5th European Symposium on Research in Computer Security (ESORICS 98)
Rules for Designing Multilevel Object-Oriented Databases
Frédéric Cuppens, Alban Gabillon
Abstract : When implementing a multilevel security policy for Object-Oriented Databases (OODBs), several aspects have to be investigated. One of these aspect is the design of multilevel OODBs. In an OODB, data are organized in a complex structure built using different constructs (classes, objects, attributes, links...). Therefore, a first problem is to determine what constructs of the object-oriented model should be associated with a security level. A second problem is then to define semantics for each assignment of a security level to an object-oriented construct. While assigning the security levels, we have also to be careful with the inference problems which may occur due to the integrity constraints inherent in the object-oriented paradigm. Therefore, a last purpose of this paper is to define a set of general rules to cope with this problem.
Proceedings table of contents