Securing an Object Relational Database

Sharon Lewis & Simon Wiseman

A form of security labelling is added to a COTS Object Relational DBMS. This provides mediated access to data, but does not defend against the inappropriate release of data through the database, whether by Trojan Horse software or a treacherous user. To counter these risks, business constraints are imposed to ensure that a user sanctions the release of any data and adequate business related accounting information is recorded. The business constraints are implemented using the features of the Object Relational DBMS.