Verified order-based secure concurrency controller in multilevel secure database management systems

Abstract

While the secure concurrency controllers (SCCs) in multilevel secure database systems (MLS/DBMSs) synchronize transactions cleared at different security levels, they must consider the problem of covert channel. We propose a new SCC, named Verified Order-based secure concurrency controller (VO) that founds on multiversion database. VO maintains elaborated informaion about ordering relationships among transactions in a way of actively investigating and renewing the ordering relationships whenever it receives operations. With the elaborated information, it becomes capable of aborting transcations selectively whose non-interfered executions definitely violate one-copy serializability and providing more recent data versions to read requests than the other multiversion-based SCCs. Therefore, it comes to reduce the abort ratio and provide data versions with improved trustworthiness to transactions. By virtue of the elaborated information, moreover, VO is able to distinguish worthy versions and worthy transactions from unworthy ones, so that it is able to lighten the burdens of maintaining multiple versions and accumulated ordering relationships among transactions. For the aborts that are inevitable for preserving one-copy serializability, VO achieves security by deriving the conflicts to be occurred between transactions that have been cleared at the same security level.