The Deductive Filter Approach to MLS Database Prototyping

Abstract

of the database. The goal of the prototype is to achieve a concise and non-conflicting specification of the security constraints. Based on a concrete example of the application domain, the database designer and the security officer (or trusted users) are able to examine by using the prototype the adequacy of the database design and of the security classifications specified. In this paper we give the formal basis and implementation details about the prototyping language with which the prototype can be efficiently constructed without involving high development costs. This paper proposes building a prototyping environment as part of the standard design process of multilevel secure database applications. For this paper we see the following contributions: First, based on a careful study of multilevel security requirements we developed a security constraints language (SCL) for specifying application dependent database security semantics. Second, we implemented SCL by using the deductive dat..