The Seaview Formal Security Policy Model
Author
Teresa F. Lunt, Dorothy E. denning, Roger R. schell, Mark Heckman, William R. Shockley
Abstract
This report describes a formal security policy model for a secure relational database system. This model is intended to meet the formal model requirement specified in the DoD Trusted Computer System Evaluation criteria. The model is formulated in two layers, one corresponding to a reference monitor that enforces mandatory security, and the second defining multilevel relations and formalizing policies for labeling new and derived data, data consistency, discretionary security, and transaction consistency. The development of a formal security policy model is the second task of the SeaView project to design a multilevel secure database system meeting the Criteria for Class A1.
Affiliation
SRI International, Gemini Computers
Publication Date
0000-00-00
Contents
1. Background
2. Security Model Overview
3. Mandatory Security Policy Model
4. TCB Multilevel Relations
5. TCB Application-Specific Constraints on Values and Classes
6. TCB Discretionary Security
7. TCB Transactions
8. TCB Model Interface
Location
A hard-copy of this is in Haas
Subject
formal security policy model