When a malicious transaction B is detected, the
containing phase must ensure that the damage caused
directly or indirectly by B will be contained. In addition, the
containing phase must be quick enough because otherwise
either a lot of damage can leak out during the phase, or
substantial availability can be lost. Time stamps can be
exploited to achieve this goal. The containing phase can be
done by just adding an access control rule to the
Containment Executor, which denies access to the set of
objects updated during the period of time from the time B
commits to the time the containing phase starts. This period
of time is called the containing-time-window. When the
containing phase starts, every active transaction should be
aborted because they could spread damage. New
transactions can be executed only after the containing phase
ends.