Portal de Periódicos da CAPES

Element-level classification with A1 assurance

1988; Elsevier BV; Volume: 7; Issue: 1 Linguagem: Inglês

10.1016/0167-4048(88)90506-8

1872-6208

Teresa F. Lunt, Dorothy E. Denning, Roger R. Schell, Mark Heckman, W.R. Shockley,

Web Application Security Vulnerabilities

We describe our approach to multilevel database security and show that we can support element-level labeling in a Class A1 database system without the need to verify the entire database system, or even most of it. We achieve both the high degree of assurance required for Class A1 and the flexibility of element-level labeling by layering the TCB, where the lowest TCB layer is a reference monitor enforcing mandatory security; and by decomposing multilevel relations into single-level relations that are managed by the reference monitor. This decomposition means that multilevel relations are actually views over single-level base relations, which suggests that our multilevel relational system could be implemented on a standard (untrusted) relational system running on a reference monitor.