| Traditional database security mechanisms are very limited in defending successful data attacks. Authorized but malicious transactions can make a database useless by impairing its integrity and availability. Intrusion detection techniques are therefore used to supplement them. However, damage could have occurred before an intrusion is detected. In many computing systems the requirement for a high degree of soundness of intrusion reporting can yield poor performance in detection intrusion and cause long detection latency. As a result, serious damage can be caused either because many intrusions are never detected or the average detection latency is too long.In this paper, we analyze the research state of database intrusion tolerance. Then, compared to traditional design of database intrusion tolerance by copying the entire database, we provide a transaction level attack isolation model, and summarize isolation algorithm: version control algorithm, conflict identification and resolution algorithm, and merging algorithm, and to solve the damage spreading caused by intrusion detection latency. It isolates likely suspicious actions before a definite determination of intrusion is reported. In this way, the database can be immunized from many malicious transactions. If it turns out that the isolated transaction is benign, it will be merged to real database by merging algorithm. In most of this paper, we survey a design of transaction level attack isolation system prototype, denoted TLAIDB.TLAIDB is a COTS-DBMS-specific implementation of a general isolation algorithm. TLAIDB uses triggers and transaction profiles to keep track of the items read and written by transactions, isolates attacks by rewriting user SQL statements, locates damage by keeping track of relations among transactions, repairs damage by executing specific merging transaction, and is transparent to end users. In this paper, the... |
PDF Full Text Request