Title :
Database concurrency control in multilevel secure database management systems
Author :
Keefe, Thomas F. ; Tsai, W.T. ; Srivastava, Jaideep
Author_Institution :
Dept. of Comput. Sci. & Eng., Pennsylvania State Univ., University Park, PA, USA
fDate :
12/1/1993 12:00:00 AM
Abstract :
Concurrent execution of transactions in database management systems (DBMSs) may lead to contention for access to data, which in a multilevel secure DBMS (MLS/DBMS) may lead to insecurity. Security issues involved in database concurrency control for MLS/DBMSs are examined, and it is shown how a scheduler can affect security. Data conflict security, (DC-security), a property that implies a system is free of covert channels due to contention for access to data, is introduced. A definition of DC-security based on noninterference is presented. Two properties that constitute a necessary condition for DC-security are introduced along with two simpler necessary conditions. A class of schedulers called output-state-equivalent is identified for which another criterion implies DC-security. The criterion considers separately the behavior of the scheduler in response to those inputs that cause rollback and those that do not. The security properties of several existing scheduling protocols are characterized. Many are found to be insecure
Keywords :
concurrency control; distributed databases; scheduling; security of data; transaction processing; DC-security; MLS/DBMS; concurrent transaction execution; contention; covert channels; data conflict security; database concurrency control; multilevel secure DBMS; multilevel secure database management systems; output-state-equivalent; rollback; scheduling protocols; security issues; Concurrency control; Control systems; Data analysis; Data security; Database systems; Information security; Multilevel systems; Processor scheduling; Protocols; Transaction databases;
Journal_Title :
Knowledge and Data Engineering, IEEE Transactions on
