltimore, Maryland, September 1987.
M. Schaefer et al. “Auditing: A Relevant Contribution to Trusted Database Management Systems”. in Proceedings of the Fifth Annual Computer Security Applications Conference, Tucson, Arisona, December 1989. AIAA/ASIS/IEEE.
M. Schaefer and R. Schell. “Toward an understanding of extensible architectures for evaluated trusted computer system products”. in IEEE Symposium on Security and Privacy, pages 41–49, Oakland, CA, April 1984.
Lawrence J. Shirley and Roger R. Schell. “Mechanism Sufficiency Validation By Assignment”. in Proceedings of the 1981 Symposium on Security and Privacy, pages 26–32, Oakland, CA, April 1981.
William R. Shockley and Roger R. Schell. “TCB Subsets for Incremental Evaluation”. in AIAA/ASIS/IEEE Third Aerospace Computer Security Conference: Applying Technology to Systems, Orlando, Florida, December 1987. AIAA/ASIS/IEEE.
Gary W. Smith. “Inference and Aggregation Security Attach Analysis”. Technical report, George Mason University, Fairfax, Virginia, September 1988.
T. C. Ting. “Application Information Security Semantics: A Case of Mental Health Delivery”. in Workshop on Database Security, Monterey, California, September 1989. IFIP WG 11.3.
B. T. Tretick, M. R. Cornwell, C. E. Landwehr, et al. User’s Manual to the Secure Military Message System M2 Prototype. Technical Report NRL Memorandum Report 5757, Naval Research Laboratory, Washington, DC, March 1986.
Linda Vetter, Bill Maimone, et al. Oracle RDBMS Database Administrator’s Guide. version 6.0. Oracle, Corp., 1989.
John P. L. Woodward. “Exploiting the Dual Nature of Sensitivity Labels”. in IEEE Symposium on Computer Security and Privacy. IEEE, April 1987.
T. D. Wormington and C. E. Giesler. Secure DBMS. Technical Report RADC-TR-81-394, Harris Corporation, February 1982.
Editor information
Rights and permissions
Copyright information
© 1991 Friedr. Vieweg & Sohn Verlagsgesellschaft mbH, Braunschweig
About this chapter
Cite this chapter
Schaefer, M. (1991). State of the Art and Trends in Trusted DBMS. In: Cerny, D., Kersten, H. (eds) Sicherheitsaspekte in der Informationstechnik. Vieweg+Teubner Verlag. https://doi.org/10.1007/978-3-322-83911-4_9
Download citation
DOI: https://doi.org/10.1007/978-3-322-83911-4_9
Publisher Name: Vieweg+Teubner Verlag
Print ISBN: 978-3-528-05157-0
Online ISBN: 978-3-322-83911-4
eBook Packages: Springer Book Archive