Mandatory security policy enforcement in commercial off the shelf database management system software : a comparative analysis of Informix-Online/Secure and trusted ORACLE
Muschalek, Keith Edward
Irvine, Cynthia E.
Wu, C. Thomas
MetadataShow full item record
The objective of this thesis is to analyze the mandatory access control (MAC) features of two commercial multilevel trusted database management systems (DBMS): Trusted ORACLE 7 and Informix-OnLine/Secure 5.0. We are attempting to determine how the problem of multilevel sharing of information is addressed in each multilevel secure DBMS. Commercially available documentation is used to examine the mandatory access controls enforced on labeled subjects and labeled objects and to compare them to the Class B1 requirements for MAC and labeling set forth in the Trusted Computer System-Evaluation Criteria (TCSEC). A decomposition of the TCSEC requirements for MAC and labeling is mapped to the DBMS documentation to determine if the Class B1 requirements are met by each DBMS. With the TCSEC mapping as a reference, the interface features in support of MAC are analyzed and compared between the products. This analysis shows that each DBMS uses different schema objects and privilege sets to enforce its mandatory security policy. The MAC mechanism of each product is based on the Bell-LaPadula security model, extended to prohibit the writeup of data from lower level subjects to higher level objects. Each DBMS allows traditional trusted subjects to writedown data. When special privileges are granted to users, readups and writeups are permitted in both DBMSs. Database security, Multilevel secure database management systems, B1 DBMS, TCSEC Analysis, Database analysis, Database evaluations.
Showing items related by title, author, creator and subject.
Ang, Kah Kin. (Monterey, California. Naval Postgraduate School, 2010-12);The Monterey Security Architecture (MYSEA) provides a distributed multilevel secure (MLS) environment consisting of a MLS local area network (LAN) and multiple single-level networks. The MYSEA server enforces a mandatory ...
Analysis of Current Flight Scheduling Practices and Recommendations to Efficiently Reduce Deviations from Syllabus Time-To-Train Hall, Bentley (Tyler); Hargrove, Hayward (Trey); Willis, James (Marshall) (Monterey, California. Naval Postgraduate School, 2011-09-07);EXECUTIVE SUMMARY: The objective of our project is to investigate current scheduling requirements, constraints, and procedures to identify problems with scheduling practices and syllabus management for Primary Flight ...
Lindstrom, Tedric R. (Monterey, California: Naval Postgraduate School, 2014-12);Our coastal waters are the United States’ most open and vulnerable borders. This vast maritime domain harbors critical threats from terrorism, criminal activities, and natural disasters. Maritime borders pose significant ...