Database Reference
In-Depth Information
• Tuple classification attribute (
TC
):
−
t
[
TC
] =
tc
with
t
[
C
1
] =
c
1
means a tuple t is inserted by
a user with tc security classification level. Tuple t can
only be displayed by users with security classification
level
c
′ ≥
tc.
The tuple t can be modified by a user with
tc security classification level. t[
TC
] = t[
C
1
] means that
tuple t is the base tuple and all tuples
t
′ ∈
r
such that
t
′[
A
1
,
C
1
] =
t
[
A
1
,
C
1
] depend on tuple t.
• Data
A
i
and its security classification level attribute
C
i
(2 ≤
i
≤
n
):
−
t
[
A
i
,
C
i
] with
t
[
C
i
] =
c
i
and
t
[
TC
] =
tc
[
c
i
≤
tc
] defines
which data
t
[
A
i
] can be altered by users with tc secu-
rity classification level.
t
[
A
i
,
C
i
] can be modified by
users with tc or ci
i
security classification levels. When
t
[
C
i
] <
t
[
TC
],
t
[
A
i
] ≠
null
is defined and a tuple that
is borrowed from the
t
′[
A
i
] of
t
′ that has
t
′[
A
1
,
C
1
] =
t
[
A
1
,
C
1
] ∧
t
′[
TC
] =
t
′[
c
i
] =
t
[
c
i
].
• Null value:
−
t
[
A
i
,
C
i
] = [null,
c
i
], [
c
i
<
tc
] means that for each data
attribute
A
i
,
there are users with tc security classification
levels that expect to borrow data owned by users with ci
i
security classification levels. Both
t
[
A
i
,
C
i
] = [null, null]
and
t
[
A
i
,
C
i
] = [null,
tc
] mean that there are no data avail-
able in the data attribute
A
i
.
The [null, null] case applies
when tc ∉ {
L
i
,…,
H
i
}; the [null, tc] case applies otherwise.
6.2.2 Encryption-Based Multilevel Model for DBMS Definition
The encryption-based multilevel model uses an encryption system
with secure certificates and keys. This model encrypts each tuple with
an encryption key according to its security classification level (tuple
classification).
Definition 6.2.2.1: A multilevel relational database scheme is defined
in the following form:
•
, where
A
i
is the attribute
that stores the data,
C
i
is the attribute that stores the security
classification level of the attribute
A
i
, and
TC
is the attribute
RE
(
(
AE AEATC
),
( ,...,
( ,
)
C
1
C
2
Cn
n
1
2
Search WWH ::
Custom Search