摘要： 讨论一个基于公开源码数据库PostgreSQL 的安全数据库原型系统中强制访问控制机制的实现。详细阐述了原型系统对PostgreSQL系统原有数据字典的更改及对DDL、DML 语言的改造，并介绍了多级关系的分解与恢复算法。

关键词: 安全数据库；BLP 模型；强制访问控制

Abstract: The implementing technique of applying mandatory access control policy in code open DBMS PostgrSQL so as to develop a secure RDBMS prototype is demonstrated in the paper. It gives an overview on the prototype. The security label implementation, the original data dictionary modification, DDL and DML security enforcement, multilevel relation decomposition and composition are discussed in details.

Key words: Secure DBMS; BLP model; Mandatory access control (MAC)