@inproceedings{6e85e9c24b0844d4af84bd794729d2a7,
title = "Architectures for intrusion tolerant database systems",
abstract = "In this paper, we propose four architectures for intrusion-tolerant database systems. While traditional secure database systems rely on prevention controls, an intrusion-tolerant database system can operate through attacks in such a way that the system can continue delivering essential services in the face of attacks. With a focus on attacks by malicious transactions, Architecture I can detect intrusions, and locate and repair the damage caused by the intrusions. Architecture II enhances Architecture I with the ability to isolate attacks so that the database can be immunized from the damage caused by a lot of attacks. Architecture III enhances Architecture I with the ability to dynamically contain the damage in such a way that no damage will leak out during the attack recovery process. Architecture IV enhances Architectures II and III with the ability to adapt the intrusion-tolerance controls to the changing environment so that a stabilized level of trustworthiness can be maintained. Architecture V enhances Architecture IV with the ability to deliver differential, quantitative QoIA services to customers who have subscribed for these services even in the face of attacks.",
author = "Peng Liu",
note = "Publisher Copyright: {\textcopyright} 2003 IEEE.; Foundations of Intrusion Tolerant Systems, OASIS 2003 ; Conference date: 01-12-2003",
year = "2003",
doi = "10.1109/FITS.2003.1264924",
language = "English (US)",
series = "Foundations of Intrusion Tolerant Systems, OASIS 2003",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "3--13",
editor = "Lala, {Jaynarayan H.}",
booktitle = "Foundations of Intrusion Tolerant Systems, OASIS 2003",
address = "United States",
}