Skip to main content
SpringerLink
Log in

Rewriting Histories: Recovering from Malicious Transactions

  • Published:
Distributed and Parallel Databases Aims and scope Submit manuscript

Abstract

We consider recovery from malicious but committed transactions. Traditional recovery mechanisms do not address this problem, except for complete rollbacks, which undo the work of good transactions as well as malicious ones, and compensating transactions, whose utility depends on application semantics. We develop an algorithm that rewrites execution histories for the purpose of backing out malicious transactions. Good transactions that are affected, directly or indirectly, by malicious transactions complicate the process of backing out undesirable transactions. We show that the prefix of a rewritten history produced by the algorithm serializes exactly the set of unaffected good transactions. The suffix of the rewritten history includes special state information to describe affected good transactions as well as malicious transactions. We describe techniques that can extract additional good transactions from this latter part of a rewritten history. The latter processing saves more good transactions than is possible with a dependency-graph based approach to recovery.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. P. Ammann and S. Jajodia, “Atimestamp ordering algorithm for secure, single-version, multi-level databases,” in Database Security, V: Status and Prospects, C. Landwehr and S. Jajodia (Eds.), Amsterdam, North Holland, 1992, pp. 23-25.

    Google Scholar 

  2. P. Ammann, S. Jajodia, and P. Liu, “Recovery from malicious transactions,” Technical report, George Mason University, 1998. http://www.isse.gmu.edu/~pliu/papers/dynamic.ps.

  3. P. Ammann, S. Jajodia, and P. Mavuluri, “On the fly reading of entire databases,” IEEE Transactions on Knowledge and Data Engineering, vol. 7, no. 5, pp. 834-838, October 1995.

    Google Scholar 

  4. P. Ammann, S. Jajodia, C.D. McCollum, and B.T. Blaustein, “Surviving information warfare attacks on databases,” in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1997, pp. 164-174.

  5. V. Atluri, S. Jajodia, and E. Bertino, “Alternative correctness criteria for concurrent execution of transactions in multilevel secure databases,” IEEE Transactions on Knowledge and Data Engineering, vol. 8, no. 5, pp. 839-854, October 1996.

    Google Scholar 

  6. V. Atluri, S. Jajodia, and E. Bertino, “Transaction processing in multilevel secure databases with kernelized architecture: Challenges and solutions,” IEEE Transactions on Knowledge and Data Engineering, vol. 9, no. 5, pp. 697-708, 1997.

    Google Scholar 

  7. B.R. Badrinath and Ramamritham Krithi, “Semantics-based concurrency control: Beyond commutativity,” ACM Transactions on Database Systems, vol. 17, no. 1, pp. 163-199, March 1992.

    Google Scholar 

  8. P.A. Bernstein, V. Hadzilacos, and N. Goodman, Concurrency Control and Recovery in Database Systems, Addison-Wesley: Reading, MA, 1987.

    Google Scholar 

  9. Committee on Multilevel Data Management Security, Air Force Studies Board, and National Research Council. Multilevel Data Management Security. National Academy Press: Washington, DC, March 1983.

    Google Scholar 

  10. O. Costich, “Transaction processing using an untrusted scheduler in a multilevel secure database with replicated architecture,” in Database Security, V: Status and Prospects, C. Landwehr and S. Jajodia (Eds.), Amsterdam, North Holland, 1992, pp. 173-189.

    Google Scholar 

  11. O. Costich and J. McDermott, “A multilevel transaction problem for multilevel secure database systems and its solution for the replicated architecture,” in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 1992, pp. 192-203.

  12. S.B. Davidson, “Optimism and consistency in partitioned distributed database systems,” ACM Transactions on Database Systems, vol. 9, no. 3, pp. 456-581, September 1984.

    Google Scholar 

  13. H. Garcia-Molina, “Using semantic knowledge for transaction processing in a distributed database,” ACM Transactions on Database Systems, vol. 8, no. 2, pp. 186-213, June 1983.

    Google Scholar 

  14. H. Garcia-Molina and K. Salem, “Sagas,” in Proceedings of ACM-SIGMOD International Conference on Management of Data, San Francisco, CA, 1987, pp. 249-259.

  15. J. Gray, P. Helland, P. O'Neil, and D. Shasha, “The dangers of replication and a solution,” in Proceedings of ACM-SIGMOD International Conference on Management of Data, Montreal, Canada, 1996, pp. 173-182.

  16. J. Gray and A. Reuter, Transaction Processing: Concepts and Techniques, Morgan Kaufmann Publishers, 1993.

  17. S. Jajodia and V. Atluri, “Alternative correctness criteria for concurrent execution of transactions in multilevel secure databases,” in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 1992, pp. 216-224.

  18. S. Jajodia and B.Kogan, “Transaction processing in multilevel secure databases using replicated architecture,” in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 1990, pp. 360-368.

  19. S. Jajodia, P. Liu, and C.D. McCollum, “Application-level isolation to cope with malicious database users,” in Proceedings of the 14th Annual Computer Security Application Conference, Phoenix, AZ, December 1998, pp. 73-82.

