The design and implementation of a multilevel secure log manager

This paper discusses the security issues involved in log management for a multilevel secure database system and presents a design and implementation of a prototype multilevel secure log manager. The main goal of a log manager is to provide high bandwidth and low flush latency. We examine the performance of our design, by observing the flush latency and log bandwidth. We also informally evaluate the security of our approach.

[1]  William J. Bolosky,et al.  Mach: A New Kernel Foundation for UNIX Development , 1986, USENIX Summer.

[2]  James Lyle Peterson,et al.  Petri net theory and the modeling of systems , 1981 .

[3]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[4]  John C. Wray An Analysis of Covert Timing Channels , 1992, J. Comput. Secur..

[5]  Kishor S. Trivedi Probability and Statistics with Reliability, Queuing, and Computer Science Applications , 1984 .

[6]  Paul A. Karger,et al.  Storage channels in disk arm optimization , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[7]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[8]  Hamid Pirahesh,et al.  ARIES: a transaction recovery method supporting fine-granularity locking and partial rollbacks using write-ahead logging , 1998 .

[9]  Thomas F. Keefe,et al.  Version pool management in a multilevel secure multiversion transaction manager , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[10]  Jim Gray,et al.  Notes on Data Base Operating Systems , 1978, Advanced Course: Operating Systems.

[11]  Spencer E. Minear,et al.  Providing Policy Control Over Object Operations in a Mach-Based System , 1995, USENIX Security Symposium.

[12]  Irving L. Traiger,et al.  The Recovery Manager of the System R Database Manager , 1981, CSUR.

[13]  Alessandro Forin,et al.  UNIX as an Application Program , 1990, USENIX Summer.

[14]  Qiang Li,et al.  The Impact of Multilevel Security on Database Buffer Management , 1996, ESORICS.