Second European Symposium on Research in Computer Security (ESORICS 92)
Security Constraint Processing in Multilevel Secure AMAC Schemata
Abstract : We describe the design environment AMAC which may be used as an aid for the construction of multilevel secure databases. The technique proposed consists of high-level data and security modeling using entity-relationship techniques, a decomposition approach for the construction of single level fragments from multilevel base relations, a supporting policy for the automated determination of labels for security objects and subjects, and security enforcement by using database triggers. As in most security critical civil database applications labeled data items are not available the proposed approach serves well as an underluing basis for the construction of a computerized design tool that aids a human database or security administrator during the different phases of the construction of a MLS database.
Proceedings table of contents