Issue No. 06 - November/December (2000 vol. 12)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/69.895799
<p><b>Abstract</b>—Database systems for real-time applications must satisfy timing constraints associated with transactions in addition to maintaining data consistency. In addition to real-time requirements, security is usually required in many applications. Multilevel security requirements introduce a new dimension to transaction processing in real-time database systems. In this paper, we argue that, due to the conflicting goals of each requirement, trade-offs need to be made between security and timeliness. We first define mutual information, a measure of the degree to which security is being satisfied by a system. A secure two-phase locking protocol is then described and a scheme is proposed to allow partial violations of security for improved timeliness. Analytical expressions for the mutual information of the resultant covert channel are derived and a feedback control scheme is proposed that does not allow the mutual information to exceed a specified upper bound. Results showing the efficacy of the scheme obtained through simulation experiments are also discussed.</p>
Concurrency control, covert channel analysis, database systems, locking protocols, multilevel security, real-time systems.
Sang H. Son, Ravi Mukkamala, Rasikan David, "Integrating Security and Real-Time Requirements Using Covert Channel Capacity", IEEE Transactions on Knowledge & Data Engineering, vol. 12, no. , pp. 865-879, November/December 2000, doi:10.1109/69.895799