This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Design of LDV: A Multilevel Secure Relational Database Management
June 1990 (vol. 2 no. 2)
pp. 190-209
ASCII Text
x 
 
P.D. Stachour, B. Thuraisingham, "Design of LDV: A Multilevel Secure Relational Database Management," IEEE Transactions on Knowledge and Data Engineering, vol. 2, no. 2, pp. 190-209, June, 1990.
 
 
BibTex
x
 
@article{ 10.1109/69.54719,
author = {P.D. Stachour and B. Thuraisingham},
title = {Design of LDV: A Multilevel Secure Relational Database Management},
journal ={IEEE Transactions on Knowledge and Data Engineering},
volume = {2},
number = {2},
issn = {1041-4347},
year = {1990},
pages = {190-209},
doi = {http://doi.ieeecomputersociety.org/10.1109/69.54719},
publisher = {IEEE Computer Society},
address = {Los Alamitos, CA, USA},
}
 
 
RefWorks Procite/RefMan/Endnote
x 
 
TY - JOUR
JO - IEEE Transactions on Knowledge and Data Engineering
TI - Design of LDV: A Multilevel Secure Relational Database Management
IS - 2
SN - 1041-4347
SP190
EP209
EPD - 190-209
A1 - P.D. Stachour,
A1 - B. Thuraisingham,
PY - 1990
KW - classification level; polyinstantiation; type enforcement; multilevel secure relational database management system; secure database system; LDV; Lock Data Views; LOgical Coprocessing Kernel; LOCK; Trusted Computing Base; assured pipelines; metadata management; security policy; query processor; update processor; operating system; inference; aggregation; relational databases; security of data
VL - 2
JA - IEEE Transactions on Knowledge and Data Engineering
ER -
 

The authors describe the design of a secure database system,LDV (Lock Data Views), that builds upon the classical security policies for operating systems. LDV is hosted on the LOgical Coprocessing Kernel (LOCK) Trusted Computing Base (TCB). LDVs security policy builds on the security policy of LOCK. Its design is based on three assured pipelines for the query, update, and metadata management operations. The authors describe the security policy of LDV, its system architecture, the designs of the query processor, the update processor, the metadata manager, and the operating system issues. LDVs solutions to the inference and aggregation problems are also described.

