Abstract
In multi-level secure database management system (MLS/DBMS), every transaction and data has associated with a unique security. Concurrent transactions on MLS/DBMS potentially have conflicts while accessing the shared data. The conflicts result in some of the conflicting transactions to be delayed. If the delayed transactions have been cleared at low security level, an information may flow downward with the violation of security policy. This kind of communication channel is called covert channel.
Several transaction scheduling schemes for solving the covert channel problem had been presented. Although they had solved the covert channel problem, unfortunately, they had left alone other kinds of security problems, such as the availability and the integrity problems. Since computer security consists of maintaining the confidentiality, the availability, and the integrity, an attempt to acquire every characteristic is necessary.
Tightly secure transaction scheduler, presented in this paper, schedules concurrent transactions without loss of the characteristics of security. For the confidentiality and the availability, the philosophy of the scheduler is based on the concealment of uncommitted data. Besides, for the integrity, a trustworthiness together with a recentness of a data are considered for discriminating the appropriateness of the data.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
P. A. Bernstein, V. Hadzilacos and N. Goodman, Concurrency Control and Recovery in Database Systems, Addison-Wesley, 1987.
Ravi Sandhu, “Mandatory Controls for Database Integrity,” DATABASE SECURITY, III: Status and Prospects, ed. David L. Spooner, Carl Landwehr, Elsevier Science Publishers B.V., 1990, pp. 143–50.
John McDermott and Sushil Jajodia, “Orange Locking: Channel-Free Database Concurrency Control via Locking,” DATABASE SECURITY, VI: Status and Prospects, ed. Bhavani M. Thuraisingham, Carle. Landwehr, Elsevier Science Publishers B.V., 1993, pp. 267–284.
Oliver Costich and Sushil Jajodia, “Maintaining Transaction Atomicity in MLS Database Systems with Kernalized Architecture,” DATABASE SECURITY, VI: Status and Prospects, ed. Bhavani M. Thuraisingham, Carle. Landwehr, Elsevier Science Publishers B.V., 1993, pp. 249–265.
T. F. Keefe, W. T. Tsai and J. Srivastava, “Multilevel Secure Database Concurrency Control,” Proceedings of IEEE Symposium on Security and Privacy, 1990, pp. 337–344.
Sushil Jajodia and Vijayalakshmi Atluri, “Alternative Correctness Criteria for Concurrent Execution of Transactions in Multilevel Secure Databases”, Proceedings of IEEE Symposium on Security and Privacy, 1992, pp. 216–224.
Charles P. Pfleeger, Security in Computing, Prentice-Hall International, Inc., 1989, pp. 299–345
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sohn, Y., Moon, S. (1995). Tightly secure transaction scheduler in multi-level secure database management systems. In: Revell, N., Tjoa, A.M. (eds) Database and Expert Systems Applications. DEXA 1995. Lecture Notes in Computer Science, vol 978. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0049148
Download citation
DOI: https://doi.org/10.1007/BFb0049148
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60303-0
Online ISBN: 978-3-540-44790-0
eBook Packages: Springer Book Archive