Secure access control with high access precision
Hoppenstand, Gregory S.
Hsiao, David K.
MetadataShow full item record
When classified data of different classifications are stored in a database, it is necessary for a contemporary database system to pass through other classified data to find the properly classified data. Although the user of the system may only see data classified at the user's level, the database system itself has breached the security by bringing the other classified data into the main memory from secondary storage. Additionally, the system is not efficient as it could be because unnecessary material has been retrieved. This is a problem in access precision. This thesis proposes a solution to the access precision and pass-through problems using a database counterpart to the mathematical concept of equivalence relations. Each record of the database contains at least one security attribute (e.g., classification) and the database is divided into compartments of records; Compartments are disjoint sets, where each compartment of records has the same aggregate of security attributes. A suitable database model, the Attribute-Based Data Model, is selected, and an example of implementation is provided.
Approved for public release; distribution is unlimited
Showing items related by title, author, creator and subject.
An integrated intranet and dynamic database application for the Security Manager at Naval Postgraduate School Perry, Sonja Michele (Monterey, California ; Naval Postgraduate School, 2002-09);This thesis presents an analysis, design and implementation of the Naval Postgraduate School's Sensitive Compartmented Information Facility (SCIF) consolidated Access database and website. The database was designed using ...
Kohler, Matthew J.; Stroud, Shawn W. (Monterey, California. Naval Postgraduate School, 1989-12);Security mechanisms on contemporary database systems typically inhibit system performance. However, without security, the database system which stores classified data of different classifications, will pass through ...
Tudor, Ron B. (2003-09-01); NPS-CM-03-006This paper addresses the Auto-Redact initiative associated with the compilation of electronic copies of awarded Government contracts. The advancement of electronic systems allows for unlimited data storage capability; it ...