An advanced commit protocol for MLS distributed database systems

The classical Early Prepare commit protocol (EP), used in many commercial systems, is not suitable for use in multilevel secure distributed database systems that employ a locking protocol for concurrency control. This is because EP requires that read locks be not released by a subtransaction during its window of uncertainty; however, it is not possible for a locking protocol to provide this guarantee in a multilevel secure system (since read lock of a higher level transaction on a lower level data object must be released whenever a lower level transaction wants to write it). The Secure Early Prepare protocol (SEP) overcomes this difficulty by aborting those distributed transactions that release their low level read locks prematurely. We see this approach as being too restrictive. One of the major benefits of distributed processing is its robustness to failures, and SEP fails to take advantage of this. In this work, we propose the Advanced Secure Early Prepare commit protocol (ASEP) together with a number of language primitives that can be used as system calls in distributed transactions. These language primitives permit features like partial rollback and forward recovery, and allow a distributed transaction to proceed even when a subtransaction has released its low level read locks prematurely. This not only offers flexibility, but also can be used, if desired, by a sophisticated programmer to tradeoff consistency for atomicity of the distributed transaction. •Partially supported by National Science Foundation under grants

[1]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[2]  Verzekeren Naar Sparen,et al.  Cambridge , 1969, Humphrey Burton: In My Own Time.

[3]  J. K. Millen,et al.  The cascading problem for interconnected networks , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[4]  Sushil Jajodia,et al.  Orange Locking: Channel-Free Database Concurrency Control Via Locking , 1992, DBSec.

[5]  Bruce G. Lindsay,et al.  Transaction management in the R* distributed database management system , 1986, TODS.

[6]  E. B. Moss,et al.  Nested Transactions: An Approach to Reliable Distributed Computing , 1985 .

[7]  Elisa Bertino,et al.  Degrees of Isolation, Concurrency Control Protocols, and Commit Protocols , 1994, DBSec.

[8]  Sushil Jajodia,et al.  Using Two-Phase Commit for Crash Recovery in Federated Multilevel Secure Database Management Systems , 1993 .

[9]  Bradford G. Nickerson,et al.  The Cascade Vulnerability Problem , 1993, J. Comput. Secur..

[10]  Sushil Jajodia,et al.  Transaction processing in multilevel-secure databases using replicated architecture , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  Lily B. Mummert,et al.  Camelot and Avalon: A Distributed Transaction Facility , 1991 .

[12]  Sushil Jajodia,et al.  Integrating Concurrency Control and Commit Algorithms in Distributed Multilevel Secure Databases , 1993, Database Security.

[13]  Bradford G. Nickerson,et al.  The cascade vulnerability problem , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.