A multiversion transaction scheduler for centralized multilevel secure database systems

Transactions are vital for multilevel secure database management systems (MLS/DBMSs) because they provide transparency to concurrency and failure. Concurrent execution of transactions may lead to contention among subjects for access to data. In MLS/DBMSs this can lead to covert channels. Multiversion schedulers reduce the contention for access to data by maintaining multiple versions. We propose a secure multiversion scheduling protocol and demonstrate its correctness, i.e., demonstrate that it produces only serializable schedules. We develop an abstract model of a scheduler that implements the protocol and show that it is secure, i.e., satisfies the MLS noninterference assertions. Thus, an implementation which adheres to the assumptions of the abstract model will be both secure and correct. In addition, we consider a method for generating timestamps