| The security of the common commercial database should be enough for general enterprises, but it isn't enogh for some special departments such as army, government, etc. So we must study the special database to guarantee the absolute security of their information, and we call it secure database. The foreign study on secure database has been already riper, and has released the relevant products, but the domestic study on secure database is still very unripe. Because we cann't buy these products from foreign country for security problems, we must study our own secure database.First of all we introduce the concept of the secure database and classification of the secure database, then we introduce the concept and research current situation of the inference channels in multilevel secure database. We describe some methods to detect and eliminate inference channels. We present an integrated security mechanism, called the Disclosure Monitor(DiMon), which guarantees data confidentiality by extending a mandatory access control mechanism(MAC) with the Disclosure Inference Engine(DiIE). We develop actual inference algorithms for both data-dependent and data-independent disclosures for a highly expressive family of Horn-clause constraints. We use polyinstance to eliminate the covert signal channel in the multilevel secure database, so we must change the traditional relational data modal. We introduce the concept of the multilevel relation and we explain the update semantics for multilevel relation. We put forward a new method for the decomposition and recovery of multilevel relation, and we use some examples to illustrate this.
|
PDF Full Text Request