Multilevel secure transaction processing

Quantified Score

Visualization

Abstract

Since 1990, transaction processing in multilevel secure databasemanagement systems (DBMSs) has been receiving a great deal ofattention from the security community. Transaction processing inthese systems requires modification of conventional schedulingalgorithms and commit protocols. These modifications are necessarybecause preserving the usual transaction properties whentransactions are executing at different security levels oftenconflicts with the enforcement of the security policy. Considerableeffort has been devoted to the development of efficient, securealgorithms for the major types of secure DBMS architectures:kernelized, replicated, and distributed. An additional problem thatarises uniquely in multilevel secure DBMSs is that of secure,correct execution when data at multiple security levels must bewritten within one transaction. Significant progress has been madein a number of these areas, and a few of the techniques have beenincorporated into commercial trusted DBMS products. However, thereare many open problems remain to be explored. This paper reviewsthe achievements to date in transaction processing for multilevelsecure DBMSs. The paper provides an overview of transactionprocessing needs and solutions in conventional DBMSs as background,explains the constraints introduced by multilevel security, andthen describes the results of research in multilevel securetransaction processing. Research results and limitations inconcurrency control, multilevel transaction management, and securecommit protocols are summarized. Finally, important new areas areidentified for secure transaction processing research.