%0 Journal Article
%T The Formal Model of DBMS Enforcing Multiple Security Polices
%A Yongzhong He
%A Zhen Han
%A Huirong Fu
%A Guangzhi Qu
%J Journal of Software
%D 2010
%I Academy Publisher
%R 10.4304/jsw.5.5.514-521
%X The formal security policy model and security analysis is necessary to help Database Management System (DBMS) to attain a higher assurance level. In this paper we develop a formal security model for a DBMS enforcing multiple security policies including mandatory multilevel security policy, discretionary access control policy and role based access control policy.  A novel composition scheme of policies is introduced. And the security properties are comprehensively and accurately specified in terms of about 17 state invariants and state transition constraints. Furthermore, the security of the model is proved with the Z/EVES theorem prover.
%K multiple security policies
%K formal language
%K security invariant
%K theorem proving
%U http://ojs.academypublisher.com/index.php/jsw/article/view/495