This paper introduces guidelines aiming at the prevention of illegal information flows due to object deletion in multilevel secure object database management systems (ODBMSs). Although a delete operation can be viewed as a kind of write operation, this does not suffice to avoid covert channels. Hence, the attention is focused on delete operation and its implications on database security. The guidelines we propose are formally stated as security principles. We also show how to design a garbage collection mechanism in a multilevel secure ODBMS. The garbage collection mechanism ensures both security and referential integrity.
Secure object deletion and garbage collection in multilevel object bases
Elena Ferrari
1999-01-01
Abstract
This paper introduces guidelines aiming at the prevention of illegal information flows due to object deletion in multilevel secure object database management systems (ODBMSs). Although a delete operation can be viewed as a kind of write operation, this does not suffice to avoid covert channels. Hence, the attention is focused on delete operation and its implications on database security. The guidelines we propose are formally stated as security principles. We also show how to design a garbage collection mechanism in a multilevel secure ODBMS. The garbage collection mechanism ensures both security and referential integrity.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.