Research Directions in Database Security

1 Workshop Summary.- 1.1 Introduction.- 1.2 Labels.- 1.3 Aggregation.- 1.4 Discretionary Security.- 1.5 The Homework Problem.- 1.6 Classification Semantics.- 1.7 Assurance.- 1.8 New Approaches.- 1.9 Classifying Metadata.- 1.10 Conclusions.- 1.11 References.- 2 SeaView.- 2.1 Introduction.- 2.2 Multilevel Security.- 2.3 Multilevel Relations.- 2.4 Discretionary Security.- 2.5 Multilevel SQL.- 2.6 The SeaView Verification.- 2.7 The SeaView Design.- 2.8 Data Design Considerations.- 2.9 Conclusions.- 2.10 References.- 3 A1 Secure DBMS Architecture.- 3.1 Introduction.- 3.2 The A1 Secure DBMS Modes of Operation.- 3.3 The A1 Secure DBMS Security Policy Overview.- 3.4 A1 Secure DBMS Architecture.- 3.5 Why is ASD Needed.- 3.6 For Further Information.- 3.7 References.- 4 An Investigation of Secure Distributed DBMS Architectures.- 4.1 Introduction.- 4.2 Concept of Operation.- 4.3 Security Policy Overview.- 4.4 Architecture Definition.- 4.5 Discretionary Access Control Enforcement.- 4.6 Summary and Conclusions.- 4.7 References.- 5 LOCK Data Views.- 5.1 Introduction.- 5.2 LOCK Security Policy Overview.- 5.3 Pipelines.- 5.4 Conclusions.- 5.5 References.- 6 Sybase Secure SQL Server.- 6.1 Introduction.- 6.2 Terms and Definitions.- 6.3 Objectives.- 6.4 B2 Design Philosophy.- 6.5 Flow of Control.- 6.6 Trusted Operations.- 6.7 Auditing.- 6.8 Conclusions.- 7 An Evolution of Views.- 7.1 Introduction.- 7.2 References.- 8 Discussion: Pros and Cons of the Various Approaches.- 8.1 Introduction.- 8.2 Inference Problem.- 8.3 Aggregation Problem.- 8.4 Retrospective.- 8.5 References.- 9 The Homework Problem.- 10 Report on the Homework Problem.- 10.1 Introduction.- 10.2 The Example Database.- 10.3 Summary.- 11 Classifying and Downgrading: Is a Human Needed in the Loop.- 11.1 Introduction.- 11.2 The Issue.- 11.3 The Answer.- 11.4 Structured Data.- 11.5 Security Semantics of an Application.- 11.6 Types of Security Semantics.- 11.7 Textual Data.- 11.8 Summary.- 11.9 References.- 12 Session Report: The Semantics of Data Classification.- 12.1 Introduction.- 12.2 References.- 13 Inference and Aggregation.- 13.1 Introduction.- 13.2 Database Inference.- 13.3 The Inference Problem.- 13.4 Analysis of Logical Inference Problems.- 13.5 General Discussion.- 13.6 References.- 14 Dynamic Classification and Automatic Sanitization.- 14.1 Introduction.- 14.2 Sanitization.- 14.3 Initial Overclassification.- 14.4 Initial Underclassification.- 14.5 Discovered Misclassification.- 14.6 Automatic Classification.- 14.7 References.- 15 Presentation and Discussion on Balanced Assurance.- 15.1 Introduction.- 15.2 References.- 16 Some Results from the Entity/Relationship Multilevel Secure DBMS Project.- 16.1 Project Goals and Assumptions.- 16.2 A Multilevel Entity/Relationship Model.- 16.3 Results of Research.- 16.4 Conclusions.- 16.5 References.- 17 Designing a Trusted Application Using an Object-Oriented Data Model.- 17.1 Introduction.- 17.2 The Object-Oriented Data Model.- 17.3 The SMMS as an Object-Oriented Database.- 17.4 Conclusion and Future Directions.- 17.5 References.- 18 Foundations of Multilevel Databases.- 18.1 Introduction.- 18.2 Definitional Preliminaries.- 18.3 Model Theoretic Approach.- 18.4 Proof Theoretic Approach.- 18.5 Environments and Fixed Points.- 18.6 Environments and Inference.- 18.7 Handling Negative and Indefinite Information.- 18.8 Formal Semantics of Time.- 18.9 Other Related Topics.- 18.10 Conclusion.- 18.11 References.- 19 An Application Perspective on DBMS Security Policies.- 19.1 Introduction.- 19.2 Problems with Automatic Polyinstantiation.- 19.3 Problems withView-Based Controls and Constraints.- 19.4 Requirement for Transaction Authorizations.- 19.5 Summary.- 19.6 References.- 20 New Approaches to Database Security: Report on Discussion.- 20.1 Introduction.- 20.2 Report on Discussion.- 20.3 Conclusion.- 20.4 References.- 21 Metadata and View Classification.- 21.1 Introduction.- 21.2 Justification for Metadata Protection.- 21.3 Metadata Classification Approaches.- 21.4 Metadata Protection Schemes.- 21.5 User Access to Metadata.- 21.6 Affect of User Session Level on Data Classification.- 22 Database Security Research at NCSC.- 22.1 Introduction.- 22.2 Sponsored Research Projects.- 22.3 The Future.- 22.4 Discussion Topics.- 23 Position Paper on DBMS Security.- 23.1 Introduction.- 23.2 Conclusions.