Article

ASEP: a secure and flexible commit protocol for MLS distributed database systems

Dept. of Comput. & Inf. Sci., Michigan Univ., Dearborn, MI
IEEE Transactions on Knowledge and Data Engineering (Impact Factor: 2.07). 12/2000; 12(6):880 - 899. DOI: 10.1109/69.895800
Source: IEEE Xplore

ABSTRACT

The classical Early Prepare (EP) commit protocol, used in many
commercial systems, is not suitable for use in multi-level secure (MLS)
distributed database systems that employ a locking protocol for
concurrency control. This is because EP requires that read locks are not
released by a participant during their window of uncertainty; however,
it is not possible for a locking protocol to provide this guarantee in a
MLS system (since the read lock of a higher-level transaction on a
lower-level data object must be released whenever a lower-level
transaction wants to write the same data). The only available work in
the literature, namely the Secure Early Prepare (SEP) protocol,
overcomes this difficulty by aborting those distributed transactions
that release their low-level read locks prematurely. We see this
approach as being too restrictive. One of the major benefits of
distributed processing is its robustness to failures, and SEP fails to
take advantage of this. In this paper, we propose the Advanced Secure
Early Prepare (ASEP) commit protocol to solve the above problem,
together with a number of language primitives that can be used as system
calls in distributed transactions. These primitives permit features like
partial rollback and forward recovery to be incorporated within the
transaction model, and allow a distributed transaction to proceed even
when a participant has released its low-level read locks prematurely.
This not only offers flexibility, but can also be used, if desired, by a
sophisticated programmer to trade off consistency for atomicity of the
distributed transaction

Download full-text

Full-text

Available from: Luigi Vincenzo Mancini, Nov 29, 2013
  • [Show abstract] [Hide abstract]
    ABSTRACT: Multilevel secure transaction processing has been well explored in the past decade. Despite this research, the proposed secure concurrency control protocols are not completely satisfactory because of the stringent constraints imposed by multilevel security. In this paper, we argue that modeling a transaction as an extended transaction model could significantly reduce the performance penalty. We accomplish this by minimizing (1) the probability of restarting a high security level transaction; and (2) the portion of the transaction to be reexecuted, when a restart becomes inevitable. In particular, we exploit the non-flat nature of transactions by identifying dependencies among various components of a transaction and portraying a transaction as an advanced transaction model. We demonstrate, via formal proofs, that our approach preserves the semantics of the transaction, and our concurrency control algorithm guarantees serializability.
    No preview · Article · Jul 2002 · Informatica
  • [Show abstract] [Hide abstract]
    ABSTRACT: Majority of the research in multilevel secure database management systems (MLS/DBMS) focuses primarily on centralized database systems. However, with the demand for higher performance and higher availability, database systems have moved from centralized to distributed architectures, and the research in multilevel secure distributed database management systems (MLS/DDBMS) is gaining more and more prominence. Concurrency control is an integral part of database systems. Secure concurrency control algorithms proposed in literature achieve correctness and security at the cost of declined performance of high security level transactions. These algorithms infringe the fairness in processing transactions at different security levels. Though the performance of different concurrency control algorithms have been explored extensively for centralized multilevel secure database management systems but to the best of author's knowledge the relative performance of transactions at different security levels using secure concurrency control algorithm for MLS/DDBMS has not been reported yet. To fill this gap, this paper presents a detailed simulation model of a distributed database system and investigates the performance price paid for maintaining security with concurrency control in a distributed database system. The paper investigates the relative performance of transactions at different security levels.
    No preview · Conference Paper · Jan 2005
  • [Show abstract] [Hide abstract]
    ABSTRACT: Majority of the research in multilevel secure database management systems (MLS/DBMS) focuses primarily on centralized database systems. However, with the demand for higher performance and higher availability, database systems have moved from centralized to distributed architectures, and the research in distributed database management systems (MLS/DDBMS) is gaining more and more prominence. Concurrency control is an integral part of database systems. Secure concurrency control algorithms [15,17,18,29,] proposed in literature achieve correctness and security at the cost of declined performance of high security level transactions. These algorithms infringe the fairness in processing transactions at different security levels. Though the performance of different concurrency control algorithms have been explored extensively for centralized multilevel secure database management systems [11,31] but to the best of author’s knowledge the relative performance of transactions at different security levels using secure concurrency control algorithm for has not been reported yet. To fill this gap, this paper presents a detailed simulation model of a multilevel secure distributed database system and investigates the performance price paid for maintaining security in a MLS/DDBMS. The paper investigates the relative performance of transactions at different security levels.
    No preview · Conference Paper · Jan 2005
Show more