Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
The design and implementation of a self-healing database system
Journal of Intelligent Information Systems - Special issue: Database and applications security
Specifying and using intrusion masking models to process distributed operations
Journal of Computer Security
International Journal of Information and Computer Security
Detecting anomalous access patterns in relational databases
The VLDB Journal — The International Journal on Very Large Data Bases
Mechanisms for database intrusion detection and response
Proceedings of the 2nd SIGMOD PhD workshop on Innovative database research
Data Dependency Based Recovery Approaches in Survival Database Systems
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part II
Responding to Anomalous Database Requests
SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management
Dynamic data recovery for database systems based on fine grained transaction log
IDEAS '08 Proceedings of the 2008 international symposium on Database engineering & applications
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
A data damage tracking quarantine and recovery (DTQR) scheme for mission-critical database systems
Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology
Honeybee-Based Model to Detect Intrusion
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Analysis of Data Dependency Based Intrusion Detection System
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Context-Based Constraints in Security: Motivations and First Approach
Electronic Notes in Theoretical Computer Science (ENTCS)
Optimizing security measures in an intrusion tolerant database system
ISAS'08 Proceedings of the 5th international conference on Service availability
A data-centric approach to insider attack detection in database systems
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Dynamic damage recovery for web databases
Journal of Computer Science and Technology
Towards mechanisms for detection and prevention of data exfiltration by insiders: keynote talk paper
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Availability analysis of an IMS-based VoIP network system
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Modeling and evaluating the survivability of an intrusion tolerant database system
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
A dead-lock free self-healing algorithm for distributed transactional processes
ICISS'06 Proceedings of the Second international conference on Information Systems Security
| Hi-index | 0.00 |
In this paper, we propose four architectures forintrusion-tolerant database systems. While traditional securedatabase systems rely on prevention controls, anintrusion-tolerant database system can operate through attacksin such a way that the system can continue deliveringessential services in the face of attacks. With a focus onattacks by malicious transactions, Architecture I can detectintrusions, and locate and repair the damage caused by theintrusions. Architecture II enhances Architecture I with theability to isolate attacks so that the database can be immunizedfrom the damage caused by a lot of attacks. ArchitectureIII enhances Architecture I with the ability to dynamicallycontain the damage in such a way that no damagewill leak out during the attack recovery process. ArchitectureIV enhances Architectures II and III with the ability toadapt the intrusion-tolerance controls to the changing environmentso that a stabilized level of trustworthiness can bemaintained. Architecture V enhances Architecture IV withthe ability to deliver differential, quantitative QoIA servicesto customers who have subscribed for these services even inthe face of attacks.