E. Bertino et al., MANDATORY SECURITY AND OBJECT-ORIENTED SYSTEMS - A MULTILEVEL ENTITY MODEL AND ITS MAPPING ONTO A SINGLE-LEVEL OBJECT MODEL, Theory and practice of object systems, 4(3), 1998, pp. 183-204
The application of mandatory security policies in object-oriented syst
ems require objects to be single-level, i,e., all information in an ob
ject must have the same security classification. However, real-world e
ntities are often multilevel. Moreover, different coexistence options
for property values at different levels are needed, In this paper we p
resent a model for specifying multilevel entities. The proposed entity
model supports different options by which users can specify whether l
ow level values of entity properties are to be considered valid at hig
her levels or whether they represent cover stories not valid at higher
levels, We then illustrate how entities expressed in this model can b
e mapped onto single-level objects, We also present a methodology and
algorithms to automatically perform such a mapping. (C) 1998 John Wile
y & Sons, Inc.