[1] "ANSI SQL," American National Standards Institute, ANSI X3H2- 86-2, Jan. 1986.
[2] "ISO-ANSI Database Language SQL2," International Organization for Standardization and American National Standards Institute, ANSI X3H2-88-259, July 1988.
[3] D. E. Bell and L. J. LaPadula, "Secure computer system: Unified exposition and multics interpretation," Tech. Rep., MTR-2997, The MITRE Corp., July 1975.
[4] W. E. Boebert, W. D. Young, R. Y. Kain, and S. A. Hansohn, "Secure Ada target: Issues, system design and verification," inProc. IEEE Symp. Security Privacy, Oakland, CA, 1985, pp. 176-184.
[5] W. E. Boebert and R. Y. Kain, "A practical alternative to hierarchical integrity policies," inProc. 8th Nat. Comput. Security Conf., Gaithersburg, MD, Sept. 1985, pp. 18-27.
[6] F. Bry and R. Manthes, "Checking consistency of database constraints: A logical approach." inProc. Very Large Data Bases Conf., Kyoto, Japan, 1986, pp. 13-20.
[7] E. F. Codd, "A relational model of data for large shared data banks,"Commun. ACM, pp. 377-387, June 1970.
[8] C.J. Date,An Introduction to Database Systems, Vol. II, Addison-Wesley Publishing Co., Reading, Mass., 1983.
[9] D. E. Denning et al., "A multilevel relational data model," inProc. IEEE Symp. Security Privacy, Oakland, CA, Apr. 1987, pp. 220- 234.
[10] "Security Requirements for Automatic Data Processing (ADP) Systems," Department of Defense Number 5200.28, May 6, 1977.
[11] "ADP Security Manual," Department of Defense Number 5200.28M, June 25, 1979.
[12] "Information Security Program Regulations," Dep. of Defense Number 5200.1R, Oct. 2, 1984.
[13] "Trusted Computer Systems Evaluation Criteria." Department of Defense Standard 5200.28.STD, Dec. 26, 1985.
[14] P. A. Dwyer, G. Jelatis, and M. B. Thuraisingham, "Multilevel security in database management systems,"Comput. Security, vol. 6. no. 3, pp. 252-260, June 1987.
[15] P. A. Dwyer, E. Onuegbe, P. Stachour, and M. B. Thuraisingham, "Query processing in LDV: A multilevel secure relational database management system," inProc. 4th Aerospace Comput. Security Conf., IEEE, Orlando, FL, Dec. 1988, pp. 118-124.
[16] T. Hinke and M. Schaefer, "Secure data management system," Tech. Rep. RADC-75-266, Systems Development Corp., Nov. 1975.
[17] "B-level design specification for the LOCK operating system," CDRL A009, Contract MDA 904-87-C-6011, Honeywell Inc., June 1987.
[18] "Secure distributed data views--Security policy extensions," Interim Rep. A002, RADC Contract F30602-86-C-0003, Honeywell Inc., Apr. 1987.
[19] "Secure distributed data views--Implementation specifications," Interim Rep. A003, RADC Contract F30602-86-C-0003, Honeywell Inc., May 1988.
[20] "Secure distributed data views," Final Rep., Vols. 1-6, RADC Contract F30602-86-C-0003, Honeywell Inc., May 1989.
[21] T. F. Keefe, M. B. Thuraisingham, and W. T. Tsai, "Secure query processing strategies,"IEEE Comput. Mag., vol. 22, no. 3. pp. 63- 70, Mar. 1989.
[22] F. Sadri and R. A. Kowalski, "Theorem proving approach to data-base integrity," inFoundations of Deductive Databases, J. Minker, Ed. Morgan Kaufmann, 1988.
[23] P. Stachour, M. B. Thuraisingham, and P. A. Dwyer, "Update processing in LDV: A multilevel secure relational database management system," presented at the 11th National Comput. Security Conf., Baltimore, MD, Oct. 1988.
[24] P. Stachour and M. B. Thuraisingham, "Metadata management in LDV: A multilevel secure relational database management system," Tech. Note, Honeywell Inc.. Dec. 1988.
[25] P. Stachour and M. B. Thuraisingham, "Operating system support for LDV," Tech. Note, Honeywell Inc., Dec. 1988.
[26] P. Stachour and M. B. Thuraisingham, "SQL extensions for security assertions,"Comput. Standards Interfaces J., to be published.
[27] M. Stonebraker, "Operating System Support for Database Management,"Comm. ACM, Vol. 24, No. 7, July 1981, pp. 412- 418.
[28] M. B. Thuraisingham, "Security checking in relational database management systems augmented with inferences engines,"Comput. Security, vol. 6, no. 6, pp. 479-492, Dec. 1987.
[29] M. B. Thuraisingham, "Towards the design of secure data/knowledge base management system,"Data Knowledge Eng. J., to be published.
[30] J. D. Ullman,Principles of Databases Systems. Rockville, MD: Computer Science Press, 1982.

Index Terms:
classification level; polyinstantiation; type enforcement; multilevel secure relational database management system; secure database system; LDV; Lock Data Views; LOgical Coprocessing Kernel; LOCK; Trusted Computing Base; assured pipelines; metadata management; security policy; query processor; update processor; operating system; inference; aggregation; relational databases; security of data
Citation:
P.D. Stachour, B. Thuraisingham, "Design of LDV: A Multilevel Secure Relational Database Management," IEEE Transactions on Knowledge and Data Engineering, vol. 2, no. 2, pp. 190-209, June 1990, doi:10.1109/69.54719
Usage of this product signifies your acceptance of the Terms of Use.