Secure multi-level system for executing stored procedures

作者: Scott A. Shurts

DOI:

关键词:

摘要: A database management system is provided for security of objects. These objects may be passive elements such as tables, rows, views, the databases themselves, etc., or they executable items stored procedures triggers. mechanism "certifying" that certain types procedures, triggers, and views can safely used to access other, sensitive in database. Certification indicates (1) a officer has evaluated certified object, (2) now object not undergone defined security-relevant change since certification. particularly important context "trusted" procedure trigger. "Trusted" executed at sensitivity levels exceed user subject. Thus, subject use trusted trigger having higher than his her own. If changes manner, its "certification state" from "suspect" which causes become unexecutable.