Abstract
Database systems for real-time applications must satisfy timing constraints associated with transactions, in addition to maintaining data consistency. In addition to real-time requirements, security is usually required in many applications. Multilevel security requirements introduce a new dimension to transaction processing in real-time database systems. In this paper, we argue that due to the conflicting goals of each requirement, trade-offs need to be made between security and timeliness. We first define capacity, a measure of the degree to which security is being satisfied by a system. A secure two-phase locking protocol is then described and a scheme is proposed to allow partial violations of security for improved timeliness. The capacity of the resultant covert channel is derived and a feedback control scheme is proposed that does not allow the capacity to exceed a specified upper bound.
| Original language | English |
|---|---|
| Pages (from-to) | 199-210 |
| Number of pages | 12 |
| Journal | Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy |
| State | Published - 1995 |
| Event | Proceedings of the 1995 IEEE Symposium on Security and Privacy - Oakland, CA, USA Duration: 8 May 1995 → 10 May 1995 |