Database security, VI : status and prospects : results of the IFIP WG 11.3 Workshop on Database Security, Vancouver, Canada, 19-21 August, 1992

The current state of research and practice in database security is explored in depth in this volume. The wide range of individual topics span from the semantics of multilevel database applications, security policies and models, the inference problem and multilevel database concurrency control. Security for medical information systems is discussed in specific isolation since it continues to be of particular interest in the field. It is hoped the book will prove to be a vital reference text for students, researchers, designers and developers involved in the disciplines of computer science, information engineering, database systems and computer security.

Protecting Sensitive Medical Information (J.G. Kaplan). Semantic Data Models and Multilevel Security. Implementing the Message Filter Object-oriented Security Model without Trusted Subjects (R.K. Thomas, R.S. Sandhu). Multilevel Secure Rules: Integrating the Multilevel Secure and Active Data Models (K. Smith, M. Winslett). Multilevel Database Applications. The SPEAR Data Design Method (P.J. Sell). Using SWORD for the Military Aircraft Command Example Database (S.R. Wiseman). Policies and Models - I. Extending Access Control with Duties - Realized by active Mechanisms (D. Jonscher). Formalising and Validating Complex Security Requirements (P. Morris, J. McDermid). Support for Security Modelling in Information Systems Design (G. Steinke, M. Jarke). Secure Distributed Database Systems. Panel Discussion: Security for Distributed Database Management Systems (C.D. McCollum). Inference Problem - I. Toward a Tool to Detect and Eliminate Inference Problems in the Design of Multilevel Databases (T.D. Garvey, T.F. Lunt, X. Qian, M.E. Stickel). Inference and Cover Stories (L.J. Binns). Inference Problem - II. Aerie: An Inference Modeling and Detection Approach for Databases (T.H. Hinke, H.S. Delugach). Inference Through Secondary Path Analysis (L.J. Binns). Disclosure Limitation Using Autocorrelated Noise (G. Duncan, S. Mukherjee). Concurrency Control - I. Recovery Management for Multilevel Secure Database Systems (I.E. Kang, T.F. Keefe). Maintaining Multilevel Transaction Atomicity in MLS Database Systems with Kernelized Architecture (O. Costich, S. Jajodia). Concurrency Control - II. Orange Locking: Channel-Free Database Concurrency Control Via Locking (J. McDermott, S. Jajodia). A Practical Transaction Model and Untrusted Transaction Manager for a Multilevel-Secure Database System (M.H. Kang, O. Costich, J.N. Froscher). Multilevel Data Models. Tuple-level vs Element-level Classification (X. Qian, T. Lunt). Inference Secure Multilevel Databases (T.Y. Lin). Policies and Models - II. User-Role Based Security Profiles for an Object-Oriented Design Model (M.-Y. Hu, S.A. Demurjian, T. C. Ting). Integrity and the Audit of Trusted Database Management Systems (J. Filsinger). On the Axiomatization of Security Policy: Some Tentative Observations abouit Logic Representation (J. B. Michael, E.H. Sibley, R.F. Baum, F. Li). Discussion Summary. Workshop Summary (T.F. Lunt). Research Question List. IFIP WGl 1.3 Database Security: Research Questions of Current Significance (C.E. Landwehr).