Multilevel Secure Transaction Processing, 2000
Advances in Database Systems Series, Vol. 16

Information security is receiving a great deal of attention as computers increasingly process more and more sensitive information. A multilevel secure database management system (MLS DBMS) is designed to store, retrieve and process information in compliance with certain mandatory security requirements, essential for protecting sensitive information from unauthorized access, modification and abuse. Such systems are characterized by data objects labeled at different security levels and accessed by users cleared to those levels. Unless transaction processing modules for these systems are designed carefully, they can be exploited to leak sensitive information to unauthorized users.
In recent years, considerable research has been devoted to the area of multilevel secure transactions that has impacted the design and development of trusted MLS DBMS products. Multilevel Secure Transaction Processing presents the progress and achievements made in this area. The book covers state-of-the-art research in developing secure transaction processing for popular MLS DBMS architectures, such as kernelized, replicated, and distributed architectures, and advanced transaction models such as workflows, long duration and nested models. Further, it explores the technical challenges that require future attention.
Multilevel Secure Transaction Processing is an excellent reference for researchers and developers in the area of multilevel secure database systems and may be used in advanced level courses in database security, information security, advanced database systems, and transaction processing.

1. Introduction.- 1 Multilevel Secure Databases.- 2 Advanced Database Application Domains.- 3 Organization of the book.- 2. Traditional Transaction Processing.- 1 ACID Requirements.- 2 Concurrency Control Protocols.- 3 Commit Protocols.- 3. Transaction Processing in Mls Databases.- 1 Problems with solutions in traditional environment.- 2 Revised Requirements.- 3 Commercial Solutions.- 4 Research Solutions for Replicated Architecture.- 5 Research Solutions for Kernelized Architecture.- 4. Secure Transaction Processing in Real-Time Databases.- 1 Introduction to Real-Time Databases.- 2 Additional Requirements.- 3 Concurrency Control.- 4 Conclusions.- 5. Secure Workflow Transaction Processing.- 1 Introduction to Workflow Systems.- 2 Workflow Transaction Model.- 3 Multilevel Secure Workflow Model.- 4 Solutions to Execute MLS Workflows.- 5 The MLS WFMS Architecture.- 6. Secure Buffer Management.- 1 Introduction to Buffer Management.- 2 Requirements.- 3 Solutions.- 4 Secure Real-Time Database Buffer Management.- 5 Conclusions.- 7. Applications to Hierarchical and Replicated Databases.- 1 Hierarchical Databases.- 2 Replicated Databases.- 8. Challenges.- 1 Using advanced transaction model paradigms.- 2 Secure Long Duration Transaction Processing.- 3 Recovery Methods.- References.

Vijay Atluri is an Assistant Professor of Computer Information Systems and Member of the Center for Information Management, Integration and Connectivity in the Management Science and Information Systems Department at Rutgers University, Newark, NJ, USA Dr. Sushil Jajodia is Professor and Chairman of the Dept. of Information and Software Engineering, and Director of the Center for Secure Information Systems at the George Mason University, Fairfax, Virginia, USA