Transaction Processing in Multilevel Secure Databases with Kernelized Architectures: Challenges and Solutions

Multilevel security poses many challenging problems for transaction processing. The challenges are due to the conflicting requirements imposed by confidentiality, integrity, and availability-the three components of security. We identify these requirements on transaction processing in Multilevel Secure (MLS) database management systems (DBMSs) and survey the efforts of a number of researchers to meet these requirements. While our emphasis is primarily on centralized systems based on kernelized architecture, we briefly overview the research in the distributed MLS DBMSs as well.

[1]  Daryl McCullough,et al.  A Hookup Theorem for Multilevel Security , 1990, IEEE Trans. Software Eng..

[2]  Sushil Jajodia,et al.  Secure Locking Protocols for Multilevel Database Management Systems , 1996, DBSec.

[3]  Sushil Jajodia,et al.  Alternative correctness criteria for concurrent execution of transactions in multilevel secure databases , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Ira B. Greenberg,et al.  Single-level multiversion schedulers for multilevel secure database systems , 1990, [1990] Proceedings of the Sixth Annual Computer Security Applications Conference.

[5]  S. Jajodia,et al.  Information Security: An Integrated Collection of Essays , 1994 .

[6]  Sushil Jajodia,et al.  Orange Locking: Channel-Free Database Concurrency Control Via Locking , 1992, DBSec.

[7]  Bruce G. Lindsay,et al.  Transaction management in the R* distributed database management system , 1986, TODS.

[8]  Elisa Bertino,et al.  Alternative Correctness Criteria for Concurrent Execution of Transactions in Multilevel Secure Databases , 1996, IEEE Trans. Knowl. Data Eng..

[9]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[10]  Sushil Jajodia,et al.  Globally Consistent Event Ordering in One-Directional Distributed Environments , 1996, IEEE Trans. Parallel Distributed Syst..

[11]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[12]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[13]  Elisa Bertino,et al.  An advanced commit protocol for MLS distributed database systems , 1996, CCS '96.

[14]  Elisa Bertino,et al.  Advanced Transaction Processing in Multilevel Secure File Stores , 1998, IEEE Trans. Knowl. Data Eng..

[15]  Sushil Jajodia,et al.  A Timestamp Ordering Algorithm for Secure, Single-Version, Multi-Level Databases , 1991, DBSec.

[16]  Irving L. Traiger,et al.  Granularity of Locks and Degrees of Consistency in a Shared Data Base , 1998, IFIP Working Conference on Modelling in Data Base Management Systems.

[17]  Sushil Jajodia,et al.  Transaction processing in multilevel-secure databases using replicated architecture , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[18]  David L. Mills,et al.  Network Time Protocol (Version 3) Specification, Implementation and Analysis , 1992, RFC.

[19]  Sushil Jajodia,et al.  Planar Lattice Security Structures for Multilevel Replicated Databases , 1993, DBSec.

[20]  Sushil Jajodia,et al.  Using Two-Phase Commit for Crash Recovery in Federated Multilevel Secure Database Management Systems , 1993 .

[21]  Sushil Jajodia,et al.  Integrating Concurrency Control and Commit Algorithms in Distributed Multilevel Secure Databases , 1993, Database Security.

[22]  Sushil Jajodia,et al.  Integrity Versus Security in Multi-Level Secure Databases , 1988, DBSec.

[23]  Andreas Reuter,et al.  Transaction Processing: Concepts and Techniques , 1992 .

[24]  Leslie Lamport,et al.  Concurrent reading and writing , 1977, Commun. ACM.

[25]  Oliver Costich Transaction Processing Using an Untrusted Scheduler in a Multilevel Database with Replicated Architecture , 1991, DBSec.

[26]  Elisa Bertino,et al.  Degrees of Isolation, Concurrency Control Protocols, and Commit Protocols , 1994, DBSec.

[27]  David L. Mills,et al.  Network Time Protocol (Version 3) Specification, Implementation , 1992 .

[28]  David P. Reed,et al.  Synchronization with eventcounts and sequencers , 1979, CACM.

[29]  Wei-Tek Tsai,et al.  Multiversion concurrency control for multilevel secure database systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[30]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[31]  Barbara Liskov,et al.  Practical uses of synchronized clocks in distributed systems , 1991, PODC '91.

[32]  Thomas F. Keefe,et al.  On Transaction Processing for Multilevel Secure Replicated Databases , 1992, ESORICS.

[33]  Thomas F. Keefe,et al.  Transaction Management for Multilevel Secure Replicated Databases , 1995, J. Comput. Secur..

[34]  Sushil Jajodia,et al.  Referential Integrity in Multilevel Secure Database Management Systems , 1992, SEC.