Modeling security-relevant data semantics

• Published in: IEEE transactions on software engineering Vol. 17; no. 11; pp. 1195 - 1203
• Main Author: Smith, G.W.
• Format: Journal Article
• Language: English
• Published: New York, NY IEEE 01.11.1991; Institute of Electrical and Electronics Engineers; IEEE Computer Society
• Subjects: Application software; Applications; Applied sciences; Characteristics; Computer science; control theory; systems; Cybersecurity; Data base management systems; Data integrity; Data models; Data security; Database systems; Design; Exact sciences and technology; Humans; Information security; Information systems; Knowledge management; Operating systems; Relational databases; Semantics; Software; Systems design; Database; Safety; Semantic analysis; Semantics; Modeling
• ISSN: 0098-5589; 1939-3520
• DOI: 10.1109/32.106974

The use of an extended data model which represents both integrity and secrecy aspects of data is demonstrated. This Semantic Data Model for Security (SDMS) provides a technique that assists domain experts, security officers, and database designers in first understanding their security requirements, and then translating them into a good database design. Identifying security requirements at this semantic level provides the basis for analyzing the security requirements and the database design for inference and signaling vulnerabilities. Another contribution is a comprehensive taxonomy of security-relevant data semantics that must be captured and understood to implement a multilevel secure automated information system.< >