A Unifying Approach to the Design of a Secure Database Operating System

David L. Spooner, Ehud Gudes

Research output: Contribution to journalArticlepeer-review

2 Scopus citations


Database management systems (DBMS’s) today are usually built as subsystems on top of an operating system (OS). This design approach can lead to problems of unreliability and inefficient performance as well as forcing a duplication of functions between the DBMS and OS. A new design approach is proposed which eliminates much of this duplication by integrating the duplicated functions into independent subsystems used by both the DBMS and OS. Specifically, an I/O and file support subsystem and a security subsystem are defined. Both subsystems make use of a logical information model which models the stored information in secondary storage. The new database operating system organization and the logical information model are presented in detail. Design of the security subsystem is based on the access control model, and is extended with Boolean predicates to produce an access control model capable of enforcing content-dependent security policies. The access matrix is implemented using a combination of access lists and capabilities. Authorization models and multiple user processes are discussed in relation to the new system organization. The outline of a formal specification and proof of correctness of the security subsystem is also discussed.

Original languageEnglish
Pages (from-to)310-319
Number of pages10
JournalIEEE Transactions on Software Engineering
Issue number3
StatePublished - 1 Jan 1984


  • Authorization models
  • capabilities
  • data security
  • database management systems
  • database management/operating system interface
  • objects
  • operating systems

ASJC Scopus subject areas

  • Software


Dive into the research topics of 'A Unifying Approach to the Design of a Secure Database Operating System'. Together they form a unique fingerprint.

Cite this