Supporting security requirements in multilevel real-time databases

Author

David, Rasikan ; Son, Sang H. ; Mukkamala, Ravi

Author_Institution

Dept. of Comput. Sci., Virginia Univ., Charlottesville, VA, USA

fYear

1995

fDate

8-10 May 1995

Firstpage

199

Lastpage

210

Abstract

Database systems for real-time applications must satisfy timing constraints associated with transactions, in addition to maintaining data consistency. In addition to real-time requirements, security is usually required in many applications. Multilevel security requirements introduce a new dimension to transaction processing in real-time database systems. We argue that due to the conflicting goals of each requirement, trade-offs need to be made between security and timeliness. We first define capacity, a measure of the degree to which security is being satisfied by a system. A secure two-phase locking protocol is then described and a scheme is proposed to allow partial violations of security for improved timeliness. The capacity of the resultant covert channel is derived and a feedback control scheme is proposed that does not allow the capacity to exceed a specified upper bound

Keywords

concurrency control; data integrity; database theory; feedback; protocols; security of data; timing; transaction processing; capacity; covert channel; data consistency; feedback control scheme; multilevel real-time databases; partial security violations; secure two-phase locking protocol; security requirements; timeliness; timing constraints; trade-offs; transactions; Application software; Computer science; Data security; Database systems; Information security; Multilevel systems; Protocols; Real time systems; Timing; Transaction databases;

fLanguage

English

Publisher

ieee

Conference_Titel

Security and Privacy, 1995. Proceedings., 1995 IEEE Symposium on

Conference_Location

Oakland, CA

Print_ISBN

0-8186-7015-0

Type

conf

DOI

10.1109/SECPRI.1995.398933

Filename

398933