Abstract
The conventional concurrency control protocols cannot be directly used in the multilevel secure database management systems (MLS/DBMS), because they may be exploited to establish covert channels. The stringent non-interference requirements imposed by multilevel security dictate modification of the conventional concurrency control. A number of multilevel secure concurrency control protocols have been proposed in the literature, which address the problem of covert channels. To prevent covert channels, most of these concurrency control protocols give high priority to the operations of low security level transaction when it conflicts with the operations of a high security level transaction. This may lead to the abortion or re-execution of high security level transactions over and over again and making the concurrency control protocols unfair towards high security level transactions. Motivated by fairness concerns, we present a fairness strategy for multilevel secure concurrency control protocol to achieve fair performance across different security levels while guaranteeing Orange security. Our simulation results show that fairness strategy can achieve a significant performance improvement, in terms of fairness.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Unified Exposition and Multics Interpretation. The MITRE Corp. (1976)
Department of Defense Computer Security Center, Department of Defense Trusted Computer Systems Evaluation Criteria (December 1985)
Lampson, B.W.: A Note on the Confinement Problem. Communications of the ACM 16(10), 613–615 (1973)
McDermott, J., Jajodia, S.: Orange locking: channel-free database concurrency control via locking. Database Security. VI: Status and Prospects, 267–284 (1995)
Mancini, L.V., Ray, I.: Secure Concurrency Control in MLS Databases with Two Versions of Data. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146. Springer, Heidelberg (1996)
Atluri, V., Jajodia, S., Keefe, T.F., McCollum, C., Mukkamala, R.: Multilevel Secure Transaction Processing: Status and Prospects. In: Proceeding WG11.3 Working Group on Database Security, Como, Italy, pp. 79–98 (1996)
Ammann, P., Jajodia, S.: A Timestamp Ordering Algorithm for Secure, Single version, Multilevel Database. In: Database Security, V: Status and Prospectus, pp. 23–25. North Holland, Amsterdam (1992)
Amman, P., Jaeckle, F., Jajodia, S.: A two snapshot algorithm for concurrency control in secure multilevel databases. In: IEEE Symposium on Security and Privacy, Oakland (1992)
Skeen, D.: Nonblocking Commit Protocols. In: ACM SIGMOD International Conference on Management of Data (1981)
Phillips, C.L., Nagle, H.T.: Digital Control System Analysis And Design, 3rd edn. Prentice-Hall, Englewood Cliffs (1995)
Heiss, H.U.: Overload Effects and Their Prevention. Performance Evaluation (1991)
Moenkeberg, Weikum, G.: Conflict-Driven Load Control for the Avoidance of Data-Contention Thashing. In: ICDE (1991)
Son, S.H.: Supporting the Requirements for Multilevel Secure and Real-time Databases in Distributed Environments. In: Annual IFIP WG 11.3 Conference of Database Security, Lake Tahoe, CA, pp. 57–71 (1997)
Son, S.H., Mukkamala, R., David, R.: Integrating Security and Real-Time Requirements using Covert Channel Capacity. IEEE Transactions on Knowledge and Data Engineering 12(6) (2000)
Jajodia, S., Mancini, L., Setia., S.: A fair locking protocol for multilevel secure databases. In: 11th IEEE Computer Security Foundations Workshop, pp. 68–178 (1998)
Shannon, C.E.: A Mathematical Theory of Communications. Bell System Technical Journal 27 (1948)
Carey, M., Livny: Conflict Detection Tradeoffs for Replicated Data. ACM Transactions on Database Systems 16(4) (1991)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kaur, N., Singh, R., Misra, M., Sarje, A.K. (2006). Fairness Strategy for Multilevel Secure Concurrency Control Protocol. In: Bagchi, A., Atluri, V. (eds) Information Systems Security. ICISS 2006. Lecture Notes in Computer Science, vol 4332. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11961635_5
Download citation
DOI: https://doi.org/10.1007/11961635_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68962-1
Online ISBN: 978-3-540-68963-8
eBook Packages: Computer ScienceComputer Science (R0)