Database Reference
In-Depth Information
where R is the relation name and
[A
1
,A
2
,...,A
n
]
are the attribute
names. Each INSERT data manipulation can insert, at most, one tuple
into the relation R. The inserted tuple,
t,
is constructed as follows:
For all attributes in a database relation:
• If there is an attribute
A
i
in the attribute list of the INTO
clause, the data value
a
i
will be encrypted by an encryption
key according to
C
i
,
the security class level of the subject who
executes the insert statement.
• If
A
i
is not in the attribute list of the INTO clause, set the
data value to null.
• The tuple class will be set to the class level of the subject who
executes the insert statement.
Figure 5.1 illustrates the flow chart for the insertion operation in the
encryption-based multilevel database model.
5.3.2 he DELETE Statement
The DELETE statement executed by a user with security class level
L
has the following general form:
DELETE FROM R
WHERE P
where R is the relation name, assuming relation R has attributes
[A
1
,A
2
, ...,A
n
]
;
r
is the database relation instance; and P is a pred-
icate expression that may include conditions involving classification
attributes.
Only tuples
t
∈
r
with
t
[
TC
] =
L
are decrypted by key, according to
the security classification level of the user who executes the DELETE
statement.
For those tuples
t
∈
r
that satisfy the P predicate expression,
r
is
changed as follows:
• Create a temporary tuple for the decrypted data to store the
deleted tuple during the execution of the DELETE statement.
• The tuple that satisfies the predicate expression will be deleted.
• If there is a borrowed tuple in the high-security level that has
an attribute that depends on the attribute in the deleted tuple,
the value of this attribute will be set to null.
Search WWH ::
Custom Search