Skip to Main Content
Information systems are required to be not only secure but also consistent in presence of security threats and multiple conflicting transactions. There are many discussions on each of the security and concurrency control. In this paper, we discuss a novel synchronization protocol to make an information system secure and consistent. In the role-based access control model, authorized access requests are specified in roles. A transaction issued by a subject is assigned with a subfamily of roles named purpose. Based on the purpose concept, we discuss how to prevent illegal information flow to occur by performing conflicting transactions in a serializable way.