Correctness Criteria for Multilevel Secure Transactions

Authors:
Kenneth P. Smith;Barbara T. Blaustein;Sushil Jajodia;LouAnna Notargiacomo
Affiliations:
-;-;-;-
Venue:
IEEE Transactions on Knowledge and Data Engineering
Year:
1996

Citing 8
Cited 5

Concurrency control and recovery in database systems

Concurrency control and recovery in database systems
Maintaining multilevel transaction atomicity in MLS database systems with kernelized architecture

Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Informix guide to SQL

Informix guide to SQL
Transaction Processing: Concepts and Techniques

Transaction Processing: Concepts and Techniques
Transaction Processing Using an Untrusted Scheduler in a Multilevel Database with Replicated Architecture

Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
A Multilevel Transaction Problem for Multilevel Secure Database Systems and Its Solution for the Replicated Architecture

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Alternative Correctness Criteria for Concurrent Execution of Transactions in Multilevel Secure Databases

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A Model of Atomicity for Multilevel Transactions

SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy

Data management research at the MITRE Corporation

ACM SIGMOD Record
Verified Order-Based Transaction Scheduling Scheme for Multilevel Secure Database Management Systems

DEXA '00 Proceedings of the 11th International Conference on Database and Expert Systems Applications
Closing the key loophole in MLS databases

ACM SIGMOD Record
Ensuring atomicity of multilevel transactions

SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Research of multilevel transaction schedule algorithm based on transaction segments

APWeb'06 Proceedings of the 2006 international conference on Advanced Web and Network Technologies, and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

The benefits of distributed systems and shared database resources are widely recognized, but they often cannot be exploited by users who must protect their data by using label-based access controls. In particular, users of label-based data need to read and write data at different security levels within a single database transaction, which is not currently possible without violating multilevel security constraints. This paper presents a formal model of multilevel transactions which provide this capability. We define four ACIS (atomicity, consistency, isolation, and security) correctness properties of multilevel transactions. While atomicity, consistency and isolation are mutually achievable in standard single-site and distributed transactions, we show that the security requirements of multilevel transactions conflict with some of these goals. This forces trade-offs to be made among the ACIS correctness properties, and we define appropriate partial correctness properties. Due to such trade-offs, an important problem is to design multilevel transaction execution protocols which achieve the greatest possible degree of correctness. These protocols must provide a variety of approaches to making trade-offs according to the differing priorities of various users. We present three transaction execution protocols which achieve a high degree of correctness. These protocols exemplify the correctness trade-offs proven in the paper, and offer realistic implementation options.