Analysis of a Mandatory Access Restriction System for Oracle DBMS
This paper is devoted to the analysis of mandatory access restriction system for Oracle DBMS. As the result, several leakage channels are discovered.
For many information system based on DBMS it is often a problem to implement access restriction, which takes information value into account. It is usually crucial for large-scale information systems of government or corporate use (i.e. geographical information systems or document management systems). Such system usually imply mandatory access model. One of the features of the mandatory model is prevention of either intentional or accidental decrease of information value thanks to information flow control. Mandatory access model is implemented by labeling all the subjects and objects belonging to the access restriction system.
Oracle DBMS is currently one of the most powerful and popular industrial DBMS. Starting from Oracle9i version, Oracle Label Security (OLS) component is implemented, which makes it possible to organize mandatory access to stored data. OLS is a set of procedures and limitations built into database kernel, which allow...
To view and download this full PLR article, you must be logged in. Registration is completely free. Once you create your account, you will be able to browse, search & downlod from our PLR articles database of over "1,57,897+" on 1,000's of niches and 200+ categories without paying a penny. Click here to signup...
