Skip to main content
SpringerLink
Log in

Verified Order-Based Transaction Scheduling Scheme for Multilevel Secure Database Management Systems

  • Conference paper
  • First Online:
Database and Expert Systems Applications (DEXA 2000)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1873))

Included in the following conference series:

  • 1769 Accesses

Abstract

While the secure transaction schedulers in multilevel secure database systems synchronize transactions cleared at different security levels, they must consider the problem of covert channel. Through the covert channel, malicious users leak secret information in a way of intentional interference among the transactions that they invoked. Much work had been done for closing the covert channel. Although they succeeded in closing the covert channel, they unfortunately failed in preserving correctness, sufficient recentness of versions read, or fairness with respect to availability. In this paper, we present a new secure transaction scheduler, named Verified Order-based Transaction Scheduler (VO) that founds on multiversion database. VO overcomes the problems of previous work.

In principle, security in computer system is composed of three major aspects: secrecy, integrity and availability. However, we focus only on secrecy. Therefore, the term security in this paper represents the aspect of secrecy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. D. E. Bell and L. J. LaPaduda, Secure Computer Systems: Unified Exposition and Multics Interpretation, Tech. Rep. MTR-2997, The Mitre Corp., 1976

    Google Scholar 

  2. E. Bertino, S. Jajodia, L. Mancini, and I. Ray, Advanced Transaction Processing in Multilevel Secure File Stores, IEEE Transactions on Knowledge and Data Engineering, vol. 10, no. 1, 1998, pp. 120–135.

    Article  Google Scholar 

  3. H. Schwetman, CSIM User’s Guide for Use with CSIM Revision 16, Microeletronics and Computer Technology Corporation, 1992.

    Google Scholar 

  4. J. McDermott and S. Jajodia, “Orange Locking: Channel-Free Database Concurrency Control Via Locking,” in B.M. Thuraisingham and C.E. Landwehr, ed., Proc. IFTP WG11.3 Working Group on Database Security, North-Holland, 1992, pp. 267–284.

    Google Scholar 

  5. K.P. Smith, B.T. Blaustein, and S. Jajodia, Correctness Criteria for Multilevel Secure Transactions, IEEE Transactions on Knowledge and Data Engineering, vol. 8, no. 1, 1996, pp. 32–45.

    Article  Google Scholar 

  6. L.V. Mancini and I. Ray, Secure Concurrency Control in MLS Databases with Two Versions of Data, Proc. European Symp. Research in Computer Security,.Rome, Italy, Sept. 1996, pp. 204–225.

    Google Scholar 

  7. P. A. Bernstein, V. Hadzilacos, and N. Goodman, Concurrency Control and Recovery in Database Systems, Addison-Wesley, 1987, pp. 25–45, pp. 143–166.

    Google Scholar 

  8. R. Agrawal, M. J. Carey, and M. Livny,”Concurrency Control Performance Modeling: Alternatives and Implications,” in Kurmar, V. ed., Performance of Concurrency Control Mechanisms in Centralized Database Systems, Prentice Hall, 1996, pp. 58–105.

    Google Scholar 

  9. S. Jajodia, L. V. Mancini, and I. Ray, Secure Locking Protocols for Multilevel Database Management Systems, Proc. IFTP WG11.3 Working Group on Database Security, Como, Italy, July 1996, pp. 177–194.

    Google Scholar 

  10. T. F. Keefe and W.T. Tsai, Multiversion Concurrency Control for Multilevel Secure Database Systems, Proc. IEEE Computer Society Symp., Research in Security and Privacy, Oakland, California, U.S.A, May 1990., pp. 369–383.

    Google Scholar 

  11. V. Atluri, S. Jajodia, and T.F. Keefe, Multilevel Secure Transaction Processing: State and Prospects, Proc. IFTP WG11.3 Working Group on Database Security, Como, Italy, July 1996, pp. 79–98.

    Google Scholar 

  12. W. T. Maimone and I.B. Greenberg, Single-Level Multiversion Schedulers for Multilevel Secure Database Systems, Proc. 6th Annual Computer Security Applications Conference, Tucson, Arizona, U.S.A., Dec. 1990, pp. 157–180.

    Google Scholar 

  13. Y. Sohn, Confidential Concurrency Control for Secure Transaction Management in Data-base Systems: C3, Ph.D. Thesis, KAIST, Seoul, Korea, 2000, pp. 120–127.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computers Engineering, Seokyeong Univ., 16-1 Jungneung-Dong Sungbuk-Ku, Seoul, 136-704, Korea

    Yonglak Sohn

  2. Database Sys. Lab., Graduate School of Management, Korea Advanced Institute of Science and Technology, 207-43 Cheongryangri-Dong, Dongdaemun-Ku, Seoul, 130-012, Korea

    Songchun Moon

Authors
  1. Yonglak Sohn
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Songchun Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computing and Mathematical Sciences, Maritime Greenwich University Campus, 30 Park Row, London, SE10 9LS, UK

    Mohamed Ibrahim

  2. University of Linz, FAW, Altenbergerstr. 69, 4040, Linz, Austria

    Josef Küng

  3. Middlesex University, Bounds Green, London, UK

    Norman Revell

Rights and permissions

Reprints and permissions

Copyright information

© 2000 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sohn, Y., Moon, S. (2000). Verified Order-Based Transaction Scheduling Scheme for Multilevel Secure Database Management Systems. In: Ibrahim, M., Küng, J., Revell, N. (eds) Database and Expert Systems Applications. DEXA 2000. Lecture Notes in Computer Science, vol 1873. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44469-6_24

Download citation

  • DOI: https://doi.org/10.1007/3-540-44469-6_24

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-67978-3

  • Online ISBN: 978-3-540-44469-5

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation