Secure Nested Transactions
نویسندگان
چکیده
Preventing the writing of sensitive information to a “low” database variable is insufficient, since the use of locks to synchronize accesses to the database provide a covert channel. In this example, T1 signals to T2 by locking X but not Y. In multilevel databases, this leak is prevented by allowing the low transaction to implicitly pre-empt the high transaction when the latter holds a resource that former requires [1]. More recently information flow control has been investigated in the realm of language-based security, as an endto-end security property of software systems that can be to some extent checked by compilers [2]. The key insight in this work is that noninterference can be related to the control flow in a program, so that indirect leaks through the control flow may be prevented via a type-based control flow analysis. For example, in the following program, there is an apparent information leak due to the writing to “low” variable Y after reading “high” variable X:
منابع مشابه
Transactional Correctness for Secure Nested Transactions
Secure Nested Transactions are an adaptation of traditional nested transactions to support the synergy of language-based security and multi-level database security. They have application in security for enterprise applications, where transactional semantics are a critical feature in middleware systems. This article considers correctness in terms of transactional properties for secure nested tra...
متن کاملSecurity Correctness for Secure Nested Transactions
This article considers the synthesis of two long-standing lines of research in computer security: security correctness for multilevel databases, and language-based security. The motivation is an approach to supporting multilevel and multilateral security for a wide class of enterprise applications, those of concurrent transactional applications. The approach extends nested transactions with ret...
متن کاملSecure Bio-Cryptographic Authentication System for Cardless Automated Teller Machines
Security is a vital issue in the usage of Automated Teller Machine (ATM) for cash, cashless and many off the counter banking transactions. Weaknesses in the use of ATM machine could not only lead to loss of customer’s data confidentiality and integrity but also breach in the verification of user’s authentication. Several challenges are associated with the use of ATM smart card such as: card clo...
متن کاملReliable Scheduling of Advanced Transactions
The traditional transaction processing model is not suitable for many advanced applications, such as those having long duration or those consisting of co-operating activities. Researchers have addressed this problem by proposing various new transaction models capable of processing advanced transactions. Advanced transactions are characterized by having a number of component subtransactions whos...
متن کاملSerializability of Nested Transactions in Multidatabases
The correctness of nested transactions for multidatabases dif fers from that of at transactions in that for nested transactions the execution order of siblings at each related site should also be consistent In this paper we rst propose a simple but powerful theory for the se rializability of nested transactions in multidatabases and then a tech nique called Nested Tickets Method for Nested Tran...
متن کاملNested Transactions with Integrity Constraints
This paper presents a solution to check integrity constraints in database systems supporting nested transactions. Using nested transactions allows to introduce parallelism inside a transaction and to partially recover failing transactions by deening a hierarchy of sub-transactions. If a constraint is violated by some sub-transactions, it is possible to reach the validation of the nested transac...
متن کامل