  20. S. Jajodia, L. Mancini, and I. Ray, “Secure locking protocols for multilevel database management systems,” in Database Security X: Status and Prospects, P. Samarati and R. Sandhu (Eds.), London: Chapman & Hall, 1997.

    Google Scholar 

  21. S. Jajodia, P. Samarati, and V.S. Subrahmanian, “A logical language for expressing authorizations,” in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 1997, pp. 31-42.

  22. T.F. Keefe and W.T. Tsai, “Multiversion concurrency control for multilevel secure database systems,” in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 1990, pp. 369-383

  23. H.F. Korth, “Locking primitives in a database system,” Journal of the ACM, vol. 30, no. 1, pp. 55-79, January 1983.

    Google Scholar 

  24. H.F. Korth, E. Levy, and A. Silberschatz, “A formal approach to recovery by compensating transactions,” in Proceedings of the International Conference on Very Large Databases, Brisbane, Australia, 1990, pp. 95-106.

  25. B.W. Lampson, “Protection,” ACM Operating Systems Review, vol. 8, no. 1, pp. 18-24, January 1974.

    Google Scholar 

  26. D.B. Lomet, “MLR: A recovery method for multi-level systems,” in Proceedings of ACM-SIGMOD International Conference on Management of Data, San Diego, CA, June 1992, pp. 185-194.

  27. D. Lomet and M.R. Tuttle, “Redo recovery after system crashes,” in Recovery Mechanisms in Database Systems, V. Kumar and M. Hsu (Eds.), chap. 6. Prentice Hall PTR, 1998.

  28. N. Lynch, M. Merritt, W. Weihl, and A. Fekete, Atomic Transactions. Morgan Kaufmann, 1994.

  29. J. McDermott and S. Jajodia, “Orange locking: Channel-free database concurrency control,” in Database Security, VI: Status and Prospects, B.M. Thuraisingham and C.E. Landwehr (Eds.), Amsterdam, North Holland, 1993, pp. 267-284.

    Google Scholar 

  30. J. McDermott, S. Jajodia, and R. Sandhu, “A single-level scheduler for replicated architecture for multilevel secure databases,” in Proceedings of the 7th Annual Computer Security Applications Conference, San Antonio, TX, 1991, pp. 2-11.

  31. C. Mohan, H. Pirahesh, and R. Lorie, “Efficient and flexible methods for transient versioning of records to avoid locking by read-only transactions,” in Proceedings of ACM SIGMOD International Conference on Management of Data, San Diego, CA, June 1992, pp. 124-133.

  32. V.R. Pesati, T.F. Keefe, and S. Pal, “The design and implementation of a multilevel secure log manager,” in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 1997, pp. 55-64.

  33. C. Pu, “On-the-fly, incremental, consistent reading of entire databases,” Algorithmica, vol. 1, no. 3, pp. 271-287, October 1986.

    Google Scholar 

  34. R.S. Sandhu, “The typed access matrix model,” in Proceedings of the IEEE Symposium on Security and Privacy, Los Alamitos, CA, 1992, pp. 122-136.

  35. R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman, “Role-based access control models,” IEEE Computer, vol. 2, pp. 38-47, February 1996.

    Google Scholar 

  36. M. Stonebraker, R. Katz, D. Patterson, and J. Ousterhout, “The design of XPRS,” in Proceedings of the International Conference on Very Large Databases, Los Angeles, CA, 1988, pp. 318-330.

  37. H. Wachter and A. Reuter, “The contract model,” in Database Transaction Models for Advanced Applications, A. Elmagarmid (Ed.), Morgan Kaufmann Publishers, 1991, pp. 219-263.

  38. G. Weikum, C. Hasse, P. Broessler, and P. Muth, “Multi-level recovery,” in Proceedings of the Ninth ACM SIGACT-SIGMOD-SIGART Symposium of Principles of Database Systems, Nashville, Tenn, April 1990, pp. 109-123.

  39. G. Weikum and H.-J. Schek, “Concepts and applications of multilevel transactions and open nested transactions,” in Database Transaction Models for Advanced Applications, A.K. Elmagarmid (Ed.), chap. 13. Morgan Kaufmann Publishers, 1992.

  40. W.E.Weihl, “Commutativity-based concurrency control for abstract data types,” IEEE Transactions on Computers, vol. 37, no. 12, pp. 1488-1505, December 1988.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Systems, University of Maryland, Baltimore County, Baltimore, MD, 212 150, USA

    Peng Liu

  2. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030, USA

    Paul Ammann

  3. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030, USA

    Sushil Jajodia

Authors
  1. Peng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paul Ammann
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sushil Jajodia
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Liu, P., Ammann, P. & Jajodia, S. Rewriting Histories: Recovering from Malicious Transactions. Distributed and Parallel Databases 8, 7–40 (2000). https://doi.org/10.1023/A:1008731200105

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1008731200105

Search

Navigation