This Article 
 Bibliographic References 
 Add to: 
Modeling Security-Relevant Data Semantics
November 1991 (vol. 17 no. 11)
pp. 1195-1203

The use of an extended data model which represents both integrity and secrecy aspects of data is demonstrated. This Semantic Data Model for Security (SDMS) provides a technique that assists domain experts, security officers, and database designers in first understanding their security requirements, and then translating them into a good database design. Identifying security requirements at this semantic level provides the basis for analyzing the security requirements and the database design for inference and signaling vulnerabilities. Another contribution is a comprehensive taxonomy of security-relevant data semantics that must be captured and understood to implement a multilevel secure automated information system.

[1] S. Abiteboul and R. Hull, "IFO: a formal semantic database model,"ACM Trans. Database Syst., pp. 525-56, Dec. 1987.
[2] Air Force Studies Board Committee on Data Management Security, Multilevel Data Management Security. Washington, DC: Nat. Acad. Press, 1983.
[3] M. L. Brodie, "On the development of data models," inOn Conceptual Modeling, M. L. Brodie, J. Mylopoupos, and J. W. Schmidt, Eds. New York: Springer-Verlag, pp. 19-48.
[4] L. J. Buczkowski, "Database inference controller," inProc. IFIP Workshop on Database Security, Sept. 1989.
[5] P. P. Chen, "The Entity-Relationship Model -- Towards a Unified View of Data,"ACM Trans. Database Syst., Vol. 1, No. 1, Mar. 1976, pp. 9-36.
[6] E. F. Codd, "A relational model of data for large shared data banks,"Commun. ACM, pp. 377-387, June 1970.
[7] D. E. Denning, "A preliminary note on the inference problem in multi-level database-systems," inProc. Nat. Comput. Security Ctr. Invitational Workshop on Database Security, June 1986.
[8] D. E. Denning and M. Morgenstern, "Military database technology study: AI techniques for security and reliability," SRI, SRI Tech. Rep., Aug. 1986.
[9] D. E. Denning and J. Schlorer, "Inference controls for statistical database security,"IEEE Computer, pp. 69-82, July 1983.
[10] G. E. Gajnak, "Some results from the entity/relationship multilevel secure DBMS Project," inProc. 4th Aerospace Comput. Security Appl. Conf., Dec. 1988, pp. 66-71.
[11] C. Garvey and A. Wu, "ASD-views," inProc. 1988 IEEE Symp. on Security and Privacy, Apr. 1988, pp. 85-95.
[12] J. T. Haigh, R. C. O'Brien, P. D. Stachour, and D. L. Toups, "The LDV approach to database security," inProc. 1989 IFIP Workshop on Database Security, Sept. 1989.
[13] M. Hammer and D. J. McLead, "Database description with SDM: a semantic database model,"ACM Trans. Database Syst., pp. 351-386, Sept. 1981.
[14] T. H. Hinke and M. Schaefer, "Secure data management systems" SDC, SDC Tech. Rep., June 1975.
[15] R. Hull and R. King, "Semantics database modeling: Survey, applications, and research issues,"Comput. Surveys, vol. 19, no. 3, pp. 201-260, Sept. 1987.
[16] C. D. Jensen, R. D. Kiel, and R. D. Verjinski, "SDDM--a prototype of a distributed architecture for database security," inProc. 5th Int. Data Eng. Conf., Feb. 1989, pp. 356-364.
[17] T. F. Lunt, R. R. Schell, W. R. Shockley, M. Heckman, and D. Warren, "A near-term design for the SeaView-Multilevel Database System," inProc. 1988 IEEE Symp. on Security and Privacy, Apr. 1988, pp. 234-244.
[18] C. Meadows and S. Jajodia, "Integrity versus security in multilevel secure databases," inDatabase Security: Status and Prospects, C. E. Landwehr, Ed. Amsterdam: North-Holland, 1988, pp. 89-103.
[19] M. Morgenstern, "Constraint equations: declarative expression of constraints with automatic enforcement," inProc. 10th Int. Conf. on Very Large Data Bases, Aug. 1984, pp. 291-300.
[20] M. Morgenstern, "Security and inference in multilevel database and knowledge-based systems," inProc. ACM SIGMOD Conf., May 1987, pp. 357-373.
[21] M. Morgenstern, "Controlling logical inference in multilevel database systems," inProc. 1988 IEEE Symp. on Security and Privacy, Apr. 1988, pp. 245-256.
[22] B. H. Patkau and D. L. Tennenhouse, "The implementation of secure entity-relationship databases," inProc. IEEE Symp. on Security and Privacy. Apr. 1985, pp. 230-236.
[23] J. Peckham and F. Maryanski, "Semantic data models,"ACM Comput. Surveys. pp. 153-189, Sept. 1988.
[24] P. A. Rougeau and E. D. Sturms, "The secure Sybase dataserver: a solution to the multilevel secure DBMS problems," inProc. 10th Nat. Comput. Security Conf., Sept. 1987, pp. 211-215.
[25] G. W. Smith, "Identifying and representing the security semantics of an application," inProc. 4th Aerospace Comput. Security Conf., Dec. 1988, pp. 125-130.
[26] G. W. Smith, "The semantic data model for security: representing the security semantics of an application," inProc. 6th Int. Conf. on Data Eng., Feb. 1990, pp. 322-329.
[27] D. Shipman, "The functional model and the data language daplex,"ACM Trans. Database Syst., vol. 6, no. 1, Mar. 1981.
[28] S. Y. W. Su, "SAM*: a semantic association model for corporate and scientific statistical database,"Inform. Sci., vol. 29, pp. 151-199, 1983.
[29] T. C. Ting, "Application information security semantics: a case of mental health delivery," inProc. IFIP Workshop on Database Security, Sept. 1989.
[30] S. D. Urban and L. M. L. Delcambre, "Constraint analysis for specifying perspectives of class objects," inProc. 5th Int. Conf. on Data Eng., Feb. 1989, pp. 10-17.
[31] S. D. Urban, "ALICE: an assertion language for integrity constraint expression," in Proc. Comput. Software and Appl. Conf., Sept. 1989.

Index Terms:
inference vulnerability; extended data model; secrecy; Semantic Data Model for Security; security requirements; database design; signaling vulnerabilities; security-relevant data semantics; multilevel secure automated information system; database management systems; security of data
G.W. Smith, "Modeling Security-Relevant Data Semantics," IEEE Transactions on Software Engineering, vol. 17, no. 11, pp. 1195-1203, Nov. 1991, doi:10.1109/32.106974
Usage of this product signifies your acceptance of the Terms of Use.