Verified order-based secure concurrency controller in multilevel secure database management systems

While the secure concurrency controllers (SCCs) in multilevel secure databa se systems (MLS/DBMSs) synchronize transactions cleared at different securi ty levels, they must consider the problem of covert channel. We propose a n eu SCC. named Verified Order-based secure concurrency controller (VO) that founds on multiversion database. VO maintains elaborated information about ordering relationships among transactions in a way of actively investigatin g and renewing the ordering relationships whenever it receives operations. With the elaborated information, it becomes capable of aborting transaction s selectively whose non-interfered executions definitely violate one-copy s erializability and providing more recent data versions to lead requests tha n the other multiversion-based SCCs. Therefore, it comes to reduce the abor t ratio and provide data versions of improved trustworthiness to transactio ns. By virtue of the elaborated information, moreover, VO is able to distin guish worthful versions and worthful transactions from worthless ones, so t hat it is capable lightening the burdens of maintaining multiple versions a nd accumulated transaction ordering relationships. For the aborts that are inevitable for preserving one-copy serializability, VO achieves security by deriving the conflicts to occur between transactions that have been cleare d at the same security level.