6. Conclusions 4.3 Impacts of Partial Security Policies 5. Related Work

It needs further study to find out whether this way of enforcing the requirements provides the same level of flexibility in specifying the requirements and reduced system overhead compared with the current method of rule enforcement. George and Haritsa studied the problem of combining real-time and security requirements [4]. They examined real-time concurrency control protocols to identify the ones that can support the security requirement of non-interference. This work is fundamentally different from our work because they make the assumption that security must always be maintained. In their work, it is not permissible to allow a security violation in order to improve on real-time performance. In this paper, we have presented policies to allow the union of security and real-time requirements in database systems. An important part of this union is the definition of partial security. The definition allows potential information flow through covert channels in order to improve real-time performance, yet does not entirely compromise the security of the entire database system. However, database designers must be careful with violations between transactions whose security levels differ greatly. If a violation is allowed between transactions, say, at the highest and lowest security levels, no partial security remains in the system at all. In a system with many such conflicts, it may be very difficult to improve on real-time performance. However, it is essential that the system designer can specify how to manage the system security and real-time requirements in a controlled manner in real-world applications. We have come up with a scheme that allows database designers to create rules at whatever level of detail that is appropriate. These rules can then be analyzed by a tool, which allows designers to create a database and easily make conscious decisions about the partial security of the database. The tool can also automates the process of scanning through the complex dependencies of a database specification to find conflicts. It then informs the user of the consequences of violating security for each conflict. Currently, we have a tool that can analyze transactions completely specified in detail level 1. This tool parses a database description, analyzes the dependencies and conflicts , and then goes through an interactive process with the designer to specify rules for all possible conflicts. Our future work includes extending this tool to handle more complex rules and to allow the designer to describe a higher-level description of the system requirements. We …