Secure Concurrency Control in MLS Databases with Two Versions of Data

In multilevel secure database systems, higher level transactions are either delayed or aborted when they read lower level data, due to lock connicts with updating lower level transactions. Multiversion data has been suggested in the literature as a way to prevent lower reading transaction from getting delayed or aborted. In these multiversion protocols transactions that read lower level data are provided older versions of the data and thus low reading and writing operations are allowed to proceed concurrently. However almost all of these algorithms suuer from shortcomings-either they require a potentially unbounded number of versions to be maintained in the system, or they enforce a time limit in which higher level transactions have to complete. Maintaining multiple committed versions adds additional overhead to the system. Moreover, these algorithms always provide older copies of data for reading by higher level transactions which may not be acceptable for certain applications. We propose a secure concurrency control algorithm that is based on a locking strategy and that requires only two versions-one committed and one non-committed version-of data. All read operations, high or low, are performed on the previous committed version while the write operation proceeds on the uncommitted version. Thus no read operation is ever given an outdated copy. Moreover, extra overhead for version management is lesser than the other protocols because almost all transaction management systems maintains a before-image of data for recovery purposes and our scheme takes advantage of this before-image value.