A Flexible Read-Write Abortion Protocol to Prevent Illegal Information Flow

Information systems have to be secure in presence of illegal access. A transaction illegally reads an object if the transaction reads the object which includes data in other objects which is not allowed to be read. A transaction illegally writes an object after illegally reading some object. In addition, we consider suspicious object whose data is not allowed to flow to another object. A transaction suspiciously reads a suspicious object. A transaction impossibly writes an object after reading a suspicious object. Write-abortion (WA) and read-write abortion (RWA) protocols to prevent illegal information flow are already discussed. In the WA protocol, a transaction is aborted once issuing an illegal or impossible write. Reads are meaninglessly performed since the reads are undone due to the abortion of the transaction. In the RWA protocol, a transaction is aborted once issuing an illegal read or impossible write. Here, read operations to be performed after an illegal read are lost since a transaction is aborted just on issuing an illegal read. In this paper, we newly propose a flexible read-write abortion (FRWA) protocol to reduce the number of meaningless and lost reads. Here, a transaction is aborted with some probability if the transaction illegally reads an object. We evaluate the FRWA protocols compared with the WA and RWA protocols. We show the execution time of each transaction in the FRWA protocols is shorter than the WA and more number of reads can be performed in the RWA protocols.