Abstract
Majority of the research in multilevel secure database management systems (MLS/DBMS) focuses primarily on centralized database systems. However, with the demand for higher performance and higher availability, database systems have moved from centralized to distributed architectures, and the research in multilevel secure distributed database management systems (MLS/DDBMS) is gaining more and more prominence. Traditional transaction management protocols (i.e., concurrency control and commit protocols) are important components of database systems. The most important issues for these protocols in MLS database system are the covert channel problem [2] and starvation of high security level transactions [10]. To address these problems, first we propose new correctness criteria for multilevel secure multiversion concurrency control protocol, called read-down conflict serializability. It is the extended definition of one-copy serial (or1-serial) that allows a transaction to read older versions, if necessary. If a concurrency control protocol allows transaction to read older versions, we can obtain better throughput and response time than the traditional multiversion concurrency control protocols. We show that multiversion schedule based upon proposed criteria is also one-copy serializable. Secondly, this paper proposes a secure multiversion concurrency control protocol for MLS/DDBMSs that is only free from covert channels but also do so without starving high security level transactions, in addition to ensure the proposed serializability. Further, in distributed database systems, an atomic commitment protocol is needed to terminate distributed transactions consistently. To meet MLS requirements and to avoid database inconsistencies 2PC commit protocol is also modified.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Unified Exposition and Multics Interpretation. The MITRE Corp. (1976)
Keefe, T.F., Sai, W.T., Sarivastva, J.: Multiversion concurrency control for multilevel secure database systems. In: Proceedings of the 10th IEEE Symposium on Security and Privacy, Oakland, California, pp. 369–383 (1990)
Atluri, V., Jajodia, S., Keefe, T.F., McCollum, C., Mukkamala, R.: Multilevel secure transaction processing: Status and Prospects. In: Proceedings of the tenth annual IFIP TC11/WG11.3 International Conference on Database Security X: Status and Prospects, Como, Italy, pp. 79–98 (1996)
Maimone, W.T., Greeberg, I.B.: Single level multiversion schedulers for Multilevel Secure Database Systems. In: Proceedings of 6th Annual Computer Security Application Conference, Tucson, pp. 137–174 (1990)
Atluri, V., Jajodia, S., Bertino, E.: Alternative correctness criteria for concurrent execution of transactions in MLS databases. IEEE Transactions Knowledge and Data Engineering 8(5), 839–854 (1996)
Keefe, T.F., Tsai, W.T., Srivastava, J.: Database concurrency control in multilevel secure database management systems. IEEE Transactions on knowledge and Data Engineering 5(6), 1039–1055 (1993)
Bernstein, A., Hadzilacos, V., Goodman, N.: Concurrency Control and Recovery in Database Systems. Addison-Wesley, Massachusetts (1987)
Ceri, S., Pelagatti, G.: Distributed Databases Principles and Systems. McGraw-Hill Book Company, New York (1984)
Ray, I., Mancini, L.V., Jajodia, S., Bertino, E.: ASEP: A secure and flexible commit protocol for MLS distributed database systems. IEEE Transactions on Knowledge and Data Engineering 12(6), 880–899 (2000)
Kaur, N., Sarje, A.K., Misra, M.: Performance evaluation of secure concurrency control algorithm for multilevel secure distributed database systems. In: Proceeding of IEEE the International Conference on Information Technology: Coding and Computing, pp. 249–254. Las Vegas, Nevada (2005)
Atluri, V., Jajodia, S., Bertino, E.: Transaction processing in multilevel secure databases using kernelized architecture: challenges and solutions. IEEE Transactions on Knowledge and Data Engineering 9(5), 697–708 (1997)
Kim, H.T., Kim, M.H.: Starvation-free secure multiversion concurrency control. Information Processing Letters, vol. 65, pp. 247–253. Elsevier, Amsterdam (1998)
Carey, M.J., Livny, M.: Conflict detection tradeoffs for replicated data. ACM Transactions on Database Systems 16(4), 703–746 (1991)
Carey, M.J., Franklin, M., Zaharioudakis, M.: Fine Grained Sharing in a Page-Server OODBMS. In: Proceedings of ACM-SIGMOD International Conference on Management of Data, Minneapolis, Minnesota, pp. 359–370 (1994)
Bernstein, P.A., Hadzilacos, V., Goodman, N.: Concurrency Control and Recovery in Database Systems. Addison-Wesley, Reading (1987)
Samaras, G., Britton, K., Citron, A., Mohan, C.: Two-Phase commit optimizations in a commercial distributed environment. International Journal on Distributed and Parallel Databases 3(4), 325–361 (1995)
McDermott, J., Jajodia, S.: Orange locking: channel-free database concurrency control via locking. In: Proceeding of 6th Working Conference of IFIP Working Group 11.3 on Database Security on Database Security, VI: Status and Prospects, Vancouver, Canada, pp. 267–284 (1995)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kaur, N., Singh, R., Misra, M., Sarje, A.K. (2007). Secure Transaction Management Protocols for MLS/DDBMS. In: McDaniel, P., Gupta, S.K. (eds) Information Systems Security. ICISS 2007. Lecture Notes in Computer Science, vol 4812. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77086-2_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-77086-2_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77085-5
Online ISBN: 978-3-540-77086-2
eBook Packages: Computer ScienceComputer Science (R0)