Research On The Method And Implementation Of Security Database Multilevel Security Model

Nowadays, many aspects of our lives including politics, economy and military need computer. The storage equipment is changed every year, and the volume of the data is larger, so the security of the data is also more important. Since database is the collection of data, it is the core of computer information system, and has extensive application in every walk of life. Then higher security of database system is demanded.Traditional database system only provides normal access control, which is discretional access control (DAC). It limits the access of a user according to user's privilege. Since sensitive information and ordinary information are arranged with a uniform way, the security of the information depends on the ability of user's management. And it can not defend the attack of others, especially those database administrators. So mandatory access control is needed, which can do classification on both users and data. Up to now, many kinds of multilevel security model is raised, but many are not so reasonable or applicable.Therefore, in this paper, we redesign the multilevel security model. we give new semantics and give solution to many other problems, such as foreign key problems and system implementation. Our work mainly includes four parts as follows:1. In Sandhu's MLR model, Secret information may be lost when low level users delete their tuples. We've given new semantics and solved this problem. The new semantics has a better explanation so that the tuples in the database can represent the entity in the real world. And the model is more applicable.2. Under the new semantics, we reinterpret the idea of data borrow. And we redefine the new integrity rules as well as five SQL manipulations.3. Since the reference option is not supported well, we give solutions to this problem as well as other problems. And then foreign key operation complements four SQL manipulations.4. We analyze the problems during the implementation of multilevel security model. And we've analyzed the algorithm of the core query's execution. We also test and improve the performance of the algorithm.