Towards database firewalls

Kun Bai, Hai Wang, Peng Liu

Research output: Contribution to journalConference articlepeer-review

4 Scopus citations


Authentication based access control and integrity constraints are the major approaches applied in commercial database systems to guarantee information and data integrity. However, due to operational mistakes, malicious intent of insiders or identity fraud exploited by out-siders, data secured in a database can still be corrupted. Once attacked, database systems using current survivability technologies cannot continue providing satisfactory services according to differentiated information assurance requirements. In this paper, we present the innovative idea of a database firewall, which can not only serve differentiated information assurance requirements in the face of attacks, but also guarantee the availability and the integrity of data objects based on user requirements. Our approach provides a new strategy of integrity-aware data access based on an on-the-fly iterative estimation of the integrity level of data objects. Accordingly, a policy of transaction filtering will be dynamically enforced to significantly slow down damage propagation with minimum availability loss. μ IFIP International Federation for Information Processing 2005.

Original languageEnglish (US)
Pages (from-to)178-192
Number of pages15
JournalLecture Notes in Computer Science
StatePublished - 2005
Event19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security - Storrs, CT, United States
Duration: Aug 7 2005Aug 10 2005

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Towards database firewalls'. Together they form a unique fingerprint.

Cite this