This Article 
 Bibliographic References 
 Add to: 
Multiversion Locking Protocol with Freezing for Secure Real-Time Database Systems
September/October 2002 (vol. 14 no. 5)
pp. 1141-1154

Abstract—Database systems for real-time applications must satisfy timing constraints associated with transactions. Typically, a timing constraint is expressed in the form of a deadline and is represented as a priority to be used by schedulers. Recently, security has become another important issue in many real-time applications. In many systems, sensitive information is shared by multiple users with different levels of security clearance. As more advanced database systems are being used in applications that need to support timeliness while managing sensitive information, there is an urgent need to develop protocols for concurrency control in transaction management that satisfy both timing and security requirements. In this paper, we propose a new multiversion concurrency control protocol that ensures that both security and real-time requirements are met. The proposed protocol is primarily based on locking. However, in order to satisfy timing constraints and security requirements, a new method, called the freezing method, is proposed. In order to show that our protocol provides a higher degree of concurrency than existing multiversion protocols, we define a new serializability for multiversion concurrency control, called FR-serializability, which is more general than traditional serializability. We present several examples to illustrate the behavior of our protocol, along with performance comparisons with other protocols. The simulation results show significant performance improvement of the new protocol.

[1] R.K. Abbott and H. Garcia-Molina, “Scheduling Real-Time Transactions: A Performance Evaluation,” ACM Trans. Database Systems, vol. 17, no. 3, pp. 513–560, Sept. 1992.
[2] A. Alan and B. Pritsker, Introduction to Simulation and SLAM II third ed., Indiana: Systems Publishing, 1986.
[3] V. Atluri, E. Bertino, and S. Jajodia, “Providing Different Degrees of Recency Options to Transactions in Multilevel Secure Databases,” Proc. IFIP WG11.3 Ninth Ann. Working Conf. Database Security, pp. 255-273, Aug. 1995.
[4] V. Atluri, S. Jajodia, T.F. Keefe, C. McCollum, and R. Mukkamala, “Multilevel Secure Transaction Processing: Status and Prospects,” Proc. IFIP WG11.3 10th Ann. Working Conf. Database Security, pp. 79-98, July 1996.
[5] D.E. Bell and L.J. LaPadula, “Secure Computer Systems: Mathematical Foundations,” Technical Report MTR-2997, The Mitre Corporation, Bedford, Mass., 1973.
[6] P.A. Bernstein and N. Goodman, “Multiversion Concurrency Control-Theory and Algorithms,” ACM Trans. Database Systems, vol. 8, no. 4, pp. 465-483, Dec. 1983.
[7] P. Bernstein, V. Hadzilacos, and N. Goodman, Concurrency Control and Recovery in Database Systems. Addison-Wesley, 1987.
[8] M. Haines, D. Cronk, and P. Mehrotra, "On the Design of Chant: A Talking Threads Package," Proc. Supercomputing 94, IEEE Computer Society Press, Los Alamitos, Calif., 1994, pp. 350-359.
[9] C. Chaney and S. Son, “Supporting the Requirements for Multilevel Secure and Real-Time Databases in Distributed Environments,” Proc. IFIP 11th Working Conf. Database Security, pp. 57-71, Aug. 1997.
[10] D.E. Denning, Information Warfare and Security. Reading, Mass.: Addison-Wesley, 1998.
[11] B. George and J. Haritsa, “Secure Transaction Processing in Firm Real-Time Database Systems,” Proc. ACM SIGMOD Conf., May 1997.
[12] I. Goldberg, Information Warfare, I-War, IW, C4I, Cyberwar. http://www.cs.ust.hk iwar.1.html, Jan. 1996.
[13] H. Han, S. Park, and C. Park, “A Concurrency Control Protocol for Read-Only Transactions in Real-Time Secure Database Systems,” Proc. Seventh Int'l Conf. Real-Time Computing Systems and Applications, pp. 458-462, Dec. 2000.
[14] J. Haritsa, M. Carey, and M. Livny, “Dynamic Real-Time Optimistic Concurrency Control,” Proc. 11th IEEE Real-Time Systems Symp., pp. 94-103, Dec. 1991.
