Architectures for intrusion tolerant database systems

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

In this paper, we propose four architectures for intrusion-tolerant database systems. While traditional secure database systems rely on prevention controls, an intrusion-tolerant database system can operate through attacks in such a way that the system can continue delivering essential services in the face of attacks. With a focus on attacks by malicious transactions, Architecture I can detect intrusions, and locate and repair the damage caused by the intrusions. Architecture II enhances Architecture I with the ability to isolate attacks so that the database can be immunized from the damage caused by a lot of attacks. Architecture III enhances Architecture I with the ability to dynamically contain the damage in such a way that no damage will leak out during the attack recovery process. Architecture IV enhances Architectures II and III with the ability to adapt the intrusion-tolerance controls to the changing environment so that a stabilized level of trustworthiness can be maintained. Architecture V enhances Architecture IV with the ability to deliver differential, quantitative QoIA services to customers who have subscribed for these services even in the face of attacks.

Original languageEnglish (US)
Title of host publicationFoundations of Intrusion Tolerant Systems, OASIS 2003
EditorsJaynarayan H. Lala
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages3-13
Number of pages11
ISBN (Electronic)076952057X, 9780769520575
DOIs
StatePublished - Jan 1 2003
EventFoundations of Intrusion Tolerant Systems, OASIS 2003 - Los Alamitos, United States
Duration: Dec 1 2003 → …

Publication series

NameFoundations of Intrusion Tolerant Systems, OASIS 2003

Other

OtherFoundations of Intrusion Tolerant Systems, OASIS 2003
CountryUnited States
CityLos Alamitos
Period12/1/03 → …

Fingerprint

Repair
Recovery

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture
  • Software

Cite this

Liu, P. (2003). Architectures for intrusion tolerant database systems. In J. H. Lala (Ed.), Foundations of Intrusion Tolerant Systems, OASIS 2003 (pp. 3-13). [1264924] (Foundations of Intrusion Tolerant Systems, OASIS 2003). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/FITS.2003.1264924
Liu, Peng. / Architectures for intrusion tolerant database systems. Foundations of Intrusion Tolerant Systems, OASIS 2003. editor / Jaynarayan H. Lala. Institute of Electrical and Electronics Engineers Inc., 2003. pp. 3-13 (Foundations of Intrusion Tolerant Systems, OASIS 2003).
@inproceedings{6e85e9c24b0844d4af84bd794729d2a7,
title = "Architectures for intrusion tolerant database systems",
abstract = "In this paper, we propose four architectures for intrusion-tolerant database systems. While traditional secure database systems rely on prevention controls, an intrusion-tolerant database system can operate through attacks in such a way that the system can continue delivering essential services in the face of attacks. With a focus on attacks by malicious transactