论文信息 - The design of an adaptive intrusion tolerant database system

The design of an adaptive intrusion tolerant database system

This paper presents the design of an adaptive intrusion tolerant database system, called AITDB. The goal of AITDB is to provide database applications with a stabilized level of data integrity and availability in the face of attacks. Using a rule-based adaptation mechanism and a set of reconfiguration operators, AITDB automatically adapts itself to the dynamic changes of environment according to a specific set of adaptation criteria, which are determined based on the current situation of the damage (i.e., data integrity level), the attacks, the workload, the availability level, the performance, and the cost.

Peng Liu | Pramote Luenam

[1] Sushil Jajodia,et al. Using Checksums to Detect Data Corruption , 2000, EDBT.

[2] Marianne Winslett,et al. Formal query languages for secure relational databases , 1994, TODS.

[3] Nabil R. Adam,et al. Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[4] Peng Liu,et al. ODAR: An On-the-fly Damage Assessment and Repair System for Commercial Database Applications , 2001, DBSec.

[5] Sushil Jajodia,et al. Multi-phase damage confinement in database systems for intrusion tolerance , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[6] Elisa Bertino,et al. A unified framework for enforcing multiple access control policies , 1997, SIGMOD '97.

[7] Fang Chen,et al. The multilevel relational (MLR) data model , 1998, TSEC.

[8] Radek Vingralek,et al. How to build a trusted database system on untrusted storage , 2000, OSDI.

[9] Ying Wang,et al. The Design and Implementation of a Self-Healing Database System , 2004, Journal of Intelligent Information Systems.

[10] Sushil Jajodia,et al. Multilevel Secure Transaction Processing , 1999, Advances in Database Systems.

[11] Elisa Bertino,et al. A model of authorization for next-generation database systems , 1991, TODS.

[12] Bradford W. Wade,et al. An authorization mechanism for a relational database system , 1976, TODS.