{"title":"A probabilistic approach to assurance of database design","authors":"L. Russell","doi":"10.1109/CMPASS.1992.235763","DOIUrl":null,"url":null,"abstract":"A probabilistic framework for decision-making is developed. It is based on the recognition that if it is impossible to consider every case in which security might be comprised, at the least a rational method of controlling estimated risk is desirable. Multilevel secure databases are considered. The author describes several principle aggregation and inference problems, and shows how the solutions are externalized to the database designer. These externalized problems are reformulated in a context of approximate reasoning or probability. An overview of probability issues is provided and classified into two orthogonal approaches. These concepts are applied to the database design problem, and policies are provided that can be used to control decision-making for controlling in turn the probability of database inference.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CMPASS.1992.235763","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
A probabilistic framework for decision-making is developed. It is based on the recognition that if it is impossible to consider every case in which security might be comprised, at the least a rational method of controlling estimated risk is desirable. Multilevel secure databases are considered. The author describes several principle aggregation and inference problems, and shows how the solutions are externalized to the database designer. These externalized problems are reformulated in a context of approximate reasoning or probability. An overview of probability issues is provided and classified into two orthogonal approaches. These concepts are applied to the database design problem, and policies are provided that can be used to control decision-making for controlling in turn the probability of database inference.<>
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
