ASEP: a secure and flexible commit protocol for MLS distributed database systems

Dept. of Comput. & Inf. Sci., Michigan Univ., Dearborn, MI
IEEE Transactions on Knowledge and Data Engineering (Impact Factor: 1.82). 12/2000; DOI: 10.1109/69.895800
Source: IEEE Xplore

ABSTRACT The classical Early Prepare (EP) commit protocol, used in many
commercial systems, is not suitable for use in multi-level secure (MLS)
distributed database systems that employ a locking protocol for
concurrency control. This is because EP requires that read locks are not
released by a participant during their window of uncertainty; however,
it is not possible for a locking protocol to provide this guarantee in a
MLS system (since the read lock of a higher-level transaction on a
lower-level data object must be released whenever a lower-level
transaction wants to write the same data). The only available work in
the literature, namely the Secure Early Prepare (SEP) protocol,
overcomes this difficulty by aborting those distributed transactions
that release their low-level read locks prematurely. We see this
approach as being too restrictive. One of the major benefits of
distributed processing is its robustness to failures, and SEP fails to
take advantage of this. In this paper, we propose the Advanced Secure
Early Prepare (ASEP) commit protocol to solve the above problem,
together with a number of language primitives that can be used as system
calls in distributed transactions. These primitives permit features like
partial rollback and forward recovery to be incorporated within the
transaction model, and allow a distributed transaction to proceed even
when a participant has released its low-level read locks prematurely.
This not only offers flexibility, but can also be used, if desired, by a
sophisticated programmer to trade off consistency for atomicity of the
distributed transaction

1 Follower
  • [Show abstract] [Hide abstract]
    ABSTRACT: Multilevel security requirements introduce a new dimension to traditional database schedulers as they cause covert channels. To prevent covert channels, scheduler for multilevel secure database should ensure that transactions at low security level are never delayed by high security level transactions in the event of a data conflict. This may subjected to an indefinite delay if it is forced to abort repeatedly to high security level transactions and making the secure scheduler unfair towards high security level transactions. This paper proposes secure database scheduler that is based on both optimistic and locking techniques (SO2PL) for multilevel secure distributed database systems. The proposed database scheduler is free from covert channels without starving the high security level transactions. Through a simulation study we evaluate the performance of the SO2PL and compare it with S2PL scheduler.
  • [Show abstract] [Hide abstract]
    ABSTRACT: Addressing security demands under fixed budgets and tight time constraints are becoming extremely challenging, time consuming and resource intensive. Moreover, securing the distributed database in compliance with several security guidelines makes the system more complex. Mission critical systems, military, government and financial institutions have been under tremendous pressure to secure their databases. Such requirements mandate that each system passes a strict security scan before it is deemed suitable to go into operational mode. This paper presents a framework that embeds security capabilities into distributed database by replicating different predefined security policies at different sites using multilevel secure database management system.
    Advances in Computing and Communications - First International Conference, ACC 2011, Kochi, India, July 22-24, 2011. Proceedings, Part I; 01/2011
  • [Show abstract] [Hide abstract]
    ABSTRACT: Majority of the research in multilevel secure database management systems (MLS/DBMS) focuses primarily on centralized database systems. However, with the demand for higher performance and higher availability, database systems have moved from centralized to distributed architectures, and the research in multilevel secure distributed database management systems (MLS/DDBMS) is gaining more and more prominence. Traditional transaction management protocols (i.e., concurrency control and commit protocols) are important components of database systems. The most important issues for these protocols in MLS database system are the covert channel problem [2] and starvation of high security level transactions [10]. To address these problems, first we propose new correctness criteria for multilevel secure multiversion concurrency control protocol, called read-down conflict serializability. It is the extended definition of one-copy serial (or1-serial) that allows a transaction to read older versions, if necessary. If a concurrency control protocol allows transaction to read older versions, we can obtain better throughput and response time than the traditional multiversion concurrency control protocols. We show that multiversion schedule based upon proposed criteria is also one-copy serializable. Secondly, this paper proposes a secure multiversion concurrency control protocol for MLS/DDBMSs that is only free from covert channels but also do so without starving high security level transactions, in addition to ensure the proposed serializability. Further, in distributed database systems, an atomic commitment protocol is needed to terminate distributed transactions consistently. To meet MLS requirements and to avoid database inconsistencies 2PC commit protocol is also modified.
    11/2007: pages 219-233;

Full-text (2 Sources)

Available from
Jun 5, 2014