Concurrency, Synchronization, and Scheduling to Support High-assurance Write-up in Multilevel Object-based Computing

  • Roshan K. Thomas
  • Ravi S. Sandhu
Part of the Workshops in Computing book series (WORKSHOPS COMP.)

Abstract

We discuss concurrency, synchronization, and scheduling issues that arise with the support of high-assurance RPC-based (synchronous) write-up actions in multilevel object-based environments. Such environments are characterized by objects classified at varying security levels (called classifications) and accessed by subjects with varying security clearances. A write-up action occurs when a low level object sends a message to a higher one, triggering an update in the latter. While such actions do not directly violate the security policy, their abstract nature in object-based systems poses confidentiality leaks by opening up signaling channels. We present an approach to closing such channels by executing the methods in the sender and receiver objects concurrently, whenever a write-up action is issued. However, these concurrent computations have to be synchronized and scheduled so that they preserve the semantics of the original and synchronous (sequential) execution. We utilize a multi-version synchronization scheme and various scheduling strategies to achieve this.

Keywords

Mili 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    D.E. Bell and L.J. LaPadula. Secure computer systems: Unified Exposition and Multics Interpretation. EDS-TR-75–306, The MITRE Corp., Bedford, MA., March 1976.Google Scholar
  2. [2]
    E.H. Bensley and T.J. Brando and M.J. Prelle. An execution model for distributed object-oriented computation. Proc. of the ACM OOPSLA conference, pp. 316–322, September, 1988.Google Scholar
  3. [3]
    S. Jajodia and B. Kogan. Integrating an object-oriented data model with multi-level security. Proc. of the 1990 IEEE Symposium on Security and Privacy, pp. 76–85, May 1990.Google Scholar
  4. [4]
    B. Maimone and R. Allen. Methods for resolving the security vs. integrity conflict. In Proc. of the fourth RADC Database Security Workshop, Little Compton, Rhode Island, April 1991.Google Scholar
  5. [5]
    R.S. Sandhu, R. Thomas, and S. Jajodia. Supporting timing-channel free computations in multilevel secure object-oriented databases. Proc. of the IFIP 11.3 Workshop on Database Security, Sheperdstown, West Virginia, November 1991.Google Scholar
  6. [6]
    R.K. Thomas and R.S. Sandhu. Implementing the message filter object-oriented security model without trusted subjects. Proc. of the IFIP 11.3 Workshop on Database Security, Vancouver, Canada, August 1992.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1994

Authors and Affiliations

  • Roshan K. Thomas
    • 1
  • Ravi S. Sandhu
    • 2
  1. 1.Center for Secure Information SystemsGeorge Mason UniversityFairfaxUSA
  2. 2.Department of Information and Software Systems EngineeringGeorge Mason UniversityFairfaxUSA

Personalised recommendations