Verified order-based secure concurrency controller in multilevel secure database management systems

Abstract

While the secure concurrency controllers (SCCs) in multilevel secure database systems (MLS/DBMSs) synchronize transactions cleared at different security levels, they must consider the problem of covert channel. We propose a neu SCC. named Verified Order-based secure concurrency controller (VO) that founds on multiversion database. VO maintains elaborated information about ordering relationships among transactions in a way of actively investigating and renewing the ordering relationships whenever it receives operations. With the elaborated information, it becomes capable of aborting transactions selectively whose non-interfered executions definitely violate one-copy serializability and providing more recent data versions to lead requests than the other multiversion-based SCCs. Therefore, it comes to reduce the abort ratio and provide data versions of improved trustworthiness to transactions. By virtue of the elaborated information, moreover, VO is able to distinguish worthful versions and worthful transactions from worthless ones, so that it is capable lightening the burdens of maintaining multiple versions and accumulated transaction ordering relationships. For the aborts that are inevitable for preserving one-copy serializability, VO achieves security by deriving the conflicts to occur between transactions that have been cleared at the same security level.