The Seaview Formal Security Policy Model
Author
Teresa F. Lunt, Dorothy E. Denning, Roger R. Schell, Mark Heckman, William R. Shockley
Abstract
This report describes a formal security policy model for a secure relational database system. This model is intended to meet the formal model requirement specified in the DoD Trusted COmputer System Evaluation Criteria. The model is formulated in two layers, one corresponding to a reference monitor thta enforces mandatory security, and the second defining multilevel relations and formulazing policies for labeling
new and derived data, data consistency, discretionary security, and transaction consistency. The development of a formal security policy model is the second task of the SeaView Project to design a multilevel secure database system meeting the Criteria for Class A1.
Publication Date
0000-00-00
Contents
1Background
2 Security Model Overview
3 Mandatory Security Policy Model
4 TCB Multilevel Relations
5 TCB Application-Specific Constraints on Values and Classes
6 TCB Discretionary Security
7 TCB Transactions
8 TCB Model Interface
Location
A hard-copy of this is in Haas