Research On Dynamic Recovery In Database Systems

With the development of web technology, security, survivability and dependability are becoming the most important ceria in modern database systems. It is required that the database should provide a capability of dynamic self recovery in a post-intrusion database system, namely, techniques of dynamic recovery. Research on dynamic recovery improves the ability of anti-corruption of a database system. This paper addresses a number of key technologies in dynamic recovery, including the following 5 aspects: data recovery model, damage detection technique, research on dynamic recovery results consistency & recovery efficiency, damage isolation techniques in recovery period, and dynamic recovery prototype design and implementation.In context of dynamic recovery, while recovery is processing, corrupted database system can still provide services to client users. In order to improve the accuracy of damage assessment, and to enable the dynamic nature of data recovery, in this paper, we propose a data recovery model. Data recovery model consists of two sub-models: damage assessment and dynamic damage repair. Damage assessment model extends the existing model, by introducing extended read-write dependency, image dependency, pseudo-identity integrity dependency, domain integrity and reference integrity dependency between transactions into the damage assessment model. These 5 dependency relationships cause new damage propagation in database systems. The extended damage assessment model captures more damaged data and improves the accuracy of the damage assessment. The dynamic damage repair model solves a series of problems in forward recovery. We give a solution to the problem of repairing results inconsistency by introducing undo transaction schedule algorithm. We also propose a combination and removal algorithm to simplify the creation of undo transaction in order to decrease the overhead of the database system.In order to implement the damage assessment model, we propose damage detection algorithms. We use transaction history based detection methods and run-time detection technology to capture transaction that have read-write dependency, image dependency, pseudo-identity integrity dependency, domain integrity and reference integrity dependency relationships with malicious transactions, and then create undo transaction to repair data corruption.In order to avoid the inconsistent repairing results caused by schedule issues of undo transactions, and meanwhile decrease the performance overhead for database system when processing damage repair, we propose undo transaction schedule algorithm and the undo transaction redundancy and the combination algorithm. The undo transaction schedule algorithm revises the inconsistency problems of recovery results when conflict undo operations modify the same data item more than once; meanwhile, the undo transactions redundancy and combination algorithm does redundancy removal by the following solutions: merge operations operates data items that in the same tuple and remove the forward conflict operations towards the same data item and only keep the last conflict operation on the data item. By introducing the undo transactions redundancy and combination algorithm, the performance overhead decreases for the database system. To prevent the corrupted data from accessing by user transactions while recovery is processing, so as to avoid damage propagating to a larger scope, we propose a damage isolation algorithm. The damage isolation algorithm is implemented by modifying the DBMS kernel, defining, managing and activating damage isolation policies for corrupted data. Experiments show that the damage isolation algorithm is effective in ensuring the integrity of user requests and completeness of isolation. The efficiency is acceptable when introducing damage isolation techniques.Based on research above, we design and implement a dynamic recovery prototype system. The system is built between the layers of client and the database server, which has characteristics of versatile, transparency, effectiveness and efficiency. We describe the design and implementation of the key modules in the prototype system, including fine-grained transaction log module, damage detection module, data recovery module, data isolation policy management module and DBMS-kernel-based damage isolation module.