Publication Date


Technical Report Number



Data, Mathematics of Computing, Theory of Computation


In a multilevel security environment, the security levels form a hierarchy which is generally assumed to be a lattice. A user can see not only its own information, but also information belonging to lower users. In a multilevel security database, different users have different beliefs (versions of information) about the same real world object. In this paper we present a relational model SecDB for multilevel security data. We also present an SQL-like language SecSQL for querying security information. For a given level, a tuple consists of all the differing beliefs about the same real world object. Therefore, the model provides a built-in coherence to different beliefs of the same real world object. For an operator to be well defined, its application should preserve beliefs and coherence. This persistence of belief and coherence is achieved through the concept of an anchor borrowed from an earlier work. On one hand (in addition to the usual database queries) SecSQL yields itself naturally to formulation of security related queries, yet on the other hand the algebraic operators yield natural identities which hold a good promise of algebraic optimization.