Abstract
This paper asserts that output products from a multilevel secure database environment should be classified at a level which accurately reflects, at the data semantics level, the contents of the product. The paper further asserts that for certain classes of data, “the system” can effectively determine the classification of the output product such that no human is required in the loop. For other classes of data, the paper asserts that we can not explicitly state the database security requirement; therefore, we cannot hope to implement a system that enforces those requirements and a human is required in the loop.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
National Computer Security Center. Department of defense trusted computer system evaluation criteria. Technical Report DOD 5200.28-STD, Department of Defense, December 1985.
B.B. Dillaway and J.T. Haigh. A practical design for a multilevel secure database management system. In Proceedings of the Second Aerospace Computer Security Conference, December 1986.
[DLS+87]_D.E. Denning, T.F. Lunt, R.R. Schell, M. Heckman, and W.R. Shockley. A multilevel relational data model. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, April 1987.
D.E. Denning and M. Morgenstern. Military database technology study: AI techniques for security and reliability. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, 1986.
P. Dwyer, E. Onuegbe, and B.M. Thuraisingham. Design of a query processor for a multilevel secure relational database management system. Technical report, Honeywell Systems Research Center and Corporate Systems Development Division, 1988.
T. Kohonen. The “neural” phonetic typewriter. IEEE Computer, March 1988.
T.F. Lunt and T.A. Berson. An expert system to classify and sanitize text. In Proceedings of the Third Aerospace Computer Security Conference, December 1987.
J. McHugh. An EMACS-based downgrader for SAT. In Proceedings of the 8th National Computer Security Conference, October 1985.
P.A. Rougeau and E.D. Sturms. Sybase secure dataserver: A solution to the multilevel secure DBMS problem. In Proceedings of the 10th National Computer Security Conference, September 1987.
D.L. Waltz. Helping computers understand natural languages. IEEE Spectrum, November 1983.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1992 Springer-Verlag New York, Inc.
About this chapter
Cite this chapter
Smith, G.W. (1992). Classifying and Downgrading: Is a Human Needed in the Loop?. In: Lunt, T.F. (eds) Research Directions in Database Security. Springer, New York, NY. https://doi.org/10.1007/978-1-4612-2870-7_11
Download citation
DOI: https://doi.org/10.1007/978-1-4612-2870-7_11
Publisher Name: Springer, New York, NY
Print ISBN: 978-0-387-97736-2
Online ISBN: 978-1-4612-2870-7
eBook Packages: Springer Book Archive