Concurrency Control Based on Subject and Purpose Concepts

A subject doing a job function plays a role in an enterprise. In the role-based access control model, a role is a set of access rights. A subject granted a role can issue an access request in the role. In addition, objects are required to be consistent even if multiple transactions concurrently manipulate an object in a conflicting way. Here, a subject playing more significant roles should take the object prior to another subject. First, we discuss which roles are more significant than other roles in terms of types of methods. Next, we define which subject is more significant in terms of significancy of roles and authorization relations. A method issued by a more significant subject should be performed before another conflicting method issued by a less significant subject in the subject-oriented (SO) view. A transaction issued by a subject is associated with a subset of roles granted to the subject, which is named purpose. A method with a more significant purpose should be performed before another method with a less significant purpose in the purpose-oriented (PO) view. In this paper, we discuss how conflicting methods are ordered in a unique SO and PO (SPO) view. We discuss an SPO scheduler where multiple conflicting transactions are serializable in the SPO view. We evaluate the SPO scheduler compared with the traditional two-phase locking protocol in terms of throughput