Fourth European Symposium on Research in Computer Security (ESORICS 96)
The Impact of Multilevel Security on Database Buffer Management
Andrew Warner, Qiang Li, Thomas Keefe, Shankar Pal
Abstract : Multilevel security introduces new constraints on methods for DBMS buffer management. Design issues include buffer allocation across security levels, secure page replacement, and reader/writer synchronization. We present a client/buffer manager interface with a set of synchronization guarantees that does not delay low writers in the presence of concurrent high readers, an allocation scheme that partitions slots by security level but allows buffers, underutilized at the low level, to be used by subjects at high levels using a technique we call "slot stealing." We also propose a general page replacement algorithm and methods of synchronizing readers and writers that involve varying degrees of page replication. We use simulation to investigate the performance characteristics of the various solutions.
Proceedings table of contents