Maintaining surrogate data for query acceleration in multilevel secure database systems

  • Brajendra Panda
  • William Perrizo
Query Processing
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1006)


Various models have been developed for classified data management in a multilevel secure database system. While concurrency control policies have been the focus of these models, the PRISM model was developed to solve the query delay problem in such systems. In order to accelerate multilevel queries, the PRISM model maintains surrogate data in different relations, as opposed to the actual data values, that result in higher record density in a page, thus requiring less number of page I/Os. In order to establish mapping between the surrogate values and the actual data values some auxiliary data structures are maintained. This paper presents the cost of maintaining such surrogate values and corresponding data structures in the model. The result is compared with the maintenance cost of the relations in the SeaView model that has been used as the base model for the PRISM model.

Key words

Multilevel Secure Database Systems Mandatory Access Control Data and User Classifications Query Processing 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [BEL74]
    D. E. Bell and L. J. LaPadula, “Secure Computer Systems: Mathematical Foundations and Model,” Technical Report, The Mitre Corp., 1974.Google Scholar
  2. [DEN87]
    D. Denning and T. Lunt, R. Schell, M. Heckman, and W. Shockley, “A Multilevel Relational Data Model,” Proceedings of the IEEE Symposium on Security and Privacy, p 220–234, Oakland, CA, April 1987.Google Scholar
  3. [DoD85]
    Department of Defense, “Department of Defense Trusted Computer System Evaluation Criteria,” National Computer Security Center, December 1985.Google Scholar
  4. [HAI91]
    J. Haigh, R. O'Brien, and D. Thomsen, “The LDV Secure Relational DBMS Model,” Database Security IV, editors S. Jajodia and C. Landwehr, North-Holland, Amsterdam, p. 265–279, 1991.Google Scholar
  5. [JAJ91]
    S. Jajodia and R. Sandhu, “Toward A Multilevel Secure Relational Data Model,” Proceedings of the ACM SIGMOD Conference, p. 50–59, Denver, CO, May 1991.Google Scholar
  6. [LAM73]
    B. W. Lampson, “A Note on the Confinement Problem,” Communications of the ACM, Vol. 16, No. 10, p. 613–615, October 1973.CrossRefGoogle Scholar
  7. [LUN88]
    T. F. Lunt, R. R. Schell, W. R. Shockley, and D. Warren, “Toward a Multilevel Relational Data Language,” Proceedings of the IEEE Symposium on Research in Security and Privacy, p. 72–79. 1988.Google Scholar
  8. [LUN90]
    T. F. Lunt, D. E. Denning, R. R. Schell, M. Heckman, and W. R. Shockley, “The SeaView Security Model,” IEEE Transactions on Software Engineering, Vol. 16, No. 6, June 1990.Google Scholar
  9. [PAN95]
    B. Panda, and W. Perrizo, “Query Execution in PRISM and SeaView: A Cost Analysis,” Proceedings of the 1995 ACM Symposium on Applied Computing, Nashville, TN, February 1995.Google Scholar
  10. [PER91]
    W. Perrizo, J. Gustafson, D. Thureen, D. Wenberg, and W. Davidson, “Domain Vector Accelerator (DVA): A Query Accelerator for Relational Operations,” Proceedings of the 7th International conference on Data Engineering, Kobe, Japan, 1991.Google Scholar
  11. [PER93]
    W. Perrizo and B. Panda, “Query Acceleration in Multilevel Secure Database Systems,” Proceedings of the 16th National Computer Security Conference, Baltimore, MD, September 1993.Google Scholar
  12. [SMI92]
    Smith, K. and Winslett, M., “Entity Modeling in the MLS Relational Model,” Proceedings of the 18th VLDB Conference, Vancouver, British Columbia, Canada, 1992.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1995

Authors and Affiliations

  • Brajendra Panda
    • 1
  • William Perrizo
    • 2
  1. 1.Computer and Information Sciences DepartmentAlabama A&M UniversityNormalUSA
  2. 2.Computer Science DepartmentNorth Dakota State UniversityFargoUSA

Personalised recommendations