Classifying and Downgrading: Is a Human Needed in the Loop?

Smith, Gary W.

doi:10.1007/978-1-4612-2870-7_11

Gary W. Smith²

48 Accesses

Abstract

This paper asserts that output products from a multilevel secure database environment should be classified at a level which accurately reflects, at the data semantics level, the contents of the product. The paper further asserts that for certain classes of data, “the system” can effectively determine the classification of the output product such that no human is required in the loop. For other classes of data, the paper asserts that we can not explicitly state the database security requirement; therefore, we cannot hope to implement a system that enforces those requirements and a human is required in the loop.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

National Computer Security Center. Department of defense trusted computer system evaluation criteria. Technical Report DOD 5200.28-STD, Department of Defense, December 1985.
Google Scholar
B.B. Dillaway and J.T. Haigh. A practical design for a multilevel secure database management system. In Proceedings of the Second Aerospace Computer Security Conference, December 1986.
Google Scholar
[DLS⁺87]_D.E. Denning, T.F. Lunt, R.R. Schell, M. Heckman, and W.R. Shockley. A multilevel relational data model. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, April 1987.
Google Scholar
D.E. Denning and M. Morgenstern. Military database technology study: AI techniques for security and reliability. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, 1986.
Google Scholar
P. Dwyer, E. Onuegbe, and B.M. Thuraisingham. Design of a query processor for a multilevel secure relational database management system. Technical report, Honeywell Systems Research Center and Corporate Systems Development Division, 1988.
Google Scholar
T. Kohonen. The “neural” phonetic typewriter. IEEE Computer, March 1988.
Google Scholar
T.F. Lunt and T.A. Berson. An expert system to classify and sanitize text. In Proceedings of the Third Aerospace Computer Security Conference, December 1987.
Google Scholar
J. McHugh. An EMACS-based downgrader for SAT. In Proceedings of the 8th National Computer Security Conference, October 1985.
Google Scholar
P.A. Rougeau and E.D. Sturms. Sybase secure dataserver: A solution to the multilevel secure DBMS problem. In Proceedings of the 10th National Computer Security Conference, September 1987.
Google Scholar
D.L. Waltz. Helping computers understand natural languages. IEEE Spectrum, November 1983.
Google Scholar

Download references

Author information

Authors and Affiliations

National Defense University, USA
Gary W. Smith

Authors

Gary W. Smith
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

SRI International, 333 Ravenswood Avenue, Menlo Park, CA, 94025, USA
Teresa F. Lunt (Program Manager Secure Systems) (Program Manager Secure Systems)

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Smith, G.W. (1992). Classifying and Downgrading: Is a Human Needed in the Loop?. In: Lunt, T.F. (eds) Research Directions in Database Security. Springer, New York, NY. https://doi.org/10.1007/978-1-4612-2870-7_11

Download citation

DOI: https://doi.org/10.1007/978-1-4612-2870-7_11
Publisher Name: Springer, New York, NY
Print ISBN: 978-0-387-97736-2
Online ISBN: 978-1-4612-2870-7
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics