Costich, O. and McDermott, J., "A Multilevel Transaction Problem for 
   Multilevel Secure Database Systems and Its Solution for the Replicated
   Architecture", Proc. 1992 IEEE Computer Society Symposium on Research in
   Security and Privacy, Oakland, California, May 1992, pp. 192-203.
   <a href="1992costich-sp.ps">
    PostScript</a>

<blockquote>
A user of a database management system has an intuitive idea of a
transaction as a sequence of database commands that he or she submits.
The user expects this sequence of commands to be executed in the order
of submission, without interference from other database commands
submitted by other users. Techniques for doing this while concurrently
supporting multiple database users are well known for conventional
(i.e., not multilevel) database systems. Most of the transaction
management theory for multilevel secure database systems has been
developed for transactions that act within a single security class. In
this paper, we look at transactions that act across security classes,
that is, the transaction is a multilevel sequence of database commands,
which more closely resemble user expectations. We then give an
algorithm for controlling concurrent execution of these transactions on
a particular multilevel secure database architecture.
</blockquote>