Design and analysis of a secure two-phase locking protocol

In addition to maintaining consistency of the database, secure concurrency control algorithms must be free from covert channels arising due to data conflicts between transactions. The existing secure concurrency control approaches are unfair to transactions at higher access classes. A secure two-phase locking protocol is presented, which is correct and free from covert channels. The protocol uses three different types of locks to support non-interference property and to provide reasonably fair execution of all transactions, regardless of their access class. The results of a performance evaluation of the protocol are provided, comparing it with secure optimistic concurrency control and secure multiversion timestamp ordering.<<ETX>>

[1]  Bhavani M. Thuraisingham,et al.  Concurrency control in trusted database management systems: a survey , 1993, SGMD.

[2]  Sang Hyuk Son,et al.  Performance of Concurrency Control Algorithms for Real-Time Database Systems , 1996, Performance of Concurrency Control Mechanisms in Centralized Database Systems.

[3]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[4]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[5]  Elisa Bertino,et al.  Alternative Correctness Criteria for Concurrent Execution of Transactions in Multilevel Secure Databases , 1996, IEEE Trans. Knowl. Data Eng..

[6]  Sushil Jajodia,et al.  Alternative correctness criteria for concurrent execution of transactions in multilevel secure databases , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[7]  Jaideep Srivastava,et al.  Multilevel secure database concurrency control , 1990, [1990] Proceedings. Sixth International Conference on Data Engineering.

[8]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[9]  Miron Livny,et al.  Concurrency control performance modeling: alternatives and implications , 1987, TODS.

[10]  Sang Hyuk Son,et al.  Towards a multilevel secure database management system for real-time applications , 1993, [1993] Proceedings of the IEEE Workshop on Real-Time Applications.

[11]  Wei-Tek Tsai,et al.  Multiversion concurrency control for multilevel secure database systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Sushil Jajodia,et al.  Concurrency control in multilevel-secure databases based on replicated architecture , 1990, SIGMOD '90.

[13]  Chilukuri K. Mohan Performance of Concurrency Control Mechanisms in Centralized Database Systems , 1995 .