Accession Number : ADA306601

Title :   TCB Subset DBMS Architecture Project.

Descriptive Note : Final technical rept.,

Corporate Author : INFOSYSTEMS TECH INC GREENBELT MD

Personal Author(s) : O'Connor, James P. ; Hasan, Mohammed S. ; Smith, Mark S.

PDF Url : ADA306601

Report Date : JAN 1996

Pagination or Media Count : 28

Abstract : This report documents the results of an effort to investigate a Multilevel Secure (MLS) Database Management System (DBMS) architecture derived by applying the concepts of Trusted Computing Base (TCB) subsetting as described in the Trusted Database Interpretation of the Trusted Computer System Evaluation Criteria (TCSEC) to a trusted subject MLS DBMS architecture. A TCB subset architecture is a trusted systems architecture in which the overall system security policy is hierarchically partitioned and allocated to different parts (subsets) of the system. Each of these parts implements a reference monitor enforcing the corresponding policy. Each part is similar to a conventional reference monitor, with the exception that it may use the resources of the more primitive subsets (lower in the hierarchy) to enforce its security policy (the most primitive subsets use only the hardware). A subset architecture provides significant benefits in the areas of assurance and evaluability. An alternative to a TCB subset DBMS architecture is a 'trusted subject architecture', wherein the DBMS contains some subjects that are not completely constrained by the underlying security kernel. In this report, the design and implementation of a new MLS DBMS architecture that is a hybrid of these two architectures is presented.

Descriptors :   *DATA BASES, *DATA PROCESSING SECURITY, *COMPUTER ARCHITECTURE, POLICIES, DATA MANAGEMENT, MONITORING, COMPUTERS, SYSTEMS ANALYSIS, HIERARCHIES.

Subject Categories : Computer Systems
      Computer Systems Management and Standards

Distribution Statement : APPROVED FOR PUBLIC RELEASE