Partial Security Policies to Support Timeliness in Secure Real-Time DatabasesReport
Conflicts in database systems with both real-time and security requirements can be unresolvable. We address this issue by allowing a database system to provide partial security in order to improve real-time performance when necessary. Systems that are partially secure allow potential security violations such as covert channel use at certain situations. We present the idea of requirement specification that enables the system designer to specify important properties of the database at an appropriate level. To help the designer, a tool can process the database specification to find unresolvable conflicts, and to allow the designer to specify the rules to follow during execution when those conflicts arise. We discuss several partial security policies and compare their performance in terms of timeliness and potential security violations.
All rights reserved (no additional license for public reuse)
Son, Sang, Craig Chaney, and Norris Thomlinson. "Partial Security Policies to Support Timeliness in Secure Real-Time Databases." University of Virginia Dept. of Computer Science Tech Report (1998).
University of Virginia, Department of Computer Science