Sushil Jajodia’s research while affiliated with George Mason University and other places

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (7)


Secure Buffer Management
  • Chapter

January 2000

·

8 Reads

Vijay Atluri

·

Sushil Jajodia

·

Binto George

The focus of our previous chapters was on concurrency control related issues arise in MLS DBS environment. In this chapter, we shift our attention to another important transaction processing component, namely, buffer management. Since transactions of various security clearance levels often share the buffer pool, there arise the possibility of exploiting some of the buffer management components for covert signaling. In order to ensure the security of MLS RTDBS, buffer managers should be designed to meet the non-interference [GM82] criteria.


Traditional Transaction Processing

January 2000

·

321 Reads

The primary purpose of a database management system is to carry out transactions. A transaction is a sequence of database operations either to query or manipulate data in a shared database. The goal of a concurrency control (CC) mechanism is to preserve database integrity, even in the presence of concurrent data accesses by multiple users, by properly synchronizing simultaneous executions of transactions. This goal is best illustrated by a simple example.


Challenges

January 2000

·

8 Reads

Several secure concurrency control protocols proposed by researchers have been discussed in the earlier chapters. These protocols use a number of techniques including locking, timestamping, and a combination of both, whereas some solutions maintain multiple versions of data. As can be readily seen, due to the stringent constraints imposed by multilevel security, these proposed solutions are not completely satisfactory; they trade either performance or recency for achieving security. Yet another class of solutions offer weaker correctness, weaker than the traditional serializability.



Transaction Processing in Multilevel Secure Databases

January 2000

·

8 Reads

·

2 Citations

In this chapter, we review the research efforts towards developing secure transaction processing algorithms. A secure transaction processing protocol, in addition to complying with the two Bell-LaPadula restrictions, must be free of all covert channels. This requirements prohibits the use of conventional concurrency control and commit protocols since they are susceptible to covert channels.


Secure Transaction Processing in Real-Time Databases

January 2000

·

5 Reads

A system that is specifically designed for efficiently processing transactions with timing constraints is referred to as aReal-Time Database System(RTDBS). The objective of the system here is to meet the transaction deadlines, that is, to process transactions before their deadline expires. RTDBS’s performance is often measured in terms of miss percentage or the fraction of transactions that are unable to complete before their deadline expires. Typically, an RTDBS should keep the miss percentage as low as possible. In addition to improving real-time performance by helping the transactions to meet their individual time constraints, an RTDBS has to ensure the data integrity constraints just like in a conventional transaction processing scenario. In other words, RTDBS design becomes significantly complex due to having to address the above two constraints simultaneously. Over the past decade, a considerable amount of research has been devoted for developing priority assignment mechanisms, concurrency control techniques, buffer management policies, and transaction processing components that are specifically tailored for the RTDBS environment. However, the issue of ensuring security of RTDBS began to receive adequate research attention only recently.


Secure Workflow Transaction Processing

January 2000

·

5 Reads

In the previous chapters, we have focussed on transaction processing in traditional application domains, where transactions are short-lived and simple in structure. In this chapter, we turn our attention to transaction processing in advanced application domains, in particular, workflow environments.

Citations (1)


... Transactions can also create channels that leak information based on timing or termination [6,10]. We treat timing and termination channels as outside the scope of this work, to be handled by mechanisms such as timing channel mitigation [26,5,9]. ...

Reference:

Safe Serializable Secure Scheduling: Transactions and the Trade-off Between Security and Consistency
Transaction Processing in Multilevel Secure Databases
  • Citing Chapter
  • January 2000