This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Alternative Correctness Criteria for Concurrent Execution of Transactions in Multilevel Secure Databases
October 1996 (vol. 8 no. 5)
pp. 839-854

Abstract—This paper investigates issues related to transaction concurrency control in multilevel secure databases. It demonstrates how the conflicts between the correctness requirements and the secrecy requirements can be reconciled by proposing two different solutions. This paper, first, explores the correctness criteria that are weaker than one-copy serializability. Each of these weaker criteria, though not as strict as one-copy serializability, is required to preserve database consistency in some meaningful way, and moreover, its implementation does not require the scheduler to be trusted. It proposes three different, increasingly stricter notions of serializability—level-wise serializability, one-item read serializability and pair-wise serializability—that can serve as substitutes for one-copy serializability. This paper, then, investigates secure concurrency control protocols that generate one-copy serializable histories and presents a multiversion timestamping protocol that has several very desirable properties: It is secure, produces multiversion histories that are equivalent to serial one-copy histories in which transactions are placed in a timestamp order, eliminates starvation, and can be implemented using single-level untrusted schedulers.

[1] P. Ammann and S. Jajodia, "A Timestamp Odering Algorithm for Secure, Single-Version, Multi-Level Databases," Database Security, II: Status and Prospects, C. Landwehr and S. Jajodia, eds., pp. 23-25. NorthHolland, 1992.
[2] V. Atluri and S. Jajodia, "1SR-Consistency: A New Notion of Correctness for Multilevel Secure, Multiversion Database Management Systems," Proc. 19th Latin Am. Informatics Conf., pp. 195-214,Buenos Aires, Argentina, Aug. 1993
[3] D.E. Bell and L.J. LaPadula, "Secure Computer Systems: Unified Exposition and Multics Interpretation," Technical Report MTR-2997, The Mitre Corp., Bedford, Mass., Mar. 1976.
[4] P. Bernstein, V. Hadzilacos, and N. Goodman, Concurrency Control and Recovery in Database Systems. Addison-Wesley, 1987.
[5] O.A. Bukhres, J. chen, W. Du, A.K. Elmagarmid, and R. Pezzoli, "InterBase: An Execution Environment for Heterogeneous Software Systems," Computer, pp. 57-69, Aug. 1993.
[6] Committee on Multilevel Data Management Security, Multilevel Data Management Security.Washington, D.C.: Air Force Studies Board, Nat'l Research Council, 1983.
[7] D.E.R. Denning, Cryptography and Data Security. Addison-Wesley, 1983.
[8] A. Elmagarmid, Database Transaction Models for Advanced Applications. Morgan-Kaufmann Publishing Company, 1992.
[9] S. McFarling, "Procedure Merging with Instruction Caches," Proc. SIGPLAN 1991 Conf. Programming Language Design and Implementation, pp. 71-79, June 1991.
[10] H. Garcia-Molina and B. Kogan, "Achieving High Availability in Distributed Databases," IEEE Trans. Software Eng., vol. 14, no. 7, pp. 886-896, July 1988.
[11] J.N. Gray, R.A. Lorie, G.R. Putzolu, and I.L. Traiger, "Granularity of Locks and Degrees of Consistency in a Shared Data Base," Modelling in Data Base Management Systems, pp. 365-394, 1976.
[12] S. Jajodia and B. Kogan, “Transaction Processing in Multilevel Secure Databases Using Replicated Architecture,” Proc. IEEE Symp. Research in Security and Privacy, pp. 360–368, May 1990.
[13] T.F. Keefe and W.T. Tsai, “Multiversion Concurrency Control for Multilevel Secure Database Systems,” Proc. 10th IEEE Symp. Research in Security and Privacy, pp. 369-383, May 1990.
[14] B. Kogan and S. Jajodia, "Secure Concurrency Control," Proc. Third RADC Workshop Multilevel Database Security,Castille, N.Y., June 1990. Published as MITRE Technical Report MTP 385, B. Thuraisingham, ed.
[15] L. Lamport, "Concurrent Reading and Writing," Comm. ACM, vol. 20, no. 11, pp. 806-811, Nov. 1997.
[16] W.T. Maimone and I.B. Greenberg,"Single-level multiversion schedulers for multilevel secure database systems," Proc. Sixth Ann. Computer Security Applications Conf., pp. 137-147,Tucson, Ariz., Dec. 1990.
[17] C. Meadows and S. Jajodia, "Integrity vs. Security in Multi-Level Secure Databases," C.E. Landwehr, ed., Database Security, Status, and Prospects, pp. 89-101.Amsterdam: North-Holland, 1988.
[18] S. Mehrotra, R. Rastogi, H.F. Korth, and A. Sliberschatz, "Non-Serializable Executions in Heterogeneous Distributed Database Systems," Proc. IEEE Int'l Conf. Parallel and Distributed Systems, pp. 245-253, 1991.
[19] D.P. Reed and R.K. Kanodia, "Synchronization with Eventcounts and Sequencers," Comm. ACM, vol. 22, no. 2, pp. 115-123, Feb. 1979.
[20] M. Schaefer, "Quasi-Synchronization of Readers and Writers in a Secure Multi-Level Environment," Technical Report TM-5407/003, Systems Development Corp., Sept. 1974.
[21] L. Sha, "Modular Concurrency Control and Failure Recovery—Consistency, Correctness and Optimality," PhD thesis, Dept. of Computer and Electrical Eng., Carnegie-Mellon Univ., 1985.

Index Terms:
Concurrency control, databases, multilevel security, one-copy serializability, serializability, transaction management.
Citation:
Vijayalakshmi Atluri, Sushil Jajodia, Elisa Bertino, "Alternative Correctness Criteria for Concurrent Execution of Transactions in Multilevel Secure Databases," IEEE Transactions on Knowledge and Data Engineering, vol. 8, no. 5, pp. 839-854, Oct. 1996, doi:10.1109/69.542034
Usage of this product signifies your acceptance of the Terms of Use.