Multilevel secure database concurrency control

T. F. Keefe, W. T. Tsai, Jaideep Srivastava

Research output: Chapter in Book/Report/Conference proceedingConference contribution

17 Citations (Scopus)

Abstract

The implications of multilevel security on database concurrency control are explored. Transactions are vital for multilevel secure database management systems (MLS/DBMSs) because they provide transparency to concurrency and to failure. Concurrent execution of transactions may lead to contention among subjects for access to data, which in MLS/DBMSs may lead to security problems. An abstraction of security models in terms of the transactions which they produce is presented. The notion of DC-Security, which identifies a class of covert channels that are caused by contention for access to shared data, is introduced. This notion is useful for evaluating the security of transaction schedulers. A framework for multilevel secure schedulers which allows analysis of a schedulers' security properties at the protocol level is presented. Necessary and sufficient conditions are developed for DC-Security in this framework and proved using noninterference. A wide range of schedulers is evaluated against these conditions.

Original languageEnglish
Title of host publicationProceedings - Sixth International Conference on Data Engineering
Place of PublicationPiscataway, NJ, United States
PublisherPubl by IEEE
Pages337-344
Number of pages8
ISBN (Print)0818620250
Publication statusPublished - 1990
Externally publishedYes
EventProceedings - Sixth International Conference on Data Engineering - Los Angeles, CA, USA
Duration: 5 Feb 19909 Feb 1990

Other

OtherProceedings - Sixth International Conference on Data Engineering
CityLos Angeles, CA, USA
Period5/2/909/2/90

Fingerprint

Concurrency control
Transparency
Network protocols

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Keefe, T. F., Tsai, W. T., & Srivastava, J. (1990). Multilevel secure database concurrency control. In Proceedings - Sixth International Conference on Data Engineering (pp. 337-344). Piscataway, NJ, United States: Publ by IEEE.

Multilevel secure database concurrency control. / Keefe, T. F.; Tsai, W. T.; Srivastava, Jaideep.

Proceedings - Sixth International Conference on Data Engineering. Piscataway, NJ, United States : Publ by IEEE, 1990. p. 337-344.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Keefe, TF, Tsai, WT & Srivastava, J 1990, Multilevel secure database concurrency control. in Proceedings - Sixth International Conference on Data Engineering. Publ by IEEE, Piscataway, NJ, United States, pp. 337-344, Proceedings - Sixth International Conference on Data Engineering, Los Angeles, CA, USA, 5/2/90.
Keefe TF, Tsai WT, Srivastava J. Multilevel secure database concurrency control. In Proceedings - Sixth International Conference on Data Engineering. Piscataway, NJ, United States: Publ by IEEE. 1990. p. 337-344
Keefe, T. F. ; Tsai, W. T. ; Srivastava, Jaideep. / Multilevel secure database concurrency control. Proceedings - Sixth International Conference on Data Engineering. Piscataway, NJ, United States : Publ by IEEE, 1990. pp. 337-344
@inproceedings{08d6913ab561498189bf978055264b99,
title = "Multilevel secure database concurrency control",
abstract = "The implications of multilevel security on database concurrency control are explored. Transactions are vital for multilevel secure database management systems (MLS/DBMSs) because they provide transparency to concurrency and to failure. Concurrent execution of transactions may lead to contention among subjects for access to data, which in MLS/DBMSs may lead to security problems. An abstraction of security models in terms of the transactions which they produce is presented. The notion of DC-Security, which identifies a class of covert channels that are caused by contention for access to shared data, is introduced. This notion is useful for evaluating the security of transaction schedulers. A framework for multilevel secure schedulers which allows analysis of a schedulers' security properties at the protocol level is presented. Necessary and sufficient conditions are developed for DC-Security in this framework and proved using noninterference. A wide range of schedulers is evaluated against these conditions.",
author = "Keefe, {T. F.} and Tsai, {W. T.} and Jaideep Srivastava",
year = "1990",
language = "English",
isbn = "0818620250",
pages = "337--344",
booktitle = "Proceedings - Sixth International Conference on Data Engineering",
publisher = "Publ by IEEE",

}

TY - GEN

T1 - Multilevel secure database concurrency control

AU - Keefe, T. F.

AU - Tsai, W. T.

AU - Srivastava, Jaideep

PY - 1990

Y1 - 1990

N2 - The implications of multilevel security on database concurrency control are explored. Transactions are vital for multilevel secure database management systems (MLS/DBMSs) because they provide transparency to concurrency and to failure. Concurrent execution of transactions may lead to contention among subjects for access to data, which in MLS/DBMSs may lead to security problems. An abstraction of security models in terms of the transactions which they produce is presented. The notion of DC-Security, which identifies a class of covert channels that are caused by contention for access to shared data, is introduced. This notion is useful for evaluating the security of transaction schedulers. A framework for multilevel secure schedulers which allows analysis of a schedulers' security properties at the protocol level is presented. Necessary and sufficient conditions are developed for DC-Security in this framework and proved using noninterference. A wide range of schedulers is evaluated against these conditions.

AB - The implications of multilevel security on database concurrency control are explored. Transactions are vital for multilevel secure database management systems (MLS/DBMSs) because they provide transparency to concurrency and to failure. Concurrent execution of transactions may lead to contention among subjects for access to data, which in MLS/DBMSs may lead to security problems. An abstraction of security models in terms of the transactions which they produce is presented. The notion of DC-Security, which identifies a class of covert channels that are caused by contention for access to shared data, is introduced. This notion is useful for evaluating the security of transaction schedulers. A framework for multilevel secure schedulers which allows analysis of a schedulers' security properties at the protocol level is presented. Necessary and sufficient conditions are developed for DC-Security in this framework and proved using noninterference. A wide range of schedulers is evaluated against these conditions.

UR - http://www.scopus.com/inward/record.url?scp=0025669692&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0025669692&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:0025669692

SN - 0818620250

SP - 337

EP - 344

BT - Proceedings - Sixth International Conference on Data Engineering

PB - Publ by IEEE

CY - Piscataway, NJ, United States

ER -