Third European Symposium on Research in Computer Security (ESORICS 94)

Decomposition of Multilevel Objects in an Object-Oriented Database

N. Boulahia-Cuppens, F. Cuppens, A. Gabillon, K. Yazdanian

Abstract : For many reasons, multilevel relations are decomposed. Several decomposition algorithms have been proposed but we show that many difficulties would appear when implementing them -especially performance loss and problems to propagate low classified updates to higher classified relation. In this paper, we propose a security model which provides means to protect all characteristics of an object including object existence, attribute tuple values and attribute set values and we show how to decompose a multilevel object oriented database which supports these complex multilevel objects into a collection of single level databases. This idea is similar to the idea already proposed for multilevel relational databases. However, our approach takes fully advantage of the object oriented model. Hence, we claim that the kernelized architecture we suggest for object oriented databases does not suffer from the drawbacks noticed for relational systems based on this architecture. In particular, it does not cause important performance losses and the semantics of update operations is straightforward in comparison with the one previously developed for multi-level relations.

(Pages 375-402)

