Database Concurrency Control in Multilevel Secure Database Management Systems

Thomas F. Keefe; W. T. Tsai; Jaideep Srivastava

doi:10.1109/69.250090

Database Concurrency Control in Multilevel Secure Database Management Systems

Thomas F. Keefe, W. T. Tsai, Jaideep Srivastava

Research output: Contribution to journal › Article › peer-review

31 Scopus citations

Abstract

Transactions are vital for database management systems (DBMSs) because they provide transparency to concurrency and failure. Concurrent execution of transactions may lead to contention for access to data, which in a multilevel secure DBMS (MLS/DBMS) may lead to insecurity. In this paper we examine security issues involved in database concurrency control for MLS/DBMSs and show how a scheduler can affect security. We introduce Data Conflict Security, (DC-Security) a property that implies a system is free of convert channels due to contention for access to data. We present a definition of DC-Security based on noninterference. Two properties that constitute a necessary condition for DC-Security are introduced along with two other simpler necessary conditions. We have identified a class of schedulers we call Output-State-Equivalent for which another criterion implies DC-Security. The criterion considers separately the behavior of the scheduler in response to those inputs that cause rollback and those that do not. We characterize the security properties of several existing scheduling protocols and find many to be insecure. Covert channel analysis, database concur rency control, multilevel secure database Management systems, multilevel security, multiversion concurrency control, noninterference.

Original language	English (US)
Pages (from-to)	1039-1055
Number of pages	17
Journal	IEEE Transactions on Knowledge and Data Engineering
Volume	5
Issue number	6
DOIs	https://doi.org/10.1109/69.250090
State	Published - Dec 1993
Externally published	Yes

ASJC Scopus subject areas

Information Systems
Computer Science Applications
Computational Theory and Mathematics

Access to Document

10.1109/69.250090

Cite this

@article{85936500a56c438489ad94c79c6633ec,

title = "Database Concurrency Control in Multilevel Secure Database Management Systems",

abstract = "Transactions are vital for database management systems (DBMSs) because they provide transparency to concurrency and failure. Concurrent execution of transactions may lead to contention for access to data, which in a multilevel secure DBMS (MLS/DBMS) may lead to insecurity. In this paper we examine security issues involved in database concurrency control for MLS/DBMSs and show how a scheduler can affect security. We introduce Data Conflict Security, (DC-Security) a property that implies a system is free of convert channels due to contention for access to data. We present a definition of DC-Security based on noninterference. Two properties that constitute a necessary condition for DC-Security are introduced along with two other simpler necessary conditions. We have identified a class of schedulers we call Output-State-Equivalent for which another criterion implies DC-Security. The criterion considers separately the behavior of the scheduler in response to those inputs that cause rollback and those that do not. We characterize the security properties of several existing scheduling protocols and find many to be insecure. Covert channel analysis, database concur rency control, multilevel secure database Management systems, multilevel security, multiversion concurrency control, noninterference.",

author = "Keefe, {Thomas F.} and Tsai, {W. T.} and Jaideep Srivastava",

note = "Funding Information: 15, 1993. This work was supported in part by the National Science Foundation under Grant IRI 8919985-01. T. F. Keefe is with the Department of Computer Science and Engineering, The Pennsylvania State University, University Park, PA 16802. W. T. Tsai and J. Srivastava are with the Department of Computer Science, Minneapolis, MN 55455. IEEE Log Number 9212806.",

year = "1993",

month = dec,

doi = "10.1109/69.250090",

language = "English (US)",

volume = "5",

pages = "1039--1055",

journal = "IEEE Transactions on Knowledge and Data Engineering",

issn = "1041-4347",

publisher = "IEEE Computer Society",

number = "6",

}

TY - JOUR

T1 - Database Concurrency Control in Multilevel Secure Database Management Systems

AU - Keefe, Thomas F.

AU - Tsai, W. T.

AU - Srivastava, Jaideep

N1 - Funding Information: 15, 1993. This work was supported in part by the National Science Foundation under Grant IRI 8919985-01. T. F. Keefe is with the Department of Computer Science and Engineering, The Pennsylvania State University, University Park, PA 16802. W. T. Tsai and J. Srivastava are with the Department of Computer Science, Minneapolis, MN 55455. IEEE Log Number 9212806.

PY - 1993/12

Y1 - 1993/12

N2 - Transactions are vital for database management systems (DBMSs) because they provide transparency to concurrency and failure. Concurrent execution of transactions may lead to contention for access to data, which in a multilevel secure DBMS (MLS/DBMS) may lead to insecurity. In this paper we examine security issues involved in database concurrency control for MLS/DBMSs and show how a scheduler can affect security. We introduce Data Conflict Security, (DC-Security) a property that implies a system is free of convert channels due to contention for access to data. We present a definition of DC-Security based on noninterference. Two properties that constitute a necessary condition for DC-Security are introduced along with two other simpler necessary conditions. We have identified a class of schedulers we call Output-State-Equivalent for which another criterion implies DC-Security. The criterion considers separately the behavior of the scheduler in response to those inputs that cause rollback and those that do not. We characterize the security properties of several existing scheduling protocols and find many to be insecure. Covert channel analysis, database concur rency control, multilevel secure database Management systems, multilevel security, multiversion concurrency control, noninterference.

AB - Transactions are vital for database management systems (DBMSs) because they provide transparency to concurrency and failure. Concurrent execution of transactions may lead to contention for access to data, which in a multilevel secure DBMS (MLS/DBMS) may lead to insecurity. In this paper we examine security issues involved in database concurrency control for MLS/DBMSs and show how a scheduler can affect security. We introduce Data Conflict Security, (DC-Security) a property that implies a system is free of convert channels due to contention for access to data. We present a definition of DC-Security based on noninterference. Two properties that constitute a necessary condition for DC-Security are introduced along with two other simpler necessary conditions. We have identified a class of schedulers we call Output-State-Equivalent for which another criterion implies DC-Security. The criterion considers separately the behavior of the scheduler in response to those inputs that cause rollback and those that do not. We characterize the security properties of several existing scheduling protocols and find many to be insecure. Covert channel analysis, database concur rency control, multilevel secure database Management systems, multilevel security, multiversion concurrency control, noninterference.

UR - http://www.scopus.com/inward/record.url?scp=0027848097&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0027848097&partnerID=8YFLogxK

U2 - 10.1109/69.250090

DO - 10.1109/69.250090

M3 - Article

AN - SCOPUS:0027848097

SN - 1041-4347

VL - 5

SP - 1039

EP - 1055

JO - IEEE Transactions on Knowledge and Data Engineering

JF - IEEE Transactions on Knowledge and Data Engineering

IS - 6

ER -

Database Concurrency Control in Multilevel Secure Database Management Systems

Abstract

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this