[15] S. Jajodia and V. Atluri, “Alternative Correctness Criteria for Concurrent Execution of Transactions in Multilevel Secure Databases,” Proc. IEEE Symp. Security and Privacy, pp. 216–224, 1992.
[16] S. Jajodia, L.V. Mancini, and I. Ray, “Secure Locking Protocols for Multilevel Database Management Systems,” Proc. IFIP 10th Working Conf. Database Security, pp. 177-194, July 1996.
[17] T.F. Keefe and W.T. Tsai, “Multiversion Concurrency Control for Multilevel Secure Database Systems,” Proc. 10th IEEE Symp. Research in Security and Privacy, pp. 369-383, May 1990.
[18] T.F. Keefe, W.T. Tsai, and J. Srivastava, “Database Concurrency Control in Multilevel Secure Database Management Systems,” IEEE Trans. Knowledge and Data Eng., vol. 5, no. 6, pp. 1039-1055, Feb. 1990.
[19] W. Kim and J. Srivastava,“Enhancing real-time DBMS performance with multiversion data and priority based disk scheduling,” Proc. 12th IEEE Real-Time Systems Symp. (RTSS), Dec. 1991.
[20] V. Kumar, Performance of Concurrency Control Mechanisms in Centralized Database Systems. New Jersey, Prentice-Hall, 1986.
[21] J. McDermott and S. Jajodia, “Orange Locking: Channel-Free Database Concurrency Control via Locking,” Database Security, VI: Status and Prospects, B.M. Thuraisingham and C.E. Landwehr, eds., pp. 267–284, 1993.
[22] R. Mukkamala and S.H. Son, “A Secure Concurrency Control Protocol for Real-Time Databases,” Proc. Database Security IX: Status and Prospects, D.L. Spooner, ed., pp. 215–230, 1996.
[23] S. Pal, “A Locking Protocol for Multilevel Secure Databases Providing Support For Long Transactions,” Proc. IFIP Ninth Working Conf. Database Security, pp. 199-221, Aug. 1995.
[24] C. Park and S. Park, “Alternative Correctness Criteria for Multiversion Concurrency Control and a Locking Protocol via Freezing,” Proc. Int'l Database Eng. and Applications Symp., pp. 73-81, Aug. 1997.
[25] C. Park, S. Park, and S.H. Son, ”Priority-Driven Secure Multiversion Locking Protocol for Real-Time Secure Database Systems,” Proc. Database Security XI: Status and Prospects, T.Y. Lin and S. Qian, eds., pp. 229–244, 1998.
[26] R.S. Sandhu, D. Ferraiolo, and R. Kuhn, "The NIST Model for Role-Based Access Control: Towards A Unified Standard," 5th ACM Workshop on Role-Based Access Control, ACM Press, New York, 2000, pp. 47-60.
[27] L.C. Shu and M. Young, “Correctness Criteria and Concurrency Control for Real-Time Systems: A Survey,” Technical Report SERC-TR-131-P, Purdue Univ., Ind., Nov. 1992.
[28] S. Son, S. Park, and Y. Lin, “An Integrated Real-Time Locking Protocol,” Proc. Eighth Int'l Conf. Data Eng., pp. 527-534, Feb. 1992.
[29] S.H. Son and B. Thuraisingham, “Towards a Multilevel Secure Database Management System for Real-Time Applications,” Proc. IEEE Workshop Real-Time Applications, pp. 131–135, May 1993.
[30] S. Son, R. David, and B. Thuraisingham, “An Adaptive Policy for Improved Timeliness in Secure Database Systems,” Proc. IFIP Ninth Working Conf. Database Security, pp. 223-233, Aug. 1995.
[31] S.H. Son, R. David, and C. Chaney, “Design and Analysis of an Adaptive Policy for Secure Real-Time Locking Protocol,” J. Information Sciences, vol. 99,nos. 1–2, pp. 101–135, June 1997.
[32] S.H. Son, R. Mukkamala, and R. David, “Integrating Security and Real-Time Requirements Using Covert Channel Capacity,” IEEE Trans. Knowledge and Data Eng., vol. 12, no. 6, Nov./Dec. 2000.
[33] J. Stankovic, S. Son, and J. Hansson, “Misconceptions About Real-Time Databases,” Real-Time Database Systems: Architecture and Techniques, K. Lam and T. Kuo, eds., Kluwer Academic, pp. 9-16, 2001.

Index Terms:
Locking protocol, multiversion concurrency control, multilevel security, real-time database systems, transaction management.
Chanjung Park, Seog Park, Sang H. Son, "Multiversion Locking Protocol with Freezing for Secure Real-Time Database Systems," IEEE Transactions on Knowledge and Data Engineering, vol. 14, no. 5, pp. 1141-1154, Sept.-Oct. 2002, doi:10.1109/TKDE.2002.1033780
Usage of this product signifies your acceptance of the Terms of Use.