Security Versus Integrity in Information Systems

Security and integrity are frequently competing characteristics in an information system. Sectirity implies that a user can only access a specific subset of the information in the system, namely that information which the user has permission to access. Integrity implies that the information is correct , i.e., that it satisfies the constraints, rules and conditions contained in the information system. A problem arises when a user who is unable to access certain information because of security restrictions, is left with an incorrect or inconsistent view of the information system. In this paper we define an information organizational structure and policy which permits security and integrity to co-exist. Our approach, called the xKB approach, specifies an area of the information system for those objects which meet the integrity requirements for a particular user but not the integrity constraints of the information system as a whole. Earlier versions and components of our approach are described in [Steinke, 1991]. Section 2 provides an example of the problem of providing security and maintaining integrity. Section 3 reviews past approaches to the problem and section 4 describes the xKB approach to solving the conflict between security and integrity. Section 5 provides a summary. Comments on the implementation of the xKB approach are found in section 6

Applicability of Temporal Data Models to Query Multilevel Security Databases: A Case Study

In a multilevel security database there are multiple beliefs about a given real world object. The ability of a database model to accommodate multiple beliefs is termed polyinstantiation in the multilevel security literature. In this paper we remark that in an abstract sense polyinstantiation is a priori present in all models for temporal and spatial databases. In particular we investigate the applicability of the parametric model for temporal data to query multilevel security data and, as a case study, compare it to a model for multilevel security given by Winslett, Smith, and Qian

A Cloud-Oriented Cross-Domain Security Architecture

The Monterey Security Architecture addresses the need to share high-value data across multiple domains of different classification levels while enforcing information flow policies. The architecture allows users with different security authorizations to securely collaborate and exchange information using commodity computers and familiar commercial client software that generally lack the prerequisite assurance and functional security protections. MYSEA seeks to meet two compelling requirements, often assumed to be at odds: enforcing critical, mandatory security policies, and allowing access and collaboration in a familiar work environment. Recent additions to the MYSEA design expand the architecture to support a cloud of cross-domain services, hosted within a federation of multilevel secure (MLS) MYSEA servers. The MYSEA cloud supports single-sign on, service replication, and network-layer quality of security service. This new cross domain, distributed architecture follows the consumption and delivery model for cloud services, while maintaining the federated control model necessary to support and protect cross domain collaboration within the enterprise. The resulting architecture shows the feasibility of high-assurance, cross-domain services hosted within a community cloud suitable for interagency, or joint, collaboration. This paper summarizes the MYSEA architecture and discusses MYSEA's approach to provide an MLS-constrained cloud computing environment.Approved for public release; distribution is unlimited

A parametric prototype for spatiotemporal databases

The main goal of this project is to design and implement the parametric database (ParaDB). Conceptually, ParaDB consists of the parametric data model (ParaDM) and the parametric structured query language (ParaSQL). Parametric data model is a data model for multi-dimensional databases such as temporal, spatial, spatiotemporal, or multi-level secure databases. Main difference compared to the classical relational data model is that ParaDM models an object as a single tuple, and an attribute is defined as a function from parametric elements. The set of parametric elements is closed under union, intersection, and complementation. These operations are counterparts of or, and, and not in a natural language like English. Therefore, the closure properties provide very flexible ways to query on objects without introducing additional self-join operations which are frequently required in other multi-dimensional database models

Моделювання та порівняльний аналіз багаторівневої безпеки в реляційних СУБД

Метою роботи є висновки щодо особливостей практичної реалізації багаторівневих моделей безпеки в реляційних СУБД та порівняльний аналіз моделей для обрання найбільш прийнятного варіанту. Об’єктом дослідження є моделі багаторівневої безпеки в реляційних СУБД. Предметом дослідження є порівняльний аналіз моделей багаторівневої безпеки в реляційних СУБД.Research methods are the analysis of literature sources on the chosen subject, definition of the most important features of existing multilevel security models, the comparative analysis of the considered models. The following models of multilevel security in relational DBMS have studied: the Secure Data Views model, the Jajodia-Sandhu model, the Smith-Winslett model, the MultiLevel Relation model and the Belief-Consistent Multilevel Secure Data Model. A comparative analysis of these models by the decision-making method that based on the expert evaluation has performed. According to the results of the analysis, the best model for implementation of multilevel security according to defined coefficients is the MultiLevel Relation model