Detection of Malicious User in Oracle 10g DBMS and Cost of Elimination

One major difficulty faced by organizations is the protection of data against malicious access. Six security mechanisms, namely, authentication, authorization, access control, auditing, encryption and integrity control are available in Oracle 10g database management systems (DBMS). These are implemented for protecting data. These typical database security mechanisms are not able to detect and handle many data security attacks. This research resulted identification of a new security vulnerability in Oracle 10g database, coined with the name, ‘Hidden User’. We propose a new mechanism for the detection of malicious transactions by the ‘Hidden User’ and simulate solutions.

[1]  Raju Mehta Oracle Database Security , 2004, Inf. Secur. J. A Glob. Perspect..

[2]  Elisa Bertino,et al.  Database security - concepts, approaches, and challenges , 2005, IEEE Transactions on Dependable and Secure Computing.

[3]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[4]  Teresa F. Lunt,et al.  Access Control Policies for Database Systems , 1988, DBSec.

[5]  Min Wang,et al.  Cryptography and relational database management systems , 2001, Proceedings 2001 International Database Engineering and Applications Symposium.