A Generic Audit Policy Model on Multilevel Secure DBMS

微信服务号

微信订阅号

2025-5-17- 11

Home > Archive>Volume 16, Issue 10, 2005 >1774-1783

A Generic Audit Policy Model on Multilevel Secure DBMS
DOI:
                        
                    
Author:
                        HE Yong-ZhongHE Yong-Zhong

Find this author on CNKI
Find this author on BaiDu
Search for this author on this site
LI LanLI Lan

Find this author on CNKI
Find this author on BaiDu
Search for this author on this site
FENG Deng-GuoFENG Deng-Guo

Find this author on CNKI
Find this author on BaiDu
Search for this author on this site

                    
Affiliation:
Clc Number:
Fund Project:

Article

Figures

Metrics

Reference [12]

Related [20]

Cited by

Materials

Comments

Abstract:

This paper proposes a generic audit policy model on multilevel secure DBMS. The model is powerful expressively which not only expresses audit policy based on periodical time constraints, but also implements audit policy deduction based on rules. Furthermore, fine-grained audit policies are possible in this model with the introduction of object attribute predicate. The decidability of the model is proven and a decidability algorithm is presented.

Key words:audit;policy model;multilevel secure DBMS

Reference

[1]National Computer Security Center. A guide to understanding covert channel analysis of trusted systems. Technical Report,NCSC-TG-030, National Computer Security Center, 1993.

[2]DE BL, LaPadula LJ. Secure computer systems: Unified exposition and multics interpretation. Technical Report, MTR-2997,Bedford: MITRE Corporation, 1976.

[3]Bertino E, Bettini C, Ferrari E, Samarati P. A temporal access control mechanism for database systems. IEEE Trans. on Knowledge and Data Engineering, 1996,8(1):67-80.

[4]Wee C.LAFS: A logging and auditing file system. In: Proc. of the 11th Annual Computer Security Applications Conf. Los Alamitos:IEEE Computer Society Press, 1995.231-240.

[5]Bishop M. A standard audit trail format. In: Proc. of the 18th National Information Systems Security Conf. Washington DC:National Computer Security Center, 1995. 136-145.

[6]Helman P, Liepins G. Statistical foundations of audit trail analysis for the detection of computer misuse. IEEE Trans. on Software Engineering, 1993,19(9):886-901.

[7]Biskup J, Flegel U. Transaction-Based pseudonyms in audit data for privacy respecting intrusion detection. LNCS 1907, Berlin:Springer-Verlag, 2000.28-48.

[8]Sandhu R, Chen F. The multilevel relational (MLR) data model. ACM Trans. on Information and System Security, 1998,1(1):93-132.

[9]Lunt TF, Denning DE, Schell RR, Heckman M, Shockley WR. The SeaView security model. IEEE Trans. on Software Engineering,1990,16(6):593 -607.

[10]National Computer Security Center. A guide to understanding security modeling in trusted systems. Technical Report,NCSC-TG-010, National Computer Security Center, 1992.

[11]Jajodia S, Samarati P, Subrahmanian VS. A logical language for expressing authorizations. In: Proc. of the 1997 IEEE Symp. on Security and Privacy. Los Alamitos: IEEE Computer Society Press, 1997.31-42.

[12]Bertino E, Bettini C, Ferrari E, Samarati P. An access control model supporting periodicity constraints and temporal reasoning.ACM Trans. on Database Systems (TODS), 1998,23(3):231-285.

Get Citation

何永忠,李斓,冯登国.多级安全DBMS的通用审计策略模型.软件学报,2005,16(10):1774-1783

Copy

Article Metrics

Abstract:4236
PDF: 5355
HTML: 0
Cited by: 0

History

Received:July 27,2004
Revised:October 10,2004
Adopted:
Online:
Published:

You are the first2045150Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address：4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code：100190
Phone：010-62562563 Fax：010-62562533 Email：jos@iscas.ac.cn
Technical Support：Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063

微信服务号

微信订阅号

Get Citation

Share

微信扫一扫：分享

Article Metrics

History