This research explores the implications of multilevel security on database concurrency control. Transactions management that provides transparency to concurrency and to failure is vital for Multilevel Secure Database Management Systems (MLS/DBMSs). Concurrent execution of transactions may lead to contention among users for access to data, which in MLS/DBMSs may lead to security problems. Data Conflict-Security (DC-Security) identifies a class of covert channels that are caused by contention for access to shared data. This work formalizes the notion of Data Conflict-Security through the use of a formal security model (Theory of Noninterference) and formal models of database concurrency control. Necessary and sufficient conditions are derived for DC-Security, and a new DC-Secure scheduler for MLS/DBMSs is developed in order to examine related implementation and performance issues. The resulting rigorous theoretical framework for verifying claims of security for transaction schedulers provides a method for determining the security properties of a concurrency control method in a wide area of database applications where both security and fast, reliable transaction processing are of primary concern.
