Database Reference
In-Depth Information
User High
Trusted DBM
Low User
Trusted Operating System
Multilevel
Database
Figure 2.3
Trusted subject architecture.
Table 2.9
Comparison between Polyinstantiation Architectures
CRITERIA MODEL
POLYINSTANTIATION
TRUSTED DBMS
DATABASE FILES
PERFORMANCE
No MAC
privileges
architecture
Implicitly
Does not
demand trust
in DBMS
Multiple of single
database files
Bad data
retrieval
performance
Trusted subject
architecture
Explicitly
Demands trust
in DBMS
Single database
is used to save
data at multiple
security levels
Improved data
retrieval
performance
Table 2.9 gives a comparison between the previous two approaches to
illustrate the advantages and disadvantages of each approach.
2.4 Multilevel Database Security Models
There are many multilevel relational database security models—for
example, SeaView and those proposed by Sandhu-Jajodia, Smith-
Winslett, etc. This section will present an overview of these models
and identify the strengths and the weaknesses of each model.
2.4.1 SeaView Model
In the secure data views (SeaView) model, security levels are assigned
to each data element in the attributes of the tuples in the relation, as
shown in Table 2.7. In the SeaView model, data are stored in a set of
single-level fragments and the multilevel relations are implemented as
views over these single-level relations [24].
Search WWH ::
Custom Search