Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: Thomas, Roshan K.; 1 | Sandhu, Ravi S.; 1
Affiliations: Center for Secure Information Systems & Department of Information and Software Systems Engineering, George Mason University, Fairfax, Virginia 22030, U.S.A.
Note: [1] The work of both authors was partially supported by the National Security Agency through contract MDA904-92-C-5140. We are grateful to Pete Sell, Howard Stainer, and Mike Ware for making this work possible.
Abstract: This paper presents a kernelized architecture (i.e., an architecture in which no subject is exempted from the simple-security and ⋆-properties) for multilevel secure (mls) object-oriented database management systems (DBMS’s) which support write-up. Relational mls DBMS’s typically do not allow write-up, due to integrity problems arising from the blind nature of write-up operations in these systems. In object-oriented DBMS’s, on the other hand, sending messages upwards in the security lattice does not present an integrity problem because such messages will be processed by appropriate methods in the destination object. However, supporting write-up operations in object-oriented systems is complicated by the fact that such operations are no longer primitive; but can be arbitrarily complex and therefore can take arbitrary amounts of processing time. We focus on support for remote procedure call (RPC) based write-up operations. Dealing with the timing of such write-up operations consequently has broad implications on confidentiality (due to the possibility of signaling channels), integrity, and performance. We present an asynchronous computational model for mls object-oriented databases, which achieves the conflicting goals of confidentiality, integrity, and efficiency (performance). This requires concurrent computations to be generated within a user session, and for them to be scheduled so the net effect is logically that of a sequential (RPC-based) computation. Our work utilizes an underlying message filter security model to enforce mandatory confidentiality. We demonstrate how our computational model can be implemented within the framework of a kernelized architecture. In doing so, we present various intra-session and inter-session concurrency schemes. The intra-session schemes are concerned with the scheduling and management of concurrent computations generated within a user session, and we present conservative as well as aggressive scheduling algorithms. The inter-session schemes provide the traditional concurrency control functions of managing shared access to database objects, across user sessions.
DOI: 10.3233/JCS-1993-22-309
Journal: Journal of Computer Security, vol. 2, no. 2-3, pp. 231-275, 1993
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]