Sciweavers

ACSAC
1998
IEEE

Application-Level Isolation to Cope with Malicious Database Users

14 years 5 months ago
Application-Level Isolation to Cope with Malicious Database Users
System protection mechanisms such as access controls can be fooled by authorized but malicious users, masqueraders, and misfeasors. Intrusion detection techniques are therefore used to supplement them. The capacity of these techniques, however, is limited: innocent users may be mistaken for malicious ones while malicious users stay at large. Isolation is a method that has been applied to protect systems from damage while investigating further. This paper proposes the use of isolation at an application level to gain its benefits while minimizing loss of resources and productive work in the case of incidents later deemed innocent. We describe our scheme in the database context. It isolates the database transparently from further damage by users suspected to be malicious, while still maintaining continued availability for their transactions. Isolation is complicated by the inconsistencies that may develop between isolated database versions. We present both static and dynamic approaches t...
Sushil Jajodia, Peng Liu, Catherine D. McCollum
Added 04 Aug 2010
Updated 04 Aug 2010
Type Conference
Year 1998
Where ACSAC
Authors Sushil Jajodia, Peng Liu, Catherine D. McCollum
Comments (0)