Database Concurrency Control in Multilevel Secure Database Management Systems

Thomas F. Keefe, W. T. Tsai, Jaideep Srivastava

Research output: Contribution to journalArticle

29 Scopus citations

Abstract

Transactions are vital for database management systems (DBMSs) because they provide transparency to concurrency and failure. Concurrent execution of transactions may lead to contention for access to data, which in a multilevel secure DBMS (MLS/DBMS) may lead to insecurity. In this paper we examine security issues involved in database concurrency control for MLS/DBMSs and show how a scheduler can affect security. We introduce Data Conflict Security, (DC-Security) a property that implies a system is free of convert channels due to contention for access to data. We present a definition of DC-Security based on noninterference. Two properties that constitute a necessary condition for DC-Security are introduced along with two other simpler necessary conditions. We have identified a class of schedulers we call Output-State-Equivalent for which another criterion implies DC-Security. The criterion considers separately the behavior of the scheduler in response to those inputs that cause rollback and those that do not. We characterize the security properties of several existing scheduling protocols and find many to be insecure. Covert channel analysis, database concur rency control, multilevel secure database Management systems, multilevel security, multiversion concurrency control, noninterference.

Original languageEnglish (US)
Pages (from-to)1039-1055
Number of pages17
JournalIEEE Transactions on Knowledge and Data Engineering
Volume5
Issue number6
DOIs
StatePublished - Dec 1993

    Fingerprint

ASJC Scopus subject areas

  • Information Systems
  • Computer Science Applications
  • Computational Theory and Mathematics

Cite this