Study On Adaptive System Architecture For Intrusion-tolerant Databases And It's Key Technology

Intrusion tolerance (IT) is a new approach of information security that has slowly emerged during the past decade, and gained impressive momentum recently. Traditional database information security research focused on how to defend against them, such as authentication, encryption, access control, firewall, Intrusion Detection, its goal is to establish a more secure database system, but can not resist all the intrusions, and powerless to do anything more for the internal attacks, more over could not adapt to the ever-changing environment. However Adaptive Intrusion Tolerant Database System is such a system that aiming to continue delivering essential services for legal users under malicious attacks, dynamically adopt various intrusion tolerance strategy to ensure availability, integrity and confidentiality to the database data, and adaptively enhance the system's intrusion-tolerant ability.The paper begins with a detailed exploration of intrusion tolerance technology, explains the realization of intrusion tolerance technology, gives a sort research based on applying types, research level, and research issue, introduces the status in this area domestic and abroad. Then setting off from systematic entirety, and on the bases of the security of database system, we put forward a multi layer intrusion tolerant security model——An Adaptive Architecture for Intrusion-tolerant Databases on Role-Based Access Control. Redundancy and diversity technology are used in this design, which ensures system's survivability. Another, the technologies of Role-Based Access Control(RBAC) and Neural Networks etc bring dynamically Intrusion-tolerant policy to this new architecture, and better flexibility is gained. At last, transaction level intrusion-tolerant is offered, which could resist inside attacks.Detailed description about the key technology in this architecture is carried out. Then we have done an analyze to the key factors which effect system performance. At the end, the paper discusses the directions about the intrusion tolerance existing problems and the research.The paper presents an intrusion tolerance database system model,which adopted RBAC, secret shares, indirectly interview, redundancy with variety etc technique, therefore have the redundancy, safe, flexible intrusion tolerant ability etc characteristics. The system is done not depend on safety of single parts. Even a certain module was offended to break,the whole system also can't be paralyzed by the invader. In addition, database is established on top of the COTS characteristics of low cost, expands easily, because of intrusion tolerance groupware, therefore it still has short Development period etc.