Polyinstantiation


Polyinstantiation in computer science is the concept of type being instantiated into multiple independent instances. It may also indicate, such as in the case of database polyinstantiation, that two different instances have the same name.

Operating system security

In Operating system security, polyinstantiation is the concept of creating a user or process specific view of a shared resource. I.e. Process A cannot affect process B by writing malicious code to a shared resource, such as UNIX directory /tmp.
Polyinstantiation of shared resources have similar goals as process isolation, an application of virtual memory, where processes are assigned their own isolated virtual address space to prevent process A writing into the memory space of process B.

Database

In databases, polyinstantiation is database-related SQL terminology. It allows a relation to contain multiple rows with the same primary key; the multiple instances are distinguished by their security levels. It occurs because of mandatory policy. Depending on the security level established, one record contains sensitive information, and the other one does not, that is, a user will see the record's information depending on his/her level of confidentiality previously dictated by the company's policy
Consider the following table, where the primary key is Name and λ is the security level:
NameλAgeλλ
AliceSecret18Top SecretTop Secret
BobSecret22SecretSecret
BobSecret33Top SecretTop Secret
TrudyTop Secret15Top SecretTop Secret

Although useful from a security standpoint, polyinstantiation raises several problems:
In cryptography, polyinstantiation is the existence of a cryptographic key in more than one secure physical location.