Database Reference
In-Depth Information
that stores the security classification level of the tuple. The
domain of the value of the attribute
C
i
is defined by a set
{
L
i
,…
H
i
} where the
L
i
is the lowest security classification level
and the
H
i
is the highest security classification level.
E
Ci
i
()
is the encryption function of a data attribute. The domain of
the
TC
is defined as
UL H
i
n
({
,... ,
)
, where
U
stands for the
=
i
i
set of union.
Definition 6.2.2.2: The multilevel relational database instance is
defined in the following form:
•
rE
, where
r
is a group of some
tuples that have the form
((),
(
(
AE AEATC
),
( ,...,
( ,
)
C
1
C
2
Cn
n
1
2
,
where the value of
a
i
∈
D
i
and the value of
c
i
∈ {
L
i
, …,
H
i
} or
a
i
= null and
c
i
∈ {
L
i
, …,
H
i
} ⋃ null, and
tc
≥ lub {
c
i
•
c
i
≠ null:
i
= 1…,
n
}; lub stands for the least upper bound.
rE aEa
( ,....,
Ea c
( ,)
c
1
c
2
c
n
1
2
n
Definition 6.2.2.3: The relational database is a set of related relations
and the database state is a set of all the relation instances of the rela-
tional database at a specific time.
The instance
(
rE
(
AE AEATC
),
( ,...,
( ,
)
has some defini-
C
1
C
2
Cn
n
1
2
tions that will be described as follows:
• The primary key
:
EA
()
C
1
•
tE A
C
defines the tuple in the relation instance
r
and also defines the security classification level of the
tuple.
[
(
)]
1
1
C
=
means that the tuple is inserted into the
relational database by a user with
c
1
security classification
level.
• Tuple-class attribute
TC:
•
t
[
TC
] =
tc
with
t
[
C
1
] =
c
1
means that tuple t is inserted
by a user with tc security classification level. Tuple t can
only be displayed by users with security classification level
c
′ ≥
tc.
The tuple t can be modified by a user with tc secu-
rity classification level.
t
[
TC
] =
t
[
C
1
] means that tuple t is
the base tuple and all tuples
t
′ ∈
r
such that
t
′[
A
1
,
C
1
] =
t
[
A
1
,
C
1
] depend on tuple t.
•
KeyE
(
(
Ac
))
1
1
1
Search WWH ::
Custom Search