ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

Secure Concurrency Control in Firm Real-Time Database Systems

George, Binto and Haritsa, Jayant R (2000) Secure Concurrency Control in Firm Real-Time Database Systems. In: Distributed and Parallel Databases, 8 (1). 41 -83.

[img] PDF
secure.pdf - Published Version
Restricted to Registered users only

Download (266Kb) | Request a copy
Official URL: http://www.springerlink.com/content/v3731k85037r66...

Abstract

Many real-time database applications arise in electronic financial services, safety-critical installations and military systems where enforcing security is crucial to the success of the enterprise. For real-time database systems supporting applications with firm deadlines, we investigate here the performance implications, in terms of killed transactions, of guaranteeing multilevel secrecy. In particular, we focus on the concurrency control (CC) aspects of this issue. Our main contributions are the following: First, we identify which among the previously proposed real-time CC protocols are capable of providing covert-channel-free security. Second, using a detailed simulation model, we profile the real-time performance of a representative set of these secure CC protocols for a variety of security-classified workloads and system configurations. Our experiments show that a prioritized optimistic CC protocol, OPT-WAIT, provides the best overall performance. Third, we propose and evaluate a novel "dual-CC" approach that allows the real-time database system to simultaneously use different CC mechanisms for guaranteeing security and for improving real-time performance. By appropriately choosing these different mechanisms, concurrency control protocols that provide even better performance than OPT-WAIT are designed. Finally, we propose and evaluate GUARD, an adaptive admission-control policy designed to provide fairness with respect to the distribution of killed transactions across security levels. Our experiments show that GUARD efficiently provides close to ideal fairness for real-time applications that can tolerate covert channel bandwidths of upto one bit per second.

Item Type: Journal Article
Additional Information: Copyright of this article belongs to Springer.
Department/Centre: Others
Date Deposited: 30 Sep 2010 09:20
Last Modified: 30 Sep 2010 09:20
URI: http://eprints.iisc.ernet.in/id/eprint/32547

Actions (login required)

View Item View Item