Belief Reasoning in MLS Deductive
Databases
Abstract
It is envisaged that application of the MLS scheme will
enhance the implementation of flexible and effective
authorization policies in shared enterprise databases
without the need for defining complicated views on a per
user basis. The abundant recent research into MLS
relational databases unequivocally substantiates this
vision and asserts that an authorization policy as
stringent as multi-level security is essential for sensitive
defense and corporate database applications. However, as
advances in this area are being made and ideas
crystallized, the concomitant weaknesses are also surfacing.
An acute problem with the current model is that the belief
at a higher user level is cluttered with irrelevant or
inconsistent data as it offers no mechanism to attenuate
such data as needed. Critics also argue that it is
imperative for users to theorize about the belief of other
users at different levels. Current models,
unfortunately, do not facilitate such reasoning at all.
The need to provide a framework for belief reasoning in
MLS databases provides the impetus for our current
research. We demonstrate that a prudent application of the
idea of inheritance in a deductive setting will help capture
the notion of belief and belief reasoning in MLS databases
in an elegant way. We develop a function to compute
belief in multiple modes which can be used to reason
about the beliefs of other users. In this paper, we strive
to develop a poised and practical logical characterization
of MLS databases for the first time based on the inherently
difficult concept of inheritance. We present an extension of
the acclaimed Datalog language, called the MultiLog, and
show that Datalog is a special case of our language.
Key Words: MLS databases, belief assertion, reasoning,
inheritance and overriding, deductive databases.