Submodule 3: Database Security Models

Assignment 2
Sea View Model

Created: February 6, 2004
Last Updated: February 20, 2004

Assignment version number: Version 0.1
Author of the Assignment: Author: Dr. Morris Liaw


Level of Difficulty: Moderate

Completion Time: 1 week

Progaramming involved: No


Objectives

In this project, students will make sure that they know the concepts of the Sea View Model for enforcing the security of a relational database.

Description

(1) The Sea View model governs access to the data stored in the database on the basis of mandatory as well as discretionary policies, and consists of two layers.
The top layer supports discretionary controls for multilevel relations and views, and formulizes the supporting policies using TCB (Trusted Computing Base) Model.
In the bottom layer, all the information of the top layer in TCB model is stored in objects mediated by the MAC (Mandatory Access Control) refernce monitor.

The Project

Given a multilevel relation EMPLOYEE as follows:
Name
C-Name
Department
C-Department
Salary
C-Salary
C-Tuple
Bob
S
Dept1
S
10K
S
S
Ann
S
Dept2
S
30K
TS
TS
Sam
TS
Dept2
TS
30K
TS
TS

Assuming the Sea View model is used for enforcing the database security, answer the following questions:

(1) Show the S(ecret)-Instance and T(op)S(ecret)-Instance of the multilevel relation EMPLOYEE.
(2) Suppose an S(ecret)-Subject needs to insert (Sam, Dept1, 10K) to the EMPLOYEE relation, show the resulting relation and the polyinstantiated tulpe.
(3) Suppose an S-Subject needs to update Ann's salary to "20K" to the original EMPLOYEE relation, show the resulting relation EMPLOYEE' and the polyinstantiated element.
(4) Suppose an T(op)S(ecret)-Subject needs to update Ann's department to "Dept1" again to the EMPLOYEE' relation of (3), show the resulting relation and the polyinstantiated tulpes.
(5) Suppose an TS-Subject needs to update Bob's department to "Dept2" and salary to "20K" to the EMPLOYEE' relation of (3), show the resulting relation and the polyinstantiated tulpes.

Resources

Books
Articles
Links

Glossary

Acess class
Secrecy class
Integrity class
Object
Subject
Write class
Read class
Trusted
Untrusted
Multi-level relation
Polyinstantiation
Security kernel
...