Name
Abstract | ||
|---|---|---|
Multilevel Security (MLS) is a capability that allows information with different classifications to be available in an information system, with users having different security clearances and authorizations, while preventing users from accessing information for which they are not cleared or authorized. It is a security policy that has grown out of research and development efforts funded mostly by the U.S. Department of Defense (DoD) to address some of the drawbacks of the single level mode of operation that was used at the DoD. The goal was to build and deploy an MLS-compliant environment (e.g., Networks, Operating Systems, Database Systems) that would provide a much needed efficiency in processing and distributing classified information by providing security through computer security, communications security, and trusted system techniques instead of using physical controls, administrative procedures, and personnel security. As Relational Database Management Systems (RDBMS) are at the heart of the DoD's information system, significant research and development efforts have been put into building multilevel secure RDBMS, which have led to the emergence of a number of multilevel secure RDBMS solutions, including commercial ones. Over the past few years and with the increase of security concerns, MLS compliance has become a major requirement from a number U.S. Federal Government agencies that appear to have grown beyond the traditional agencies that require such type and level of security. This paper introduces MLS, and outlines the challenges and complexities of building a multilevel secure RDBMS. The paper also gives concrete examples of both research and commercial multilevel secure RDBMS and describes how they met the above challenges and complexities. |
Year | Venue | Keywords |
|---|---|---|
2004 | CASCON | security concern,management system,multilevel secure rdbms,information system,multilevel secure relational database,security policy,personnel security,computer security,communications security,development effort,accessing information,different security clearance,relational database management system |
Field | DocType | Citations |
Security convergence,Security testing,Computer science,Computer security,Certified Information Security Manager,Multilevel security,Security service,Cloud computing security,Security information and event management,Computer security model,Distributed computing | Conference | 4 |
PageRank | References | Authors |
0.54 | 4 | 1 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Walid Rjaibi | 1 | 121 | 10.80 |