By means of simple examples, a design technique for multilevel secure databases is proposed. The design activity covers the conceptual modeling and design phase and consists of the development of secure data schemata and secure function schemata. Data schemata represent the semantics and secrecy properties of data while function schemata describe processes and activities within the system. As security constraints defined on data or functions may influence each other, it argued that the design of a secure system must be data- as well as function-driven. Although the example chosen is quite simple, it is possible to express and model complex security relevant data semantics.
展开▼