| Database system is the core of the information storage and processing in this society, its security is significant. Access control as a key security policy is a necessary condition for implementing a high level secure database manage system. The multilevel secure management database system which has enforced mandatory access control policy is an important part of the database security research area.Firstly, this thesis analyzes several classical multilevel security models. To eliminate the inference channel problem, semantic ambiguity problem, proliferation of tuples due to updates and others, this thesis then proposes a new multilevel secure data model on the basis of Smith-Winslett model, adding a new attribute-PC(Parent classification), the creator's classification, who has created the corresponding entity. This model allows the subject create an entity whose classification is equal or less than his. As a consequence of this, this model enriches and extends the original model semantic, and eliminate the disadvantages of the former model. Tzong-an Su has proposed the CLA algorithm to eliminate the FD-comprise. On the basis of analyzing original algorithm, this thesis then gives a recursive classification level adjustment algorithm with minimum information loss. The total worst-case time complexity has reduced fromO(m|UIN|m log2m) to O(m|UINm|) . In the end, according to the improved model, this thesis researches a MLS-DBMS prototype system on the basis of the TCB subset architecture, together with discussing the modules of the security kernel. |
PDF Full Text Request