Achieving stricter correctness requirements in multilevel secure databases

The concurrency control protocol that has been implemented in the commercially available Trusted Oracle multilevel secure database management system (DBMS) generates histories that are level-wise serializable. Level-wise serializability suffers from the inconsistent retrieval problems which may seriously harm database integrity. The authors show that it is possible to meet stricter correctness criteria using Trusted Oracle, provided knowledge of the update transactions that will be executed in the system is available. They perform a static analysis of the read- and write-sets of these transactions and, based on this analysis, control the order of submission of the transactions to the scheduler in such a way that the resultant history ensures higher correctness level. The exact order chosen depends on the level of consistency desired. The goal is achieved without modifying the Trusted Oracle concurrency control algorithm in any way.<<ETX>>

[1]  Patrick Valduriez,et al.  Simple rational guidance for chopping up transactions , 1992, SIGMOD '92.

[2]  Sushil Jajodia,et al.  Transaction processing in multilevel-secure databases using replicated architecture , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  David S. Johnson,et al.  Computers and Inrracrobiliry: A Guide ro the Theory of NP-Completeness , 1979 .

[4]  Patricia G. Selinger,et al.  Support for repetitive transactions and ad hoc queries in System R , 1981, TODS.

[5]  Wei-Tek Tsai,et al.  Multiversion concurrency control for multilevel secure database systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[6]  Philip A. Bernstein,et al.  Concurrency control in a system for distributed databases (SDD-1) , 1980, TODS.

[7]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[8]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[9]  Amit P. Sheth,et al.  Specifying interdatabase dependencies in a multidatabase environment , 1991, Computer.

[10]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[11]  Sushil Jajodia,et al.  Alternative correctness criteria for concurrent execution of transactions in multilevel secure databases , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Ira B. Greenberg,et al.  Single-level multiversion schedulers for multilevel secure database systems , 1990, [1990] Proceedings of the Sixth Annual Computer Security Applications Conference.