Issue No. 06 - June (1990 vol. 16)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/32.55088
<p>A multilevel database is intended to provide the security needed for database systems that contain data at a variety of classifications and serve a set of users having differentclearances. A formal security model for such a system is described. The model is formulated in two layers, one corresponding to a reference monitor that enforces mandatory security, and the second an extension of the standard relational model defining multilevel relations and formalizing policies for labeling new and derived data, data consistency, and discretionary security. The model also defines application-independent properties for entity integrity, referential integrity, and polyinstantiation integrity.</p>
policy formalization; new data; SeaView security model; multilevel database; classifications; users; clearances; formal security model; reference monitor; mandatory security; standard relational model; multilevel relations; labeling; derived data; data consistency; discretionary security; application-independent properties; entity integrity; referential integrity; polyinstantiation integrity; relational databases; security of data; software engineering.
W.R. Shockley, M. Heckman, T.F. Lunt, D.E. Denning, R.R. Schell, "The SeaView Security Model", IEEE Transactions on Software Engineering, vol. 16, no. , pp. 593-607, June 1990, doi:10.1109/32.55088