Abstract
Transaction scheduling in MultiLevel Secure (MLS) replicated databases has received much attention recently. However, several proposed protocols exhibit subtle flaws which can result in schedules which are not serializable. In this paper, we explain the problem and present a transaction scheduling protocol for MLS replicated databases free from this problem. We also show the protocol is one-copy serializable and demonstrate that it is secure. In addition, our protocol requires only a small trusted portion and it accepts a larger class of transactions (those that can “write-up”) than previous protocols. It is interesting that the protocol can be adopted for use with heterogeneous databases because it does not require an atomic commitment protocol, and does not assume homogeneous concurrency control and recovery algorithms in local databases.
Chapter PDF
Bibliography
D.E. Bell, and L.J. LaPadula, “Secure Computer Systems: Unified Exposition and Multics Interpretations,” Technical Report MTR-2997, Mitre Corp., March 1976.
P.A. Bernstein, V. Hadzilacos and N. Goodman, Concurrency Control and Recovery in Database Systems, Addison-Wesley, 1987.
Y. Breitbart, D. Georgakopoulos, M. Rusinkiewicz, and A. Silberschatz, “On Rigorous Transaction Scheduling,” IEEE Transaction on Software Engineering, Vol. 17, No. 9, Sep. 1991, pp. 954–960.
Oliver Costich, “Transaction Processing Using an Untrusted Scheduler in a Multilevel Database with Replicated Architecture,” IFIP WG 11.3, Fifth Working Conference On Database Security, Shepherdstown, WV, Nov. 1991.
Department of Defense Computer Security Center, Department of Defense Trusted Computer System Evaluation Criteria, DoD 5200.28-STD, December 1985.
W. Du, A.K. Elmagarmid, Y. Leu and S.D. Ostermann, “Effects of Automomy on Maintaining Global Serializability in Heterogeneous Database System,” Proceedings of 2nd Interntional Conference on Data and Knowledge Systems for Manufacturing and Engineering, Gaithersburg, MD, Oct. 1989.
Judith N. Froscher and Catherine Meadows, “Achieving a Trusted Datbase Management System using Parallelism,” Database Security II: Status and Prospects, ed. Carl Landwehr, pp. 151–160, North-Holland, 1989.
D. Georgakopoulos, M. Rusinkiewicz and A. Sheth, “On Serializability of Multidatabase Transactions Through Forced Local Conflicts,” Proceedings of the 7th IEEE Int'l Conf. on Data Engineering, April 1991, pp. 314–323.
Sushil Jajodia and Boris Kogan, “Transaction Processing in Multilevel-Secure Databases Using Replicated Architecture,” Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1990, pp. 360–368.
I. E. Kang and T. F. Keefe, “Recovery Management for Multilevel Secure Database Systems,” IFIP WG 11.3, Sixth Working Conference on Database Security, Vancouver, British Columbia, Aug. 1992, pp. 227–252.
T.F. Keefe, “Multilevel Secure Database Management Systems,” Ph.D. Dissertation, University of Minnesota, 1990.
T.F. Keefe, W.T. Tsai and J. Srivastava, “Database Concurrency Control in Multilevel Secure Database Management Systems” to appear in IEEE Transactions on Knowledge and Data Engineering.
M. Kang, J. N. Froscher and O. Costich, “A Practical Transaction Model and Untrusted Transaction Manager for a Multilevel-Secure Database System,” IFIP WG 11.3, Sixth Working Conference On Database Security, Vancouver, British Columbia, Aug. 1992, pp. 289–310.
T.F. Lunt, D.E. Denning, R.R. Schell, M. Heckman and W.R. Shockley, “The Sea View Security Model,” IEEE Transactions on Software Engineering, Vol. 16, No. 6, June 1990, pp. 593–607.
William T. Maimone and Ira B. Greenberg, “Single-Level Multiversion Schedulers for Multilevel Secure Database Systems,” Proceedings of the Sixth Annual Computer Security Applications Conference, Tucson, AZ, December 1990.
Paul D. Stachour and Bhavani Thuraisingham, “Design of LDV: A Multilevel Secure Relational Database Management System,” IEEE Transactions on Knowledge and Data Engineering, Vol. 2, No. 2, June 1990, pp. 190–209.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1992 Springer-Verlag
About this paper
Cite this paper
Kang, I.E., Keefe, T.F. (1992). On transaction processing for multilevel secure replicated databases. In: Deswarte, Y., Eizenberg, G., Quisquater, JJ. (eds) Computer Security — ESORICS 92. ESORICS 1992. Lecture Notes in Computer Science, vol 648. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0013906
Download citation
DOI: https://doi.org/10.1007/BFb0013906
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-56246-7
Online ISBN: 978-3-540-47488-3
eBook Packages: Springer Book Archive