Concurrency control and recovery in database systems
Concurrency control and recovery in database systems
Integrity control in relational database systems: an overview
Data & Knowledge Engineering
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for certified binaries
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Recovery from Malicious Transactions
IEEE Transactions on Knowledge and Data Engineering
Using Checksums to Detect Data Corruption
EDBT '00 Proceedings of the 7th International Conference on Extending Database Technology: Advances in Database Technology
Using a High-Performance, Programmable Secure Coprocessor
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Architectures for Intrusion Tolerant Database Systems
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Towards a model of storage jamming
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Multi-Phase Damage Confinement in Database Systems for Intrusion Tolerance
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Data Dependency Based Recovery Approaches in Survival Database Systems
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part II
Hi-index | 0.00 |
Authentication based access control and integrity constraints are the major approaches applied in commercial database systems to guarantee information and data integrity. However, due to operational mistakes, malicious intent of insiders or identity fraud exploited by outsiders, data secured in a database can still be corrupted. Once attacked, database systems using current survivability technologies cannot continue providing satisfactory services according to differentiated information assurance requirements. In this paper, we present the innovative idea of a database firewall, which can not only serve differentiated information assurance requirements in the face of attacks, but also guarantee the availability and the integrity of data objects based on user requirements. Our approach provides a new strategy of integrity-aware data access based on an on-the-fly iterative estimation of the integrity level of data objects. Accordingly, a policy of transaction filtering will be dynamically enforced to significantly slow down damage propagation with minimum availability loss.