Add to Book Shelf
Flag as Inappropriate
Email this Book

Ncsc Technical Report - 005 Volume 1/5 Library No. S-243,039

By Brewster, Keith F.

Click here to view

Book Id: WPLBN0000697933
Format Type: PDF eBook:
File Size: 0.3 MB
Reproduction Date: 2005

Title: Ncsc Technical Report - 005 Volume 1/5 Library No. S-243,039  
Author: Brewster, Keith F.
Volume:
Language: English
Subject: Technology., Reference materials, Technology and literature
Collections: Techonology eBook Collection
Historic
Publication Date:
Publisher:

Citation

APA MLA Chicago

F. Brewste, B. K. (n.d.). Ncsc Technical Report - 005 Volume 1/5 Library No. S-243,039. Retrieved from http://gutenberg.cc/


Description
Technical Reference Publication

Excerpt
Introduction: This document is the first volume in the series of companion documents to the Trusted Database Management System Interpretation of the Trusted Computer System Evaluation Criteria [TDI 91;DoD 85]. This document examines inference and aggregation issues in secure database management systems and summarizes the research to date in these areas.

Table of Contents
TABLE OF CONTENTS SECTION PAGE 1.0 INTRODUCTION. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . l 1.1 BACKGROUND AND PURPOSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 SCOPE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.3 INTRODUCTION TO INFERENCE AND AGGREGATION . . . . . . . . . . . . . . . . . . . . . . 2 1.4 AUDIENCES OF THIS DOCUMENT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.5 ORGANIZATION OF THIS DOCUMENT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.0 BACKGROUND. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.1 INFERENCE AND AGGREGATION - DEFINED AND EXPLAINED . . . . . . . . . . . . . . 5 2.1.1 Inference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.1.1.1 Inference Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.1.1.2 Inference Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.1.1.3 Related Disciplines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.1.2 Aggregation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.1.2.1 Data Association Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 2.1.2.2 Cardinal Aggregation Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 2.2 SECURITY TERMINOLOGY. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 2.3 THE TRADITIONAL SECURITY ANALYSIS PARADIGM . . . . . . . . . . . . . . . . . . . . . 12 2.4 THE DATABASE SECURITY ENGINEERING PROCESS . . . . . . . . . . . . . . . . . . . . . . 14 2.5 THE REQUIREMENTS FOR PROTECTING AGAINST INFERENCE AND AGGREGATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 2.5.1 The Operational Requirement. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 2.5.2 The TCSEC Requirement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 3.0 AN INFERENCE AND AGGREGATION FRAMEWORK . . . . . . . . . . . . . . . . . . . . . . . 18 3.1 DETAILED EXAMPLE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 3.2 THE FRAMEWORK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.2.1 Information Protection Requirements and Resulting Vulnerabilities. . . . . . . . . . 20 3.2.2 Classification Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.2.3 Vulnerabilities from Classification Rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 3.2.4 Database Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

 
 



Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.