This Article 
 Bibliographic References 
 Add to: 
ASEP: A Secure and Flexible Commit Protocol for MLS Distributed Database Systems
November/December 2000 (vol. 12 no. 6)
pp. 880-899

Abstract—The classical Early Prepare commit protocol (EP), used in many commercial systems, is not suitable for use in multilevel secure distributed databases systems that employ a locking protocol for concurrency control. This is because EP requires that read locks are not released by a participant during its window of uncertainty; however, it is not possible for a locking protocol to provide this guarantee in a multilevel secure system (since the read lock of a higher-level transaction on a lower-level data object must be released whenever a lower-level transaction wants to write the same data). The only available work in the literature, namely the Secure Early Prepare protocol (SEP), overcomes this difficulty by aborting those distributed transactions that release their low-level read locks prematurely. We see this approach as being too restrictive. One of the major benefits of distributed processing is its robustness to failures, and SEP fails to take advantage of this. In this work, we propose the Advanced Secure Early Prepare commit protocol (ASEP) to solve the above problem together with a number of language primitives that can be used as system calls in distributed transactions. These primitives permit features like partial rollback and forward recovery to be incorporated within the transaction model, and allow a distributed transaction to proceed even when a participant has released its low-level read locks prematurely. This not only offers flexibility, but can also be used, if desired, by a sophisticated programmer to trade off consistency for atomicity of the distributed transaction.

[1] V. Atluri, E. Bertino, and S. Jajodia, “Degrees of Isolation, Concurrency Control Protocols, and Commit Protocols,” Database Security, VIII: Status and Prospects, J. Biskup et al., eds., pp. 259–274, 1994.
[2] P. Bernstein, V. Hadzilacos, and N. Goodman, Concurrency Control and Recovery in Database Systems. Addison-Wesley, 1987.
[3] J.L. Eppinger, L.B. Mummert, and A.Z. Spector, Camelot and Avalon: A Distributed Transaction Facility. San Mateo, Calif.: Morgan Kaufman, 1991.
[4] T.H. Hinke and M. Schaefer, “Secure Database Management System,” Technical Report RADC-TR-75-266, System Development Corp., Nov. 1975.
[5] J.D. Horton, R.H. Cooper, W.F. Hyslop, B.G. Nickerson, O.K. Ward, R. Harland, E. Ashby, and W.M. Stewart, “The Cascade Vulnerability Problem,” J. Computer Security, vol. 2, no. 4, pp. 279–290, 1993.
[6] Informix-OnLine/Secure Administrator's Guide. Menlo Park, Calif.: Informix Software, Inc., Apr. 1993.
[7] Informix-OnLine/Secure Security Features User's Guide. Menlo Park, Calif.: Informix Software, Inc., Apr. 1993.
[8] S. Jajodia and B. Kogan, “Transaction Processing in Multilevel Secure Databases Using Replicated Architecture,” Proc. IEEE Symp. Research in Security and Privacy, pp. 360–368, May 1990.
[9] S. Jajodia and C. McCollum, “Using Two-Phase Commit for Crash Recovery in Federated Multilevel Secure Database Management Systems,” Dependable Computing and Fault-Tolerant Systems, C.E. Landwehr et al., eds., vol. 8, pp. 365–381, 1993.
[10] S. Jajodia, C.D. McCollum, and B.T. Blaustein, “Integrating Concurrency Control and Commit Algorithms in Distributed Multilevel Secure Databases,” Database Security, VII: Status and Prospects, T.F. Keefe and C.E. Landwehr, eds., pp. 109–121, 1994.
[11] J. McDermott and S. Jajodia, “Orange Locking: Channel-Free Database Concurrency Control via Locking,” Database Security, VI: Status and Prospects, B.M. Thuraisingham and C.E. Landwehr, eds., pp. 267–284, 1993.
[12] J.K. Millen and M.W. Schwartz, “The Cascading Problem for Interconnected Networks,” Proc. Fourth Aerospace Computer Security Applications Conf., pp. 269–274, Dec. 1988.
[13] C. Mohan, B. Lindsay, and R. Obermarck, “Transaction Management in R* Distributed Database Management System,” ACM Trans. Database Systems, vol. 11, no. 4, pp. 378–396, Dec. 1986.
[14] J. Eliot and B. Moss, Nested Transactions. An Approach to Reliable Distributed Computing. Information Systems Series. Cambridge, Mass.: MIT Press, 1985.
[15] J.W. Stamos and F. Cristian, “Coordinator Log Transaction Execution Protocol,” Distributed and Parallel Databases, vol. 1, pp. 383–408, 1993.

Index Terms:
Database management systems, distributed databases, security, multilevel security, transaction processing, commit protocol.
Indrajit Ray, Luigi V. Mancini, Sushil Jajodia, Elisa Bertino, "ASEP: A Secure and Flexible Commit Protocol for MLS Distributed Database Systems," IEEE Transactions on Knowledge and Data Engineering, vol. 12, no. 6, pp. 880-899, Nov.-Dec. 2000, doi:10.1109/69.895800
Usage of this product signifies your acceptance of the Terms of Use.