Accession Number : ADA306601
Title : TCB Subset DBMS Architecture Project.
Descriptive Note : Final technical rept.,
Corporate Author : INFOSYSTEMS TECH INC GREENBELT MD
Personal Author(s) : O'Connor, James P. ; Hasan, Mohammed S. ; Smith, Mark S.
PDF Url : ADA306601
Report Date : JAN 1996
Pagination or Media Count : 28
Abstract : This report documents the results of an effort to investigate a Multilevel Secure (MLS) Database Management System (DBMS) architecture derived by applying the concepts of Trusted Computing Base (TCB) subsetting as described in the Trusted Database Interpretation of the Trusted Computer System Evaluation Criteria (TCSEC) to a trusted subject MLS DBMS architecture. A TCB subset architecture is a trusted systems architecture in which the overall system security policy is hierarchically partitioned and allocated to different parts (subsets) of the system. Each of these parts implements a reference monitor enforcing the corresponding policy. Each part is similar to a conventional reference monitor, with the exception that it may use the resources of the more primitive subsets (lower in the hierarchy) to enforce its security policy (the most primitive subsets use only the hardware). A subset architecture provides significant benefits in the areas of assurance and evaluability. An alternative to a TCB subset DBMS architecture is a 'trusted subject architecture', wherein the DBMS contains some subjects that are not completely constrained by the underlying security kernel. In this report, the design and implementation of a new MLS DBMS architecture that is a hybrid of these two architectures is presented.
Descriptors : *DATA BASES, *DATA PROCESSING SECURITY, *COMPUTER ARCHITECTURE, POLICIES, DATA MANAGEMENT, MONITORING, COMPUTERS, SYSTEMS ANALYSIS, HIERARCHIES.
Subject Categories : Computer Systems
Computer Systems Management and Standards
Distribution Statement : APPROVED FOR PUBLIC RELEASE