Browse > Article

One-Snapshot Algorithm for Secure Transaction Management in Electronic Stock Trading Systems  

김남규 (한국과학기술원 경영공학과)
문송천 (한국과학기술원 경영공학과)
손용락 (서경대학교 컴퓨터공학과)
Publication Information
Journal of KIISE:Databases / v.30, no.2, 2003 , pp. 209-224 More about this Journal
Abstract
Recent development of electronic commerce enables the use of Electronic Stock Trading Systems(ESTS) to be expanded. In ESTS, information with various sensitivity levels is shared by multiple users with mutually different clearance levels. Therefore, it is necessary to use Multilevel Secure Database Management Systems(MLS/DBMSs) in controlling concurrent execution among multiple transactions. In ESTS, not only analytical OLAP transactions, but also mission critical OLTP transactions are executed concurrently, which causes it difficult to adapt traditional secure transaction management schemes to ESTS environments. In this paper, we propose Secure One Snapshot(SOS) protocol that is devised for Secure Transaction Management in ESTS. By maintaining additional one snapshot as well as working database SOS blocks covert-channel efficiently, enables various real-time transaction management schemes to be adapted with ease, and reduces the length of waiting queue being managed to maintain freshness of data by utilizing the characteristics of less strict correctness criteria. In this paper, we introduce the process of SOS protocol with some examples, and then analyze correctness of devised protocol.
Keywords
Stock Trading Systems; Covert Channel; Read-Only Transaction; Multilevel Secure Database Systems; Database Security; View Consistency;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 P. Ammann and S. Jajodia, 'A Timestamp Ordering Algorithm for Secure, Single-Version, Multi-Level Databases', Proceedings IFIP WG11.3 Working Group on Database Security, 1991
2 P. Ammann, F. Jaeckle, and S. Jajodia, 'A Two Snapshot Algorithm For Concurrency Control In Multi-Level Secure Databases,' Proceedings IEEE Computer Society Symposium on Research in Security and Privacy, 1992   DOI
3 R. Mukkamala and S. H. Son, 'A Secure Concurrency Control Protocol for Real-Time Databases,' Proceedings of Annual IFIP WG 11.3 Conference of Database Security, 1995
4 J. Goguen and J. Meseguer, 'Security Policy and Security Models,' Proceedings of IEEE Symposium on Security and Privacy, 1982
5 J. McDermott and S. Jajodia, 'Orange Locking: Channel-Free Database Concurrency Control Via Locking,' Database Security, VI: State and Prospects, Elsevier Science Publishers, 1993
6 B. Kao, K. Y. Lam, B. Adelberg, R. Cheng, and T. Lee, 'Updates and View Maintenance in Soft Real-Time Database Systems,' Proceedings ACM International Conference on Information and Knowledge Management, 1999   DOI
7 S. H. Son, 'Database Security Issues for Real-Time Electronic Commerce Systems,' IEEE Workshop on Dependable and Real-Time E-Commerce Systems, 1998
8 S. Pal, 'A Locking Protocol for MLS Databases Providing Support For Long Transactions,' Database Security IX: Status and Prospects, Chapman&Hall, 1995
9 T. Priebe and G. Pernul, 'Towards OLAP Security Design - Survey and Research Issues,' Proceedings of the ACM third international workshop on Data warehousing and OLAP, 2000   DOI
10 Turban, McLean and Wetherbe, Information Technology for Management, 2nd ed., John Wiley, 1999
11 Y. L. Sohn and S. C. Moon, 'Confidential Concurrency Control for Secure Transaction Management in Database Systems: C3,' Ph D. thesis, Korea Advanced Institute of Science and Technology, 1999
12 Bell and LaPadula, 'Secure Computer Systems: Mathematical Foundations and Model,' Technical Report, MITRE Corporation, 1974
13 B. W. Lampson, 'A Note on the Confinement Problem,' Communications of the ACM, 1973   DOI   ScienceOn
14 박찬정, 한희준, 박석, '실시간 보안 데이타베이스 시스템에서 병행수행 제어를 위한 얼림 기법', 정보과학회 논문지, 2002   과학기술학회마을
15 T. F. keefe and W. T. Tsai, 'Multiversion Concurrency Control for Multilevel Secure Database Systems,' Proceedings of IEEE Symposium on Research in Security and Privacy, 1990   DOI
16 P. A. Bernstein, V. Hadzilacos and N. Goodman, Concurrency Control and Recovery in Database Systems, Addison-Wesley, 1987
17 P. A. Bernstein and N. Goodman, 'Multiversion Concurrency Control - Theory and Algorithms,' ACM Transactions on Database Systems, 1983   DOI   ScienceOn
18 Q. Ahmed and S. Vrbsky, 'Maintaining Security in Firm Real-Time Database Systems,' Proceedings Computer Security Applications Conference, 1998   DOI
19 K. Lam, T. Kuo and L. Shu, 'On Using Similarity to Process Transactions in Stock Trading Systems,' Proceedings of the IEEE Workshop on Dependable and Real-Time E-Commerce Systems, 1998
20 K. W. Lam, S. H. Son, V. C. S. Lee and S. L. Hung, 'Using Separate Algorithms to Process Read-Only Transactions in Real-Time Systems,' IEEE Real-Time Systems Symposium, 1998   DOI
21 Herb Schwetman, 'CSIM Users' Guide for use with CSIM Revision 16,' Microelectronics and Computer Technology Corporation, 1992
22 B. George and J. Haritsa, 'Secure Concurrency Control in Finn Real-Time Database Systems,' International Journal on Distributed and Parallel Databases, 2000   DOI
23 R. Agrawal, M. J. Carey and M. Livny, 'Concurrency Control Performance Modeling: Alternatives and Implications,' ACM Transactions on Database Systems, 1987   DOI