Specification and Enforcement of Classification and Inference Constraints

Although mandatory access control in database systems has been extensively studied in recent years, and several models and systems have been proposed, capabilities for enforcement of mandatory constraints remain limited. Lack of support for expressing and combating inference channels that improperly leak protected information remains a major limitation in today’s multilevel systems. Moreover, the working assumption that data are classified at insertion time makes previous approaches inapplicable to the classification of existing, possibly historical, data repositories that need to be classified for release. Such a capability would be of great benefit to, and appears to be in demand by, governmental, public, and private institutions. We address the problem of classifying existing data repositories by taking into consideration explicit data classification as well as association and inference constraints. Constraints are expressed in a unified, DBMSand modelindependent framework, making the approach largely applicable. We introduce the concept of minimal classification as a labeling of data elements that, while satisfying the constraints, ensures that no data element is classified at a level higher than necessary. We also describe a technique and present an algorithm for generating data classifications that are both minimal and preferred according to certain criteria. Our approach is based on preprocessing, or compiling, constraints to produce a set of simple classification assignments that can then be efficiently applied to classify any database instance. This work was supported in part by the National Science Foundation under grant ECS-94-22688 and by DARPA/Rome Laboratory under contract F30602-96-C-0337. yThis work was performed while the author was visiting SRI International, Computer Science Laboratory, supported in part by the National Science Foundation under grant ECS-94-22688. zOn leave from Università di Milano. Author’s permanent address: Università di Milano, Polo Didattico e di Ricerca di Crema, Via Bramante 65, 26013 Crema Italy; e-mail: [email protected].