Date of Award
Doctor of Philosophy
One of the current research areas is to integrate database technology with object-oriented concepts. This dissertation addresses the problems involved with object-oriented data models and provides additional proposals for multilevel security in such an environment. A new object-oriented data model is presented, using formal specifications to provide a concise description of the data model, which includes aggregate and composite objects as well as versioning of objects. Multilevel security is addressed with the introduction of a multilevel security policy which describes the security needs and protection requirements of an object-oriented database system. Mandatory security and discretionary security are part of the security model which represents the security policy and specifies security properties that must exist for various entities in an object-oriented system, such as classes, methods and objects. All entities in the system are required to have a security classification level and all users must have a security clearance. In addition, various entities may contain negative authorization lists, specifying restricted access to certain users or groups of users. This security policy, which also addressed information flow violation, is then integrated into the new object-oriented data model. Protection in an object-oriented database system is further extended by providing secure transaction processing. New locking algorithms are introduced to enforce the security policy. At the user level, strategies for secure query processing are addressed. The concept of a virtual class is used to implement a secure view for users. Simple, content-based and context-based security constraints are enforced by integrating a rule base with the database to perform query modification. The rule base contains security constraints as well as environmental information to protect against user inference.
Digital Repository @ Iowa State University, http://lib.dr.iastate.edu/
Linda M. Null
Null, Linda M., "A multilevel security model for object-oriented database systems " (1991). Retrospective Theses and Dissertations. 9670.