Advertisement

A principled approach to object deletion and garbage collection in multilevel secure object bases

  • Elisa Bertino
  • Elena Ferrari
Chapter
  • 95 Downloads
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT)

Abstract

This paper introduces guidelines to prevent illegal information flows due to object deletion in multilevel secure object database management systems (ODBMSs). The guidelines are formally stated as security principles. We also show how to design a garbage collection mechanism in a multilevel secure ODBMS that ensures both security and referential integrity.

Keywords

Object Database Management Systems Object Deletion Garbage Collection 

References

  1. [1]
    Bell, D. and LaPadula, L. (1975) Secure computer systems: unified exposition and multics interpretation. TR ESD-TR-75–306, MTR-2997, MITRE.Google Scholar
  2. [2]
    Bertino, E. and Ferrari, E. (1997a) A Principled Approach to Object Deletion and Garbage Collection in Multilevel Secure Object Bases. Pre-Proceedings of the 11th Annual IFIP WG 11.3 Working Conf. on Database Security, pages 75–86, Lake Tahoe, CA.Google Scholar
  3. [3]
    Bertino E., Ferrari, E. and Samarati, P. (1997b) A multilevel entity model and its mapping onto a single-level object model. Theory and Practice of Object Systems, to appear.Google Scholar
  4. [4]
    Bertino, E. Mancini, L. V. and Jajodia, S. (1994) Collecting garbage in multilevel secure object stores. In Proc. IEEE Symp. on Research in Security and Privacy, Oakland, CA.Google Scholar
  5. [5]
    Chokhani, S. (1992) Trusted products evaluation. Communications of the ACM, 35 (7): 66–76.CrossRefGoogle Scholar
  6. [6]
    Deux, O. et al. (1990) The story of 02. IEEE Trans. on Knowledge and Data Engineering, 2 (1): 91–108.Google Scholar
  7. [7]
    Fishman, D. et al. (1989) Overwiew of the Iris DBMS. Object-oriented concepts, databases, and applications. Addison-Wesley,pages. 219–50.Google Scholar
  8. [8]
    Kim, W. et al. (1990) Architecture of the ORION next-generation database system. IEEE Trans. on Knowledge and Data Engineering, 2 (1): 109–24.CrossRefGoogle Scholar
  9. [9]
    Kolodner, E., Liskov B. and Weihl, W. (1989) Atomic garbage collection: managing a stable heap. In Proc. ACM-SIGMOD Conf..Google Scholar
  10. [10]
    Jajodia, S. and Atluri, V. (1992) Alternative correctness criteria for concurrent executions of transactions in multilevel secure database systems. In Proc. of the IEEE Symp. on Research in Security and Privacy, Oakland, CA.Google Scholar
  11. [11]
    Jajodia, S. and Kogan, B. (1990) Integrating an object-oriented data model with multilevel security. In Proc. of the IEEE Symp. on Research in Security and Privacy, Oakland, CA.Google Scholar
  12. [12]
    Maier, D. et al. (1986) Development of an object-oriented DBMS. In Proc. of the 1st OOPSLA Conference, Portland, Oregon.Google Scholar
  13. [13]
    Millen, J. K. and Lunt, T. F. (1992) Security for object-oriented database systems. In Proc. of the IEEE Symp. on Research in Security and Privacy Oakland, CA.Google Scholar
  14. [14]
    Moss, J. E. (1992) Working with persistent objects: to swizzle or not to swizzle. IEEE Trans. on Software Engineering, 18 (8).Google Scholar
  15. [15]
    Rabitti, F. Bertino, E. Kim, W. and Woelk, D. A model of authorization for object-oriented and semantic database systems. A CM Trans. on Database Systems, 16(1).Google Scholar
  16. [16]
    Shockley, W. R. and Schell, R. R. (1987) TCB subsets for incremental evaluation. In Proc. of the 2nd AIAA Conference on Computer Security.Google Scholar
  17. [17]
    Thuraisingham, M.B. (1989) Mandatory security in object-oriented database systems. In Proc. of the OOPSLA Conference, New Orleans, LouisianaGoogle Scholar

Copyright information

© IFIP 1998

Authors and Affiliations

  • Elisa Bertino
    • 1
  • Elena Ferrari
    • 1
  1. 1.Dipartimento di Scienze dell’InformazioneUniversità di MilanoMilanoItaly

Personalised recommendations