Formal Analysis on an Extended Security Model for Database Systems

In order to develop highly secure database systems to meet the requirements for class B2, the BLP (Bell-LaPudula) model is extended according to the features of database systems. A method for verifying security model for database systems is proposed. According to this method, analysis by using Coq proof assistant to ensure the correctness and security of the extended model is introduced. Our formal security model has been verified secure. This work demonstrates that our verification method is effective and sufficient. Since the BLP(Bell-LaPudula) model is recommended by the trusted computer system evaluation criteria (TCSEC) , many researchers applied it to operating systems and formally analyzed the security of the extended models. Li et al specified the BLP in Zlanguage and illustrated that proving by using tools was more rigorous than proving manually. He et al analyzed an extended BLP in Zlanguage and verified that their model was not secure. Maximiliano proposed an extended model for a UNIX file system and analyzed that its operations satisfied a set of security properties with Coq. Boniface Hicks specified the SELinux MLS policy in the Prolog and proposed a method to determine policy compliance in different systems.