{"title":"A portable implementation framework for intrusion-resilient database management systems","authors":"A. Smirnov, T. Chiueh","doi":"10.1109/DSN.2004.1311914","DOIUrl":null,"url":null,"abstract":"An intrusion-resilient database management system is the one that is capable of restoring its consistency after being compromised by a malicious attack or a human error. More specifically, an intrusion-resilient mechanism helps to quickly repair a database by nullifying the damage caused by malicious or erroneous transactions, while preserving the effects of unaffected legitimate transactions that take place between intrusions/errors and their detection. The goal of this project is to develop a portable implementation framework that can augment a commercial database management system with intrusion resilience without requiring any modifications to its internals. The intrusion resilience mechanism described in this paper significantly improves the availability of modern DBMSs by facilitating and sometimes even automating the post-intrusion damage repair process. In addition, it can be embodied in a reusable implementation framework, whose portability is demonstrated by its successful application to three different DBMSs: PostgreSQL, Oracle, and Sybase. Performance measurements on the fully operational prototypes under the TPC-C benchmark show that the run-time overhead of the intrusion-resilience mechanism is between 6% and 13%.","PeriodicalId":436323,"journal":{"name":"International Conference on Dependable Systems and Networks, 2004","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Dependable Systems and Networks, 2004","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN.2004.1311914","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 13
Abstract
An intrusion-resilient database management system is the one that is capable of restoring its consistency after being compromised by a malicious attack or a human error. More specifically, an intrusion-resilient mechanism helps to quickly repair a database by nullifying the damage caused by malicious or erroneous transactions, while preserving the effects of unaffected legitimate transactions that take place between intrusions/errors and their detection. The goal of this project is to develop a portable implementation framework that can augment a commercial database management system with intrusion resilience without requiring any modifications to its internals. The intrusion resilience mechanism described in this paper significantly improves the availability of modern DBMSs by facilitating and sometimes even automating the post-intrusion damage repair process. In addition, it can be embodied in a reusable implementation framework, whose portability is demonstrated by its successful application to three different DBMSs: PostgreSQL, Oracle, and Sybase. Performance measurements on the fully operational prototypes under the TPC-C benchmark show that the run-time overhead of the intrusion-resilience mechanism is between 6% and 13%.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
