Y. Sohn et S. Moon, Verified order-based secure concurrency controller in multilevel secure database management systems, IEICE T INF, E83D(5), 2000, pp. 1128-1141
While the secure concurrency controllers (SCCs) in multilevel secure databa
se systems (MLS/DBMSs) synchronize transactions cleared at different securi
ty levels, they must consider the problem of covert channel. We propose a n
eu SCC. named Verified Order-based secure concurrency controller (VO) that
founds on multiversion database. VO maintains elaborated information about
ordering relationships among transactions in a way of actively investigatin
g and renewing the ordering relationships whenever it receives operations.
With the elaborated information, it becomes capable of aborting transaction
s selectively whose non-interfered executions definitely violate one-copy s
erializability and providing more recent data versions to lead requests tha
n the other multiversion-based SCCs. Therefore, it comes to reduce the abor
t ratio and provide data versions of improved trustworthiness to transactio
ns. By virtue of the elaborated information, moreover, VO is able to distin
guish worthful versions and worthful transactions from worthless ones, so t
hat it is capable lightening the burdens of maintaining multiple versions a
nd accumulated transaction ordering relationships. For the aborts that are
inevitable for preserving one-copy serializability, VO achieves security by
deriving the conflicts to occur between transactions that have been cleare
d at the same security level.