A multilevel relational database (MDB) stores data at different security levels and provides this data to users with different clearance levels. The security problem for an MDB is to prevent users from obtaining any unauthorized data. Until recently, research about the security of an MDB was concerned with access control. While access control techniques work to prevent one type of attack, the security can still be subverted by inference attacks. An inference attack to the MDB occurs if a user can infer unauthorized information in the MDB by using his preknowledge about the MDB and query responses authorized to him. This work investigates the inference problems arising from integrity constraints in the database (i.e., constraints that enforce the correctness of data). Two of the most popular integrity constraints, i.e. functional dependencies (FDs) and multivalued dependencies (MVDs), are considered. Examination of the combination effects of FDs and MVDs on the security of an MDB under an elementary item classification scheme will be made. A protection scheme with minimum information loss will be found. The work also will investigate the same problem under a dynamic environment, i.e. data in the MDB can be changed. Finally, the research will explore the possibility of unifying inference mechanisms for different integrity constraints.
