We are developing an open standard for secure distributed transaction processing (SDTP). The standard allows multiple application programs to share resources securely while coordinating their work into concurrent transactions that appear to be atomic. Distributed transaction processing is ubiquitous in commercial and military applications, many of which have high demands for security.
The proposed standard consists of a reference architecture, several reference designs, and several reference implementations. The SDTP reference architecture is an extension of the X/Open distributed transaction processing (DTP) standard that enforces multilevel security. It is precise, executable, and compact -- building on our existing formalizations of the X/Open DTP standard in the SADL structural architectural definition language.
SDTP reference designs capture common single-level and multilevel configurations. For example, a given configuration may have a multilevel application running on single-level resource managers. The designs bridge the gap between the reference architecture and its reference implementations -- enabling faster, more reliable development of SDTP products.
An SDTP reference implementation has been developed for one of the reference designs. The implementation can be compiled on a variety of platforms and operating systems and linked into application programs. Remote communication employs an emerging open standard for secure socket-level communication.
The three-tiered standard is being validated by formal proof. A demonstration instance of the SDTP standard has been developed, containing resource managers that involve single-level and multilevel, off-the-shelf databases as well as a multilevel transaction manager.
ARPA Information Technology Office