The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

The Seaview Formal Security Policy Model

Author

Teresa F. Lunt, Dorothy E. Denning, Roger R. Schell, Mark Heckman, William R. Shockley

Entry type

techreport

Abstract

This report describes a formal security policy model for a secure relational database system. This model is intended to meet the formal model requirement specified in the DoD Trusted COmputer System Evaluation Criteria. The model is formulated in two layers, one corresponding to a reference monitor thta enforces mandatory security, and the second defining multilevel relations and formulazing policies for labeling new and derived data, data consistency, discretionary security, and transaction consistency. The development of a formal security policy model is the second task of the SeaView Project to design a multilevel secure database system meeting the Criteria for Class A1.

Key alpha

Lunt

Publication Date

0000-00-00

Contents

1Background 2 Security Model Overview 3 Mandatory Security Policy Model 4 TCB Multilevel Relations 5 TCB Application-Specific Constraints on Values and Classes 6 TCB Discretionary Security 7 TCB Transactions 8 TCB Model Interface

Language

English

Location

A hard-copy of this is in Haas

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.