By Topic

A Unifying Approach to the Design of a Secure Database Operating System

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Spooner, David L. ; Department of Mathematical Sciences, Rensselaer Polytechnic Institute, Troy, NY 12181. ; Gudes, E.

Database management systems (DBMS's) today are usually built as subsystems on top of an operating system (OS). This design approach can lead to problems of unreliability and inefficient performance as well as forcing a duplication of functions between the DBMS and OS. A new design approach is proposed which eliminates much of this duplication by integrating the duplicated functions into independent subsystems used by both the DBMS and OS. Specifically, an I/O and file support subsystem and a security subsystem are defined. Both subsystems make use of a logical information model which models the stored information in secondary storage. The new database operating system organization and the logical information model are presented in detail. Design of the security subsystem is based on the access control model, and is extended with Boolean predicates to produce an access control model capable of enforcing content-dependent security policies. The access matrix is implemented using a combination of access lists and capabilities. Authorization models and multiple user processes are discussed in relation to the new system organization. The outline of a formal specification and proof of correctness of the security subsystem is also discussed.

Published in:

Software Engineering, IEEE Transactions on  (Volume:SE-10 ,  Issue: 3 )