Multilevel secure transaction processing1
Article type: Research Article
Authors: Jajodia, Sushila | Atluri, Vijayalakshmib | Keefe, Thomas F.c | McCollum, Catherine D.d | Mukkamala, Ravie
Affiliations: [a] Center for Secure Information Systems and Department of Information and Software Systems Engineering, George Mason University, Fairfax, VA 22030-4444, USA. E-mail: jajodia@gmu.edu | [b] MS/CIS Department, Rutgers University, Newark, NJ 07102, USA. E-mail: atluri@andromeda.rutgers.edu | [c] Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA 16802, USA. E-mail: keefe@cse.psu.edu | [d] The MITRE Corporation, 1820 Dolley Madison Boulevard, McLean, VA 22102-3481, USA. E-mail: mccollum@mitre.org | [e] Department of Computer Science, Old Dominion University, Norfolk, VA 23529-0162, USA. E-mail: mukka@cs.odu.edu
Note: [1] The work of Sushil Jajodia was partially supported by National Science Foundation under grant INT-9412507 and by National Security Agency under grants MDA904-96-1-0103 and MDA904-96-1-0104. The work of Vijayalakshmi Atluri was partially supported by National Science Foundation under grant number IRI-9624222, and by National Security Agency under grant number MDA904-96-1-0127. The work of Thomas Keefe was partially supported by National Security Agency under grant MDA904-94-C-612. The work of Catherine McCollum was partially supported by U.S. Air Force Rome Laboratory under contract number F19628-94-C-0001.
Abstract: Since 1990, transaction processing in multilevel secure database management systems (DBMSs) has been receiving a great deal of attention from the security community. Transaction processing in these systems requires modification of conventional scheduling algorithms and commit protocols. These modifications are necessary because preserving the usual transaction properties when transactions are executing at different security levels often conflicts with the enforcement of the security policy. Considerable effort has been devoted to the development of efficient, secure algorithms for the major types of secure DBMS architectures: kernelized, replicated, and distributed. An additional problem that arises uniquely in multilevel secure DBMSs is that of secure, correct execution when data at multiple security levels must be written within one transaction. Significant progress has been made in a number of these areas, and a few of the techniques have been incorporated into commercial trusted DBMS products. However, there are many open problems remain to be explored. This paper reviews the achievements to date in transaction processing for multilevel secure DBMSs. The paper provides an overview of transaction processing needs and solutions in conventional DBMSs as background, explains the constraints introduced by multilevel security, and then describes the results of research in multilevel secure transaction processing. Research results and limitations in concurrency control, multilevel transaction management, and secure commit protocols are summarized. Finally, important new areas are identified for secure transaction processing research.
Keywords: Security, database management systems, commit protocol, concurrency control, multilevel security, serializability, transaction processing
DOI: 10.3233/JCS-2001-9301
Journal: Journal of Computer Security, vol. 9, no. 3, pp. 165-195, 2001