A brief look back at the project undertaken by I.P. Sharp Associates for the U.S. Air Force and the Canadian Government on Relational DBMS Kernel design. Since the completion of the project, 3 years ago, several changes have occurred which alter our perception of the project and its results. A quick look at the future in this area is included.
{"title":"The Secure Relational Database Management System Kernel: Three Years After","authors":"D. Bonyun","doi":"10.1109/SP.1980.10008","DOIUrl":"https://doi.org/10.1109/SP.1980.10008","url":null,"abstract":"A brief look back at the project undertaken by I.P. Sharp Associates for the U.S. Air Force and the Canadian Government on Relational DBMS Kernel design. Since the completion of the project, 3 years ago, several changes have occurred which alter our perception of the project and its results. A quick look at the future in this area is included.","PeriodicalId":372320,"journal":{"name":"1980 IEEE Symposium on Security and Privacy","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116916453","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper we consider some problems related to database security. We first generalize the definition of compromise to the discovery of the value of some (generally complex) property about a class of individuals. For a given query we define implied queries and impose tests for safe response on both the query and implied queries. It is shown how this approach relates to the "tracker" concept. It is further shown how this approach mitigates to some extent the security problems related to history keeping and to user preknowledge of the database.
{"title":"Towards a Fail-Safe Approach to Secure Databases","authors":"T. D. Friedman, L. J. Hoffman","doi":"10.1109/SP.1980.10018","DOIUrl":"https://doi.org/10.1109/SP.1980.10018","url":null,"abstract":"In this paper we consider some problems related to database security. We first generalize the definition of compromise to the discovery of the value of some (generally complex) property about a class of individuals. For a given query we define implied queries and impose tests for safe response on both the query and implied queries. It is shown how this approach relates to the \"tracker\" concept. It is further shown how this approach mitigates to some extent the security problems related to history keeping and to user preknowledge of the database.","PeriodicalId":372320,"journal":{"name":"1980 IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122656842","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Included in the scope of the term "transborder data flows is the transmission over computer-communicational systems of automated data to be processed and stored in foreign data processing systems. A number of issues, including privacy protection and data security, arise in various transborder data flow (TDF) situations and are discussed in this paper, especially the potential effects on TDF of national privacy protection laws and pending international agreements. Sets of associated technical requirements are examined.
{"title":"An Overview of Transborder Data Flow Issues","authors":"R. Turn","doi":"10.1109/SP.1980.10010","DOIUrl":"https://doi.org/10.1109/SP.1980.10010","url":null,"abstract":"Included in the scope of the term \"transborder data flows is the transmission over computer-communicational systems of automated data to be processed and stored in foreign data processing systems. A number of issues, including privacy protection and data security, arise in various transborder data flow (TDF) situations and are discussed in this paper, especially the potential effects on TDF of national privacy protection laws and pending international agreements. Sets of associated technical requirements are examined.","PeriodicalId":372320,"journal":{"name":"1980 IEEE Symposium on Security and Privacy","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121060303","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A methodology for demonstrating the security of trusted applications on a security kernel base is presented. The methodology consists of selecting and authenticating security criteria, and demonstrating through verification techniques that the implementation obeys the selected criteria. Difficulties encountered in the placement of a trusted application on top of a security kernel base motivated the development of the methodology.
{"title":"Demonstrating Security for Trusted Applications on a Security Kernal Base","authors":"S. R. Ames, James Keeton-Williams","doi":"10.1109/SP.1980.10000","DOIUrl":"https://doi.org/10.1109/SP.1980.10000","url":null,"abstract":"A methodology for demonstrating the security of trusted applications on a security kernel base is presented. The methodology consists of selecting and authenticating security criteria, and demonstrating through verification techniques that the implementation obeys the selected criteria. Difficulties encountered in the placement of a trusted application on top of a security kernel base motivated the development of the methodology.","PeriodicalId":372320,"journal":{"name":"1980 IEEE Symposium on Security and Privacy","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134517034","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A protection model based on access control which gives formal definitions for the terms protection problem and safety is introduced. The model provides features for describing the manipulation of the contents of objects and extends the possibilities of the access matrix model.
{"title":"A Model to Describe Protection Problems","authors":"G. Kreissig","doi":"10.1109/SP.1980.10002","DOIUrl":"https://doi.org/10.1109/SP.1980.10002","url":null,"abstract":"A protection model based on access control which gives formal definitions for the terms protection problem and safety is introduced. The model provides features for describing the manipulation of the contents of objects and extends the possibilities of the access matrix model.","PeriodicalId":372320,"journal":{"name":"1980 IEEE Symposium on Security and Privacy","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133791782","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In “New Directions in Cryptography”, Diffie and Hellman propose a public key distribution (PKD) system based on exponentiation in a discrete arithmetic system. The security of this technique is crucially dependent on the difficulty of computing discrete logarithms (the inverse of the discrete exponential function). Until recently, the best known method for computing discrete logs required running time which grew exponentially in the word size. However, Adleman has recently observed that certain fast algorithms for factoring integers are also applicable to computing discrete logs over GF(q), the Galois field with q elements (q denotes a prime number). He also noted that the running time for the modified algorithm should be of the same form as for factoring, namely
{"title":"On the Difficulty of Computing Logarithms Over GF (q^m)","authors":"M. Hellman","doi":"10.1109/SP.1980.10015","DOIUrl":"https://doi.org/10.1109/SP.1980.10015","url":null,"abstract":"In “New Directions in Cryptography”, Diffie and Hellman propose a public key distribution (PKD) system based on exponentiation in a discrete arithmetic system. The security of this technique is crucially dependent on the difficulty of computing discrete logarithms (the inverse of the discrete exponential function). Until recently, the best known method for computing discrete logs required running time which grew exponentially in the word size. However, Adleman has recently observed that certain fast algorithms for factoring integers are also applicable to computing discrete logs over GF(q), the Galois field with q elements (q denotes a prime number). He also noted that the running time for the modified algorithm should be of the same form as for factoring, namely","PeriodicalId":372320,"journal":{"name":"1980 IEEE Symposium on Security and Privacy","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130582774","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The problem of statistical database confidentiality in releasing microdata is addressed through the use of approximate data-swapping. Here a portion of the microdata is replaced with a database that has been selected with approximately the same statistics. The result guarantees the confidentialityof the original data, while providing microdata with accurate statistics. Methods for achieving such transformations are considered and analyzed through simulation.
{"title":"Practical Data-Swapping: The First Steps","authors":"S. Reiss","doi":"10.1145/348.349","DOIUrl":"https://doi.org/10.1145/348.349","url":null,"abstract":"The problem of statistical database confidentiality in releasing microdata is addressed through the use of approximate data-swapping. Here a portion of the microdata is replaced with a database that has been selected with approximately the same statistics. The result guarantees the confidentialityof the original data, while providing microdata with accurate statistics. Methods for achieving such transformations are considered and analyzed through simulation.","PeriodicalId":372320,"journal":{"name":"1980 IEEE Symposium on Security and Privacy","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121459862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Future information systems will involve the interconnection of databases through public networks, requiring the development of adequate security facilities within the local nodes in order to prevent unauthorized access and use of data. A key component of any security scheme is a set of lanuage primitives that define access rights; these language primitives must be combined with other language facilities that assure integrity of the data bases involved and that promote the development of reliable software systems. In such an environment, transaction-based systems, providing interactive access to stored data through a set of predefined operations, may be implemented with programming languages containing facilities for data base definition and manipulation. In such a case, it is necessary to provide some primitives for access control within the programming language. This paper presents a set of such primitives, embedded in a module definition facility, that permits defferent classes of users to share a data base in a controlled way. These facilities are presented as a possible set of extensions to the programming language PLAIN.
{"title":"A Module Definition Facility for Access Control in Distributed Data Base Systems","authors":"R. V. D. Riet, M. Kersten, A. Wasserman","doi":"10.1109/SP.1980.10012","DOIUrl":"https://doi.org/10.1109/SP.1980.10012","url":null,"abstract":"Future information systems will involve the interconnection of databases through public networks, requiring the development of adequate security facilities within the local nodes in order to prevent unauthorized access and use of data. A key component of any security scheme is a set of lanuage primitives that define access rights; these language primitives must be combined with other language facilities that assure integrity of the data bases involved and that promote the development of reliable software systems. In such an environment, transaction-based systems, providing interactive access to stored data through a set of predefined operations, may be implemented with programming languages containing facilities for data base definition and manipulation. In such a case, it is necessary to provide some primitives for access control within the programming language. This paper presents a set of such primitives, embedded in a module definition facility, that permits defferent classes of users to share a data base in a controlled way. These facilities are presented as a possible set of extensions to the programming language PLAIN.","PeriodicalId":372320,"journal":{"name":"1980 IEEE Symposium on Security and Privacy","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116880202","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the ever-increasing use of computers for storing large volumes of vital data, the problems involved in providing data security have been receiving very great attention from researchers. In this paper we try to investigate the various aspects of data security in a general-purpose Data Base Management System (DBMS). Data security concerns data manipulation which encompasses two phases : retrieval and access (read/write). Privacy protection is associated with the retrieval phase and integrity attached to the modification phase. In this paper, we detail both parts of data security and give an overview of the potential solutions to each feature.
{"title":"Aspects of Data Security in General-Purpose Data Base Management Systems","authors":"S. Miranda","doi":"10.1109/SP.1980.10017","DOIUrl":"https://doi.org/10.1109/SP.1980.10017","url":null,"abstract":"With the ever-increasing use of computers for storing large volumes of vital data, the problems involved in providing data security have been receiving very great attention from researchers. In this paper we try to investigate the various aspects of data security in a general-purpose Data Base Management System (DBMS). Data security concerns data manipulation which encompasses two phases : retrieval and access (read/write). Privacy protection is associated with the retrieval phase and integrity attached to the modification phase. In this paper, we detail both parts of data security and give an overview of the potential solutions to each feature.","PeriodicalId":372320,"journal":{"name":"1980 IEEE Symposium on Security and Privacy","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127761860","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: