Database Reference
In-Depth Information
outside the intended security level. The main limitations can be
described as follows:
• Redundant databases: To store data in the relational database
into different security levels, a different database should be
created for each security level.
• Redundant workstations: There is a need to have different
workstations to get each type of datum.
• High cost of IT infrastructure: There is a risk in sharing the
network resources.
• Inefficiency: Users need to get privileges on several relational
database systems to perform their duties.
Multilevel security was the solution. MLS allows the data in different
security classification levels to be accessed by users that have different
security clearance levels.
The Bell and LaPadula model was the basic model that introduced
the concept of MLS [13]. This model depends on definitions of objects
and subjects. An object like relation, a tuple, or an attribute is a passive
entity. A subject like user or program is an active process that needs to
have a privilege on objects. Every object is assigned to a security level
(classification), and every subject is assigned to a security level (clear-
ance). Security levels are defined as labels. A label contains two compo-
nents: a hierarchical component and a group of unordered categories.
The hierarchical component presents the security levels of the data.
For example, a company might define the security levels of its sensitive
data as top secret, secret, confidential, or unclassified. The unordered
categories are used to define the sensitivity of the leveled data.
Multilevel security is based on the Bell and LaPadula model
and formalized by two rules. LaPadula rules are described as
follows [14]:
• The simple property (no read up): A subject is allowed to read
an object if the subject's security clearance level is greater than
or equal to the object's security classification level.
• The star property (no write down): A subject is allowed to
write to an object if the object's security classification level is
greater than or equal to the subject's security clearance level.
Search WWH ::
Custom Search