Advanced Transaction Processing in Multilevel Secure File Stores

The concurrency control requirements for transaction processing in a multilevel secure file system are different from those in conventional transaction processing systems. In particular, there is the need to coordinate transactions at different security levels avoiding both potential timing covert channels and the starvation of transactions at higher security levels. Suppose a transaction at a lower security level attempts to write a data item that is being read by a transaction at a higher security level. On the one hand, a timing covert channel arises if the transaction at the lower security level is either delayed or aborted by the scheduler. On the other hand, the transaction at the high security level may be subjected to an indefinite delay if it is forced to abort repeatedly. This paper extends the classical two-phase locking mechanism to multilevel secure file systems. The scheme presented here prevents potential timing covert channels and avoids the abort of higher level transactions nonetheless guaranteeing serializability. The programmer is provided with a powerful set of linguistic constructs that supports exception handling, partial rollback, and forward recovery. The proper use of these constructs can prevent the indefinite delay in completion of a higher level transaction, and allows the programmer to trade off starvation with transaction isolation.

[1]  Leslie Lamport,et al.  Concurrent reading and writing , 1977, Commun. ACM.

[2]  Andreas Reuter,et al.  Transaction Processing: Concepts and Techniques , 1992 .

[3]  David P. Reed,et al.  Synchronization with eventcounts and sequencers , 1979, CACM.

[4]  Jaideep Srivastava,et al.  Multilevel secure database concurrency control , 1990, [1990] Proceedings. Sixth International Conference on Data Engineering.

[5]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[6]  Sushil Jajodia,et al.  Alternative correctness criteria for concurrent execution of transactions in multilevel secure databases , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[7]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[8]  Cynthia E. Irvine Building Trust Into A Multilevel File System , 1990 .

[9]  Santosh K. Shrivastava,et al.  Structuring Fault-Tolerant Object Systems for Modularity in a Distributed Environment , 1994, IEEE Trans. Parallel Distributed Syst..

[10]  Sushil Jajodia,et al.  A Timestamp Ordering Algorithm for Secure, Single-Version, Multi-Level Databases , 1991, DBSec.

[11]  Cynthia E. Irvine A multilevel file system for high assurance , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[12]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[13]  Lily B. Mummert,et al.  Camelot and Avalon: A Distributed Transaction Facility , 1991 .

[14]  Flaviu Cristian,et al.  Exception Handling and Software Fault Tolerance , 1982, IEEE Transactions on Computers.