Abstract— Recently, security of data in real time systems becomes a very important concern in real-time database systems (RTDBS). However, security is becoming a more significant challenge in several real-time applications. Nowadays, there many multilevel security models, which make RTDBS more secure. This paper presents a review of multilevel security (MLS) models in real-time database systems. Moreover, it starts with an introduction and definition of RTDBSs. Furthermore, three information security models based on multilevel security policy are discussed, analyzed and compared.
Keywords: Real-Time, Multilevel security (MLS), Multilevel models, BLP model, Biba model, Clark-Wilson model.
I. INTRODUCTION
RTDBS is considered as a database system which exhibits the same features of traditional database system such as data independence and concurrency control. However, it simultaneously enforces real-time constraints that applications may have [1].
RTDBS differs from the traditional database systems in many features. RTDBSs have different correctness conditions, applications assumptions, and performance goal. RTDBS can be evaluated by the rate of transactions that do not meet their deadlines, the average delay of late transactions and the cost of missing the deadlines of transactions.
Computer technologies and network have rapidly developed. But at the same time, they also make it easy for the invaders to approach to the information of computer and network, which becomes increasingly insecure. At present, the information security evaluation standard is often used to estimate the security ability of an information system. And the estimation is based on the security model. So the information security model is vital, and it is also the forefront of information security research. This paper aims at multilevel information security models’ analysis and comparisons.
The multilevel security mechanism was originally designed to support military systems and to protect the security and confidentiality of a database. In this mechanism, information is divided into four different security levels according to the importance and sensitive degree of information. There are three famous security models based on multilevel security policy that are usually discussed — Bell-LaPadula model, Biba model and Clark-Wilson model [2].
II. MULTILEVEL SECURITY (MLS)
The MLS policy was originally designed to support the computer systems in the military sector and to protect the security and their database. As shown in
Figure 1, the information in MLS is divided into four different security levels based on the information importance and the degree of its sensitive. From low to high grade, the levels contain unclassified level, confidential level, secret level and top-secret level [2]
Figure 1 : Security levels in Multilevel Security
MLS systems are very important because:
1. A large amount of research has been done in it, because of military funding for computer science in the USA.
2. Originally multilevel concepts were developed to support confidentiality in military applications, however now multilevel integrity policies are using by many commercial systems.
3. Recently, some products like Red Hat Linux and Microsoft Vista have started to use mandatory access control mechanisms.
III. MODELS OF MULTILEVEL SECURITY
A security model is a symbolic representation of a policy. It delineate the require of the policy makers into a set of rules that are to be followed by a computer system. It takes the requirement of the policy and supply the requirement mathematical formulas, relationships, and structure to be go after to achieve the policy goal. There are three multilevel security models which are discussed and analyzed as follow:
A. The Bell-LaPadula Model
Bell-LaPadula Model (BLP) is the most common and frequently multilevel security model which is used computer [13]. This model was designed in 1973 by D.Ellott. Bell and Leanard J. LaPadula. It is a type of computer operating model which used in military sector. The mainly using of this model is to solve the confidential problem of access control. The subjects and objects of this model can be classified by their security mark, corresponding to the military security levels. it can effectively prevent information from a high security level flowing to a low one. BLP model is describes a military security strategy for this reason it is executed in a multilevel security field with strict security hierarchies. It has already got the special attention from more of the researchers. As a hot research area in the multilevel security field, it has influenced the development of other security models a lot [14] [15].
The access operation to sensitive information in this model has to follow up these two concepts — the ‘Least Privilege’ and the ‘Need to know’.
B. The Biba model
Biba model was introduced in 1977 by K. J Biba. It was the first security model in the computer integrity field. It can be define as a lattice-based access control security model dealing with multilevel sensitive information [16]. The main idea of Biba model is to applying information flow policy by using mandatory access control to strengthen discretionary access control. According to mandatory access control policies it checks flows of system information to find and to prevent the possible destruction in the system. The subject and object in Biba model has its own integrity level. The higher level data has higher accuracy and reliability than a lower one. Unlike BLP model the Biba model is used in the commercial applications, the integrity of data is more important than the confidentiality. It based on the integrity level so it is used to solve the integrity problem of applications’ data, and its access control. The significance of Biba model is to protect the integrity of information system.
C. The Clark-Wilson model
Clark-Wilson model suggested in 1989 by David Clark and David Wilson, Clark-Wilson model focuses on the integrity of information and system. In this model, an agent program is applied to access objects in order to protect the integrity of objects. So the user cannot directly access and control objects. The main idea of Clark-Wilson model is to use benign transaction processing technique and task separation technique to ensure the consistency of data and the integrity of the transaction. Benign transaction processing technique means that the processing of information has to be restricted in certain of privilege and range. Task separation technique divides a task into different task subsets. Every subset has to be done by at least two people. By this technique, personal bluffing can be prevented.
IV. COMPARISON
In this section the comparative between the previous models is focuses on Design Year, Aim, Filed, Specification, Advantages, Rules and Limitations as mention in Table 1.
1. Design Year
d BLP model is the most
commonly used and the most famous multilevel security
model. Then the next is Biba model designed in 1977. ClarkWilson model has the lowest mature degree, which is published
in1987 and revised in 1989.
2. Aim
3. Filed
4. Specification
5. Advantages
6. Rules
7. Limitations
TABLE 1. MODELS’ COMPARISON
Models / Comparison BLP Biba Clark-Wilson
Design Year 1973 1977 1989
Aim Confidentiality Integrity Integrity
Filed Military Versatility Business
Specification Formal language Formal language Informal language
Advantages Strict security classification Simplicity and the combination possibility Achieve three integrity protection
Rules
– Simple security rule (no read up(
– The property rule (no write down(
– Strong star property rule
subject with read/write – only at same level. – Integrity axiom (no write up(
– Simple integrity axiom (no read down(
– – Subjects and objects are `labeled’ with programs.
– Programs serve as an intermediate layer between
– subjects and objects.
Limitations No consideration of
integrity No consideration of
confidentiality No consideration of
confidentiality
V. CONCLUSION
This review has identified three models of multilevel security; BLP model, Biba model, and Clark-Wilson model.
Whereas multilevel security mechanism can effectively protect and control the vertical transmission of information flow, there is no mechanism to manage the horizontal transmission of information flow. In practical applications, multilevel security mechanism is usually combined with multilateral security policy, so as to provide more perfect protection mechanism.
In general, the BLP model, Biba model and Clark-Wilson model are used in military field and business environment. But with the increasing number of networks users and the development of information technologies, the security demand for information becomes very important. Using one single security model has been unable to meet practical needs, so the combination of multiple models has become an inevitable trend.
This study has provided an extensive review of multilevel security models in real-time systems research.