| With the rapid development of information and technology, database faces more serious security situation. Research in the audit and analysis has been an important part of the area of the database. In this paper, we not only discuss the theories of audit in details, but also give the detailed discussions for NHAudit, an audit data analysis system for NHSecure which is a B1 level secure DBMS prototype. The main work and novel points of this paper are listed as follows:⑴In this paper, we review the traditional theory and implementation of audit analysis systems, and summarize the shortcomings of them.⑵Discuss the modern access control method—usage control(UCON), especially the characteristics of the mutable attribute. Taking advantage of this feature, we propose a dynamic audit plot to improve the audit generation performance. This plot is used upon the UCON. It associates audit management with the access control management to implement the self-adapting audit rules or to create the audit rules on the run, so that the system could generate as less audit logs as possible to fulfill the security analysis demand. The audit system cost will be dramatically low.⑶Propose a role-based misuse detection model which is built on the RBAC Database. This model produces the profiles on roles. So it not only could improve the accuracy of the profiles, but also could help find out some hidden troubles in privilege management in RBAC Database.⑷Introduce the implementation and the merits of the audit data analysis system for NHSecure, a B level secure DBMS prototype, in which the audit logs are all based on the table structure. And finally, we draw a conclusion for this paper and future direction in this field is discussed. |
PDF Full Text Request