Concurrency, Synchronization, and Scheduling to Support High-assurance Write-up in Multilevel Object-based Computing

  • Roshan K. Thomas
  • Ravi S. Sandhu
Part of the Workshops in Computing book series (WORKSHOPS COMP.)


We discuss concurrency, synchronization, and scheduling issues that arise with the support of high-assurance RPC-based (synchronous) write-up actions in multilevel object-based environments. Such environments are characterized by objects classified at varying security levels (called classifications) and accessed by subjects with varying security clearances. A write-up action occurs when a low level object sends a message to a higher one, triggering an update in the latter. While such actions do not directly violate the security policy, their abstract nature in object-based systems poses confidentiality leaks by opening up signaling channels. We present an approach to closing such channels by executing the methods in the sender and receiver objects concurrently, whenever a write-up action is issued. However, these concurrent computations have to be synchronized and scheduled so that they preserve the semantics of the original and synchronous (sequential) execution. We utilize a multi-version synchronization scheme and various scheduling strategies to achieve this.


Security Policy Security Level Signaling Channel Serial Correctness Aggressive Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    D.E. Bell and L.J. LaPadula. Secure computer systems: Unified Exposition and Multics Interpretation. EDS-TR-75–306, The MITRE Corp., Bedford, MA., March 1976.Google Scholar
  2. [2]
    E.H. Bensley and T.J. Brando and M.J. Prelle. An execution model for distributed object-oriented computation. Proc. of the ACM OOPSLA conference, pp. 316–322, September, 1988.Google Scholar
  3. [3]
    S. Jajodia and B. Kogan. Integrating an object-oriented data model with multi-level security. Proc. of the 1990 IEEE Symposium on Security and Privacy, pp. 76–85, May 1990.Google Scholar
  4. [4]
    B. Maimone and R. Allen. Methods for resolving the security vs. integrity conflict. In Proc. of the fourth RADC Database Security Workshop, Little Compton, Rhode Island, April 1991.Google Scholar
  5. [5]
    R.S. Sandhu, R. Thomas, and S. Jajodia. Supporting timing-channel free computations in multilevel secure object-oriented databases. Proc. of the IFIP 11.3 Workshop on Database Security, Sheperdstown, West Virginia, November 1991.Google Scholar
  6. [6]
    R.K. Thomas and R.S. Sandhu. Implementing the message filter object-oriented security model without trusted subjects. Proc. of the IFIP 11.3 Workshop on Database Security, Vancouver, Canada, August 1992.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1994

Authors and Affiliations

  • Roshan K. Thomas
    • 1
  • Ravi S. Sandhu
    • 2
  1. 1.Center for Secure Information SystemsGeorge Mason UniversityFairfaxUSA
  2. 2.Department of Information and Software Systems EngineeringGeorge Mason UniversityFairfaxUSA

Personalised recommendations