Security Re-engineering for Databases: Concepts and Techniques

Gertz, Michael; Gandhi, Madhavi

doi:10.1007/978-0-387-48533-1_12

Cited by 3 publications

(2 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For Permissions, please e-mail: journals. permissions@oup.com 0022-1899 (print)/1537-6613 (online)/2011/20310-0001$14.00 DOI: 10.1093/infdis/jir056 prevalent sero19A strains detected in the United States, accounting for 77% of the sero19A collected in the ABC's surveillance program [12][13][14]. This pattern continued during the first few years of PCV7 use.…”

Section: Cc199 19amentioning

confidence: 99%

The Changing Epidemiology of Streptococcus pneumoniae Serotype 19A Clonal Complexes

Tyrrell

2011

Journal of Infectious Diseases

View full text Add to dashboard Cite

Section: Cc199 19amentioning

confidence: 99%

The Changing Epidemiology of Streptococcus pneumoniae Serotype 19A Clonal Complexes

Tyrrell

2011

Journal of Infectious Diseases

View full text Add to dashboard Cite

“…This problem is well known to the web application developers and security consultants, but little existing work has addressed it. Gertz et al in [2] pose this problem and presented some fundamental concepts and techniques that help administrators and security personnel to gradually evaluate and improve the security of a database. Also, Roichman in [3] proposed a method that uses the databases' built-in access control mechanisms enhanced with Parameterized Views and adapts them to work with web applications in order to prevent intrusions.…”

Section: Related Workmentioning

confidence: 99%

An Access Control Model for Web Databases

Tekaya

Thành

Bouhoula

et al. 2010

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The majority of today's web-based applications are based on back-end databases to process and store business information. Containing valuable business information, these systems are highly interesting to attackers and special care needs to be taken to prevent them from malicious accesses. In this paper, we propose (RBAC + ), an extension of the NIST RBAC (Role-Based Access Control) standard with the notions of application, application profile and sub-application session to distinguish end users that execute the same application, providing them by only the needed roles and continuously monitoring them throughout a whole session. It is based on business application logic rather than primitive reads and writes to enhance the ability of detecting malicious transactions. Hence, attacks caused by malicious transactions can be detected and canceled timely before they succeed.

show abstract

Data classification process for security and privacy based on a fuzzy logic classifier

Mohammadian

Hatzinakos

2009

IJEF

View full text Add to dashboard Cite

Security Re-engineering for Databases: Concepts and Techniques

Cited by 3 publications

References 32 publications

The Changing Epidemiology of Streptococcus pneumoniae Serotype 19A Clonal Complexes

The Changing Epidemiology of Streptococcus pneumoniae Serotype 19A Clonal Complexes

An Access Control Model for Web Databases

Data classification process for security and privacy based on a fuzzy logic classifier

Contact Info

Product

Resources

About