MULTI SAFE -- A MODULAR MULTIPROCESSING APPROACH TO SECURE DATABASE MANAGEMENT

Trueblood, Robert P. and Hartson, H. Rex and Martin, Johannes J. (1980) MULTI SAFE -- A MODULAR MULTIPROCESSING APPROACH TO SECURE DATABASE MANAGEMENT. Technical Report CS80008-R, Computer Science, Virginia Tech.

Abstract

This paper describes the configuration and inter-module communication of a MULTIprocessor system for supporting Secure Authorization with Full Enforcement (MULTISAFE) for database management. A modular architecture is described which provides secure, controlled access to shared data in a multiuser environment--with low performance penalties, even for complex protection policies. The primary mechanisms are structured and verifiable. The entire approach is immediately extendible to distributed protection of distributed data. The system includes a user and applications module (UAM), a data storage and retrieval module (SRM), and a protection and security module (PSM). The control of intermodule communication is based on a data abstraction approach. It is initially described in terms of function invocations. An implementation within a formal message system is then described. The discussion of function invocations begins with the single terminal case and extends to the multiterminal case. Some physical implementation aspects are also discussed, and some examples of message sequences are given.