Multilevel Secure Transaction Processing

Jajodia, Sushil; Atluri, Vijayalakshmi; Keefe, T.F.; McCollum, Catherine D.; Mukkamala, Ravi

doi:10.1007/978-1-4615-4553-8

Cited by 21 publications

(16 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Consideration of covert channels requires particular care in the design of the enforcement mechanism. For instance, locking and concurrency mechanisms must be revised and be properly designed [7]. A complication in their design is that care must be taken to avoid the policy for blocking covert channels to introduce denials-of-service.…”

Section: Limitations Of Mandatory Policiesmentioning

confidence: 99%

“…In a closed policy approach, we would have to express the above requirement by specifying a positive authorization for each member of the group except Bob. 7 However, if we combine positive and negative authorizations we can specify the same requirement by granting a positive authorization to the group and a negative authorization to Bob.…”

Section: Expanding Authorizationsmentioning

confidence: 99%

See 1 more Smart Citation

Access Control: Policies, Models, and Mechanisms

Samarati

Vimercati

2001

Lecture Notes in Computer Science

448

289

View full text Add to dashboard Cite

Abstract. Access control is the process of mediating every request to resources and data maintained by a system and determining whether the request should be granted or denied. The access control decision is enforced by a mechanism implementing regulations established by a security policy. Different access control policies can be applied, corresponding to different criteria for defining what should, and what should not, be allowed, and, in some sense, to different definitions of what ensuring security means. In this chapter we investigate the basic concepts behind access control design and enforcement, and point out different security requirements that may need to be taken into consideration. We discuss several access control policies, and models formalizing them, that have been proposed in the literature or that are currently under investigation.

show abstract

Section: Limitations Of Mandatory Policiesmentioning

confidence: 99%

Section: Expanding Authorizationsmentioning

confidence: 99%

Access Control: Policies, Models, and Mechanisms

Samarati

Vimercati

2001

Lecture Notes in Computer Science

448

289

View full text Add to dashboard Cite

show abstract

“…In fact, we must do that not all, even some of the attacks should be ward off at the outset. Several security techniques have been proposed to ward off the attacks in databases such as control [2], [15], authorization mechanisms [3], [4], [16] and distributed secure transaction processing [5]. These are very limited bound to ward off to attacks.…”

Section: Introductionmentioning

confidence: 99%

A Resilient Failure Evaluation and Patch-up (R-FEP) Algorithm for Heterogeneous Distributed Databases

Ramesh¹,

Kumar²,

Kumar³

2013

IJCA

View full text Add to dashboard Cite

Blocking methodologies sometimes fail to stop malicious things. Attacks on data oriented applications are a serious threat as per the database management systems concern. The required objective of such environment is to find out the mean time attacks and patch up the failures within the stipulated time. This manuscript represents a failure (attacked) evaluation and patch up instances in distributed database systems. The problems like partition, transaction commitment, and failures state that recovery is much more challenging in databases. This manuscript focuses on the challenges and makes an efficient concern with respect to distributed failure evaluation and recovery.

show abstract

“…A broad span of research from authorization [3,4,5], to inference control [1], to multilevel secure databases [6,7], and to multilevel secure transaction processing [2], addresses primarily how to protect the security of a database. One critical step towards attack resilient database systems is intrusion detection (10).…”

Section: Introductionmentioning

confidence: 99%

ODAR: An On-the-fly Damage Assessment and Repair System for Commercial Database Applications

Luenam¹,

Liu²

2002

Database and Application Security XV

View full text Add to dashboard Cite

Abstract:Tbis paper presents the design and implementation of an on-the-fly damage assessment and repair tool for intrusion tolerant commercial database applications, called ODAR. ODAR is a COTS-DBMS-specific implementation of a general on-the-fly damage assessment and repair approach developed by P. Ammann, S. Jajodia, and P. Liu in [8J. Tbe general approach, given a set of malicious transactions reported by an intrusion detector,locates and repairs the damage caused by each malicious transaction on the database, along with the damage caused by any benign transaction that is affected, directly or indirectly, by a malicious transaction. Tbe general approach locates and repairs damage on-the-fly without the need to periodically halt normal transaction processing. In this paper, the development of the first ODAR prototype, which is for Oracle Server 8.1.6, is discussed. ODAR uses triggers and transaction profiles to keep track of the read and write operations of transactions, locates damage by tracing the affecting relationships among transactions along the history , and repairs damage by composing and executing some specific UNDO transactions. ODAR is transparent to on-going user transactions and very general. In addition to Oracle, it can be easily adapted to support many other database application platforms such as Microsoft SQL Server, Sybase, and Informix. To our best knowledge, ODAR is the first tool that can do automatic on-the-fly damage assessment and repair for commercial database applications.

show abstract

Multilevel Secure Transaction Processing

Cited by 21 publications

References 40 publications

Access Control: Policies, Models, and Mechanisms

Access Control: Policies, Models, and Mechanisms

A Resilient Failure Evaluation and Patch-up (R-FEP) Algorithm for Heterogeneous Distributed Databases

ODAR: An On-the-fly Damage Assessment and Repair System for Commercial Database Applications

Contact Info

Product

Resources

About