Dynamic data recovery for database systems based on fine grained transaction log

Data recovery techniques for malicious transactions are increasingly becoming an important issue since the security for DBMSs are mainly prevention based, and they cannot defend systems from unknown attacks. Survivability and availability are essential for modern DBMSs, which require the database provide continuous services in the period of recovery, namely dynamic recovery. In this paper, we presented a data recovery model and introduce extended read-write dependency and phantoms dependency to the model. A fine grained transaction log is proposed for data recovery. The log records all the data items of the read and update-involved operations for the committed transactions, and even extracts data items read by the subqueries in the SQL statements. Based on the log, we develop a dynamic recovery system to implement the data recovery model. The system could provide continuous services while the recovery is processing. Experiments based on TPC-W benchmark show that the dynamic recovery system is high-efficient and reliable.

[1]  Uffe Kock Wiil,et al.  Proceedings of the 1998 ACM Symposium on Applied Computing, SAC'98, February, Atlanta, GA , 1998 .

[2]  Sushil Jajodia,et al.  Recovery from Malicious Transactions , 2002, IEEE Trans. Knowl. Data Eng..

[3]  Brajendra Panda,et al.  Transaction Fusion: A Model for Data Recovery from Information Attacks , 2004, Journal of Intelligent Information Systems.

[4]  Peng Liu,et al.  Self-healing workflow systems under attacks , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..

[5]  Peng Liu,et al.  Modeling and Evaluating the Survivability of an Intrusion Tolerant Database System , 2006, ESORICS.

[6]  Peng Liu,et al.  ODAR: An On-the-fly Damage Assessment and Repair System for Commercial Database Applications , 2001, DBSec.

[7]  Brajendra Panda,et al.  An overview of post information warfare data recovery , 1998, SAC '98.

[8]  Peng Liu Architectures for intrusion tolerant database systems , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[9]  Sushil Jajodia,et al.  Rewriting Histories: Recovering from Malicious Transactions , 2004, Distributed and Parallel Databases.

[10]  Tzi-cker Chiueh,et al.  Design, implementation, and evaluation of a repairable database management system , 2004, 20th Annual Computer Security Applications Conference.