Application-level isolation to cope with malicious database users
作者: S. Jajodia , Peng Liu , C.D. McCollum
关键词:
摘要: System protection mechanisms such as access controls can be fooled by authorized but malicious users, masqueraders, and misfeasors. Intrusion detection techniques are therefore used to supplement them. The capacity of these techniques, however is limited: innocent users may mistaken for ones while stay at large. Isolation a method that has been applied protect systems from damage investigating further. This paper proposes the use isolation an application level gain its benefits minimizing loss resources productive work in case incidents later deemed innocent. We describe our scheme database context. It isolates transparently further suspected malicious, still maintaining continued availability their transactions. complicated inconsistencies develop between isolated versions. present both static dynamic approaches identify resolve conflicts. Finally, we give several examples applications which should worthwhile able achieve good performance.
elsevier.com
sci-hub.se 参考文章(8)
Nathan Goodman, Philip A. Bernstein, Vassco Hadzilacos, Concurrency Control and Recovery in Database Systems ,(1987)
Teresa F. Lunt, A survey of intrusion detection techniques Computers & Security. ,vol. 12, pp. 405- 418 ,(1993) , 10.1016/0167-4048(93)90029-5
Susan B. Davidson, Optimism and consistency in partitioned distributed database systems ACM Transactions on Database Systems. ,vol. 9, pp. 456- 481 ,(1984) , 10.1145/1270.1499
Donald B. Johnson, Finding All the Elementary Circuits of a Directed Graph SIAM Journal on Computing. ,vol. 4, pp. 77- 84 ,(1975) , 10.1137/0204007
P. Ammann, S. Jajodia, C.D. McCollum, B.T. Blaustein, Surviving information warfare attacks on databases ieee symposium on security and privacy. pp. 164- 174 ,(1997) , 10.1109/SECPRI.1997.601331
J. McDermott, D. Goldschlag, Towards a model of storage jamming Proceedings 9th IEEE Computer Security Foundations Workshop. pp. 176- 185 ,(1996) , 10.1109/CSFW.1996.503703
D. Goldschlag, J. McDermott, Storage jamming Proceedings of the ninth annual IFIP TC11 WG11.3 working conference on Database security IX : status and prospects: status and prospects. pp. 365- 381 ,(1996)
Biswanath Mukherjee, L Todd Heberlein, Karl N Levitt, None, Network intrusion detection IEEE Network. ,vol. 8, pp. 26- 41 ,(1994) , 10.1109/65.283931