An Extended Transaction Model Approach for Multilevel Secure Transaction Processing

  title={An Extended Transaction Model Approach for Multilevel Secure Transaction Processing},
  author={Vijayalakshmi Atluri and Ravi Mukkamala},
Multilevel secure transaction processing has been well explored in the past decade. Despite this research, the proposed secure concurrency control protocols are not completely satisfactory because of the stringent constraints imposed by multilevel security. In this paper, we argue that modeling a transaction as an extended transaction model could significantly reduce the performance penalty. We accomplish this by minimizing (1) the probability of restarting a high security level transaction… 
1 Citations

Research Statement 1 Career Objectives 3.1 Security for Workflow Systems

  • Computer Science
My principal research activities lie in information systems security with particular emphasis on access control for advanced application domains such as geospatial and mobile database systems, workflow systems and digital libraries, authorization management for efficient enforcement of security, and secure transaction processing.



Advanced Transaction Processing in Multilevel Secure File Stores

The classical two-phase locking mechanism to multilevel secure file systems is extended and the scheme presented here prevents potential timing covert channels and avoids the abort of higher level transactions nonetheless guaranteeing serializability.

A Semantic-Based Transaction Processing Model for Multilevel Transactions

This work proposes an alternative semantic-based transaction processing model for multilevel transactions that uses the semantics of the application to analyze an application and reason about its behavior and shows how an example application can be analyzed to assure semantic correctness and this analysis can be automated.

Alternative correctness criteria for concurrent execution of transactions in multilevel secure databases

A multiversion timestamping protocol is presented that has several very desirable properties: it is secure, produces multIVERSion histories that are equivalent to one-serial histories in which transactions are placed in a timestamp order, avoids livelocks, and can be implemented using single-level untrusted schedulers.

ASEP: A Secure and Flexible Commit Protocol for MLS Distributed Database Systems

The Advanced Secure Early Prepare (ASEP) commit protocol is proposed, together with a number of language primitives that can be used as system calls in distributed transactions, to solve the problem of multi-level secure distributed database systems that employ a locking protocol for concurrency control.

Simple rational guidance for chopping up transactions

This work finds the finest partitioning of a set of transactions Tran set with the following property; if the partitioned transactions execute serializably, then TranSet executes serializability, which permits users to obtain more concurrency while preserving correctness.

A model for concurrency in nested transactions systems

A serializability theory is developed that can be used to prove the correctness of concurrency control algorithms for nested transactions and for multilevel database systems, and axioms are presented that express the basic properties that programs that manage or access data need to satisfy.

Multiversion concurrency control for multilevel secure database systems

  • T. KeefeW. Tsai
  • Computer Science
    Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy
  • 1990
The authors show that the scheduling protocol gives correct schedules and is free of covert channels due to contention for access to data, i.e. the scheduler is data-conflict-secure.

ACTA: a framework for specifying and reasoning about transaction structure and behavior

The reasoning capabilities of the ACTA framework have been tested by using the framework to study the properties of a new model that is derived by combining two existing transaction models.

Single-level multiversion schedulers for multilevel secure database systems

Two new concurrency control algorithms that are compatible with common security policies are described, based on the multiversion timestamp ordering technique, and implemented with single-level subjects.

Orange Locking: Channel-Free Database Concurrency Control Via Locking

It is shown how such locks can be used for concurrency control, without introducing covert channels, in many kinds of computer systems besides database systems.