Return to search

Policies Based Intrusion Response System for DBMS

Relational databases are built on Relational Model
proposed by Dr. E. F. Codd. The relational model has
become a consistent and widely used DBMS in the world.
The databases in this model are efficient in storing and
retrieval of data besides providing authentication through
credentials. However, there might be many other attacks
apart from stealing credentials and intruding database.
Adversaries may always try to intrude into the relational
database for monetary or other gains [1]. The relational
databases are subjected to malicious attacks as they hold
the valuable business data which is sensitive in nature.
Monitoring such database continuously is a task which is
inevitable keeping the importance of database in mind.
This is a strategy that is in top five database strategies as
identified by Gartner research which are meant for getting
rid of data leaks in organizations [2]. There are regulations
from governments like US with respect to managing data
securely. The data management like HIAPP, GLBA, and
PCI etc. is mentioned in the regulations as examples. / Intrusion detection systems play an important role in detecting
online intrusions and provide necessary alerts. Intrusion detection
can also be done for relational databases. Intrusion response
system for a relational database is essential to protect it from
external and internal attacks. We propose a new intrusion
response system for relational databases based on the database
response policies. We have developed an interactive language
that helps database administrators to determine the responses to
be provided by the response system based on the malicious
requests encountered by relational database. We also maintain a
policy database that maintains policies with respect to response
system. For searching the suitable policies algorithms are
designed and implemented. Matching the right policies and
policy administration are the two problems that are addressed in
this paper to ensure faster action and prevent any malicious
changes to be made to policy objects. Cryptography is also used
in the process of protecting the relational database from attacks.
The experimental results reveal that the proposed response
system is effective and useful.

Identiferoai:union.ndltd.org:arizona.edu/oai:arizona.openrepository.com:10150/271494
Date01 December 2012
CreatorsNayeem, Fatima, Vijayakamal, M.
ContributorsDept of CSE, JNTU H, Sridevi Womens Engimeering College Hyderabad, Andhra Pradesh, India, Dept of CSE, JNTU H, Sridevi Womens Engimeering College Hyderabad, Andhra Pradesh, India
PublisherIJCSN
Source SetsUniversity of Arizona
LanguageEnglish
Detected LanguageEnglish
TypeTechnical Report
RelationIJCSN-2012-1-6-46, 110, http://ijcsn.org/IJCSN-2012/1-6/IJCSN-2012-1-6-46.pdf

Page generated in 0.0013 seconds