Maintaining surrogate data for query acceleration in multilevel secure database systems
Various models have been developed for classified data management in a multilevel secure database system. While concurrency control policies have been the focus of these models, the PRISM model was developed to solve the query delay problem in such systems. In order to accelerate multilevel queries, the PRISM model maintains surrogate data in different relations, as opposed to the actual data values, that result in higher record density in a page, thus requiring less number of page I/Os. In order to establish mapping between the surrogate values and the actual data values some auxiliary data structures are maintained. This paper presents the cost of maintaining such surrogate values and corresponding data structures in the model. The result is compared with the maintenance cost of the relations in the SeaView model that has been used as the base model for the PRISM model.
Key wordsMultilevel Secure Database Systems Mandatory Access Control Data and User Classifications Query Processing
Unable to display preview. Download preview PDF.
- [BEL74]D. E. Bell and L. J. LaPadula, “Secure Computer Systems: Mathematical Foundations and Model,” Technical Report, The Mitre Corp., 1974.Google Scholar
- [DEN87]D. Denning and T. Lunt, R. Schell, M. Heckman, and W. Shockley, “A Multilevel Relational Data Model,” Proceedings of the IEEE Symposium on Security and Privacy, p 220–234, Oakland, CA, April 1987.Google Scholar
- [DoD85]Department of Defense, “Department of Defense Trusted Computer System Evaluation Criteria,” National Computer Security Center, December 1985.Google Scholar
- [HAI91]J. Haigh, R. O'Brien, and D. Thomsen, “The LDV Secure Relational DBMS Model,” Database Security IV, editors S. Jajodia and C. Landwehr, North-Holland, Amsterdam, p. 265–279, 1991.Google Scholar
- [JAJ91]S. Jajodia and R. Sandhu, “Toward A Multilevel Secure Relational Data Model,” Proceedings of the ACM SIGMOD Conference, p. 50–59, Denver, CO, May 1991.Google Scholar
- [LUN88]T. F. Lunt, R. R. Schell, W. R. Shockley, and D. Warren, “Toward a Multilevel Relational Data Language,” Proceedings of the IEEE Symposium on Research in Security and Privacy, p. 72–79. 1988.Google Scholar
- [LUN90]T. F. Lunt, D. E. Denning, R. R. Schell, M. Heckman, and W. R. Shockley, “The SeaView Security Model,” IEEE Transactions on Software Engineering, Vol. 16, No. 6, June 1990.Google Scholar
- [PAN95]B. Panda, and W. Perrizo, “Query Execution in PRISM and SeaView: A Cost Analysis,” Proceedings of the 1995 ACM Symposium on Applied Computing, Nashville, TN, February 1995.Google Scholar
- [PER91]W. Perrizo, J. Gustafson, D. Thureen, D. Wenberg, and W. Davidson, “Domain Vector Accelerator (DVA): A Query Accelerator for Relational Operations,” Proceedings of the 7th International conference on Data Engineering, Kobe, Japan, 1991.Google Scholar
- [PER93]W. Perrizo and B. Panda, “Query Acceleration in Multilevel Secure Database Systems,” Proceedings of the 16th National Computer Security Conference, Baltimore, MD, September 1993.Google Scholar
- [SMI92]Smith, K. and Winslett, M., “Entity Modeling in the MLS Relational Model,” Proceedings of the 18th VLDB Conference, Vancouver, British Columbia, Canada, 1992.Google Scholar