Security Policy and Policy Interpretation for a Class A1 Multilevel Secure Relational Database System

Get BibTex-formatted data

Author

SRI International

Entry type

techreport

Abstract

This report describes a security policy for a secure relational database system. This policy is intended to meet the security policy requirement specified in the DoD Trusted Computer System Evaluation Criteria. Because the policy is intended for a relational database management system, it goes beyond policies that the reader may be familiar with for general-purpose systems. However, it also addresses the requirements considered applicable to general-purpose systems and can serve as a useful guide to those who are called upon to produce a policy statement that will satisfy the Criteria. The development of a security policy is the first task of a three-year project to design a multilevel secure database system that will satisfy the criteria for Class A1.

Date

1988 – August

Key alpha

SRI International

Publication Date

0000-00-00

1 Introduction 2Policy Overview 3 The Security Policy Relational Database System Interpretation 5 Mandatory Security Policy 6 Discretionary Security Policy 7 Data Consistecy Policy 8 Labeling Policy 9 Sanitization Policy 10 Aggregation Policy 11 Reclassification Policy 12 Accountability Policy 13 Summary 14 Conclusions

Keywords

security policy, trusted systems, multilevel security, computer security, database management system, secure database management system, database security, security kernel, reference monitor, relational database

Language

English

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Techreport{ SRI International,
	title = "Security Policy and Policy Interpretation for a Class A1 Multilevel Secure Relational Database System",
	author = "SRI International",
	year = "1988",
	month = "August",
	abstract = "This report describes a security policy for a secure relational database system.  This policy is intended to meet the security policy requirement specified in the DoD Trusted Computer System Evaluation Criteria.  Because the policy is intended for a relational database management system, it goes beyond policies that the reader may be familiar with for general-purpose systems.  However, it also addresses the requirements considered applicable to general-purpose systems and can serve as a useful guide to those who are called upon to produce a policy statement that will satisfy the Criteria.  The development of a security policy is the first task of a three-year project to design a multilevel secure database system that will satisfy the criteria for Class A1.",
	contents = "1 Introduction
2Policy Overview
3 The Security Policy
Relational Database System Interpretation
5 Mandatory Security Policy
6 Discretionary Security Policy
7 Data Consistecy Policy
8 Labeling Policy
9 Sanitization Policy
10 Aggregation Policy
11 Reclassification Policy
12 Accountability Policy
13 Summary
14 Conclusions",
	keywords = "security policy, trusted systems, multilevel security, computer security, database management system, secure database management system, database security, security kernel, reference monitor, relational database",
	language = "English",
}