Database Reference
In-Depth Information
Rule 1: A user U with classification level L has the ability to read
the property of an instance with the classification level
L
j
if
L
≥
L
j
.
8.3 The advant address of IBMSM
• Preventing the null value inference problem: If the user
cannot see the instance's property at specific classification
level, this property should not be found at this classification
level [103]. The absence of the property does not mean that
this property is rejected. For example, the null value may be
used if the value of the instance's property does not exist or if
the instance cannot access this property. Thus, the meaning of
the null value is not clear.
• Preventing the data redundancy problem: In the IBMSM,
a datum could have many views in different classification lev-
els [103]. It is possible that several tuples (as different clas-
sification levels) could refer to one object. However, in the
IBMSM, any object is defined by its instance identifier.
8.4 The Select Operation Procedure of the IBMSM
The SQL-like command for the select operation has the following form:
SELECT [A
if
]
*
FROM R
WHERE P
The selection operation is implemented as follows:
Step 1: get the classification level of the user that executes the
select operation L(User).
Step 2: get the class views that belong to this user.
Step 3: get all the instance views that belong to the class views of
the user and satisfy the select condition P.
Step 4: for each instance, in the instance views, display the prop-
erty that has a class level lower than or equal to the classifica-
tion level of the user.
Figure 8.2 illustrates the SELECT operation procedure in the
IBMSM.
Search WWH ::
Custom Search