Security and inference in multilevel database and knowledge-base systems
SIGMOD '87 Proceedings of the 1987 ACM SIGMOD international conference on Management of data
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures
IEEE Transactions on Knowledge and Data Engineering
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
Data Level Inference Detection in Database Systems
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
The inference problem and updates in relational databases
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Honeypots: Catching the Insider Threat
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Transaction fusion: a model for data recovery from information attacks
Journal of Intelligent Information Systems - Special issue: Database and applications security
Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead
Knowledge Acquisition and Insider Threat Prediction in Relational Database Systems
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Malicious Modification Attacks by Insiders in Relational Databases: Prediction and Prevention
SOCIALCOM '10 Proceedings of the 2010 IEEE Second International Conference on Social Computing
NSS '10 Proceedings of the 2010 Fourth International Conference on Network and System Security
Predicting and preventing insider threat in relational database systems
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Hi-index | 0.00 |
This paper demonstrates how to prevent or mitigate insider threats in relational databases. It shows how different order of accesses to the same data items may pose different levels of threat. Moreover, it states the conditions that are required to regard a data item as expired. In addition, it introduces the two different methods of executing insiders' tasks, and how to prevent insider threat in those. The models presented in this paper organize accesses to data items in a particular sequence so that the availability of data items is maximized and the expected threat is minimized to the lowest level. Furthermore, it determines when to give an insider an incorrect but acceptable value of a risky data item in order to prevent a possible threat.