TY - GEN
T1 - Multiphase damage confinement system for databases
AU - Liu, Peng
AU - Wang, Ying
PY - 2003/1/1
Y1 - 2003/1/1
N2 - Damage confinement is a critical aspect of database survivability. Damaged data items of a database should not be allowed to access until they are repaired. Traditional database damage confinement is one phase, that is, a damaged data item is confined only after it is identified as corrupted, and one- phase damage confinement has a serious problem, that is, during damage assessment serious damage spreading can be caused. In this paper, we present the design and implementation of a multiphase database damage confinement system, called DDCS. The damage confinement process of DDCS has one confining phase, which instantly confines the damage that might have been caused by the intrusion(s) as soon as the intrusion(s) are detected, and one or more later on unconfining phases to unconfine the data items that are mistakenly confined during the confining phase and the items that are repaired. In this way, DDCS ensures no damage spreading during damage assessment. DDCS can confine the damage caused by multiple malicious transactions in a concurrent manner. DDCS is built on top of a commercial database server. DDCS is transparent to end users, and the performance penalty of DDCS is reasonable.
AB - Damage confinement is a critical aspect of database survivability. Damaged data items of a database should not be allowed to access until they are repaired. Traditional database damage confinement is one phase, that is, a damaged data item is confined only after it is identified as corrupted, and one- phase damage confinement has a serious problem, that is, during damage assessment serious damage spreading can be caused. In this paper, we present the design and implementation of a multiphase database damage confinement system, called DDCS. The damage confinement process of DDCS has one confining phase, which instantly confines the damage that might have been caused by the intrusion(s) as soon as the intrusion(s) are detected, and one or more later on unconfining phases to unconfine the data items that are mistakenly confined during the confining phase and the items that are repaired. In this way, DDCS ensures no damage spreading during damage assessment. DDCS can confine the damage caused by multiple malicious transactions in a concurrent manner. DDCS is built on top of a commercial database server. DDCS is transparent to end users, and the performance penalty of DDCS is reasonable.
UR - http://www.scopus.com/inward/record.url?scp=84904298666&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84904298666&partnerID=8YFLogxK
M3 - Conference contribution
SN - 9781475764130
T3 - IFIP Advances in Information and Communication Technology
SP - 75
EP - 87
BT - Research directions in Data and Applications Security - IFIP TC11/WG11.3 16th Annual Conference on Data and Applications Security
PB - Springer New York LLC
T2 - IFIP TC11/WG11.3 16th Annual Conference on Data and Applications Security
Y2 - 28 July 2002 through 31 July 2002
ER -