Knowledge-based security control for on-line database transaction processing systems

Abstract

This paper considers the interrelationships between knowledge-based security, concurrency and recoverability in online database transaction processing systems (OLTP). We describe how OLTP can permit the users to carry out the desired actions, and concurrently activate scrutinizing transactions that identify the users with respect to their biometrical or other characteristics stored in a secure knowledge database. A finite state machine model is used to design protocols for recovery, under security breaches. It is shown that the best way to achieve concurrency and recovery in OLTP is through shadowing and strict-scheduling in conjunction with certification locking or timestamping. We must, however, bear in mind that security and concurrency have conflicting requirements and at best we can achieve a compromise between them.