Alternative correctness criteria for concurrent execution of transactions in multilevel secure databases

Jajodia, Sushil; Atluri, Vijayalakshmi

doi:10.1109/risp.1992.213259

Cited by 28 publications

(19 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The usual notion of correctness for concurrent execution of transactions when multiple versions are maintained in the database is said to be correct when its effect is equivalent to that of a serial execution of the same transactions on a one-copy database, which is called one copy serializability [8]. The significant efforts based on multiversion timestamp-ordering technique are due to Maim one and Greenberg [31], Keefe and Tsai [25], and Jajodia and Atluri [18]. Although these three protocols meet secrecy and availability requirements, Maim one and Greenberg's protocol does not meet the integrity requirement (i.e., it does not generate one-copy serializable histories).…”

Section: Secure Timestamp-based Protocolsmentioning

confidence: 99%

“…Although these three protocols meet secrecy and availability requirements, Maim one and Greenberg's protocol does not meet the integrity requirement (i.e., it does not generate one-copy serializable histories). We defer the discussion of the first protocol [31] until Section 5.3 and present the latter two [18], [25] in this section.…”

Section: Secure Timestamp-based Protocolsmentioning

confidence: 99%

See 1 more Smart Citation

Transaction Processing Environment Kernelized Architecture in Multilevel Secure Application Policies

Vishwakarma

2018

IJARCSSE

View full text Add to dashboard Cite

Abstract-Multilevel security poses many challenging problems for transaction processing. The challenges are due to the conflicting requirements imposed by confidentiality, integrity, and availability} the three components of security. We identify these requirements on transaction processing in Multilevel Secure (MLS) database management systems (DBMSs) and survey the efforts of a number of researchers to meet these requirements .While our emphasis on centralized system based on kernelized Architecture, we briefly overview the research in the distributed MLS DBMSs as well.Keywords-Database systems, transaction processing, security, concurrency control, mandatory access control, covert channel, kernelized architecture, replicated architecture. I. INTRODUCTIONMULTILEVEL SECURE (MLS) databases are characterized by systems that contain sensitive data classified at different levels of sensitivity. An MLS database management system (DBMS) enforces controlled access to data by assigning a security clearance to every user. Unlike conventional databases, users of MLS databases cannot, at their discretion, give away the access privileges on their data to other users, even though they are the owners of the data. An MLS DBMS decides the access privileges of the users based on the classification label associated with the data and the clearance level of the user. These are the so called mandatory access controls [12]. Classifications and clearances are collectively known as security classes or levels. A security class is made up of two components: a hierarchical component and a (possibly empty) non-hierarchical component, called a category. As an example, the different security levels distinguished in the structure of U.S. military security are unclassified, confidential, secret, and top secret, ordered in the increasing order of their importance to the national security. Categories are independent of each other, and are not ordered. NATO, Nuclear, and Crypto are examples of some of the categories used by U.S. military; they form the basis for enforcing need-to-know. The general structure of security classes' forms a lattice using the following dominance relation: A security class is said to dominate another security class if the hierarchical component of the first is greater than or equal to that of the second and the category set of the first contains all the categories of the second. (See [1], [12], [28] for additional details on multilevel security.) To enforce mandatory access control, all MLS systems use a trusted computing base (TCB), a small part of the operating system, which is responsible for all security relevant actions of the system. The TCB always has to be invoked, cannot be bypassed, and must be shown to perform only its intended functions (the code that implements the TCB must be verified for the presence of any malicious code). Concurrency control is crucial to transaction processing since databases are generally meant to cater to multiple users. Therefore, every DBMS must be equipped with a proper concurren...

show abstract

Section: Secure Timestamp-based Protocolsmentioning

confidence: 99%

Section: Secure Timestamp-based Protocolsmentioning

confidence: 99%

Transaction Processing Environment Kernelized Architecture in Multilevel Secure Application Policies

Vishwakarma

2018

IJARCSSE

View full text Add to dashboard Cite

show abstract

“…Although they produce only serializable histories to which our model can be directly applied, they are prone to starvation. In [JA92], a single-level timestamp-based scheduler is proposed which is secure and free of starvation. Although it produces one-copy serializable histories, our model can still be directly used to rewrite these histories (the reason is mentioned above).…”

Section: Fix Information Maintenancementioning

confidence: 99%

Trusted Recovery from Information Attacks

Jajodia¹,

Ammann²,

Liu³

2001

View full text Add to dashboard Cite

“…Notable among the other algorithms are LDV's approach to database consistency [OBRI90], the single-version fimestamping algorithm proposed by Ammann and Jajodia [AMMA91], algorithm based on event count and sequences proposed by McCollum and Notargiacomo [MCCO91], twosnapshot algorithm proposed by Ammann et al [AMMA92], correctness criteria proposed by Jajodia and Atluri [JAJO92], MITRE's work on concurrency control for a TDDBMS discussed in [RUBI92a,RUBI92b] was a consequence to the initial work on query processing for a TDDBMS reported in [RUBI90].…”

Section: Other Algorithmsmentioning

confidence: 99%

“…As stated in [AMMA92], periodically new snapshots are taken at specified security levels and high level transactions are methodically given access to the new snapshots. Jajodia and Atluri [JAJO92] propose three different notions of serializability which are alternatives to one-copy serializability. They argue that one-copy serializability might be too restrictive for trusted database systems and hence, the need for alternate notions of serializability.…”

Section: Other Algorithmsmentioning

confidence: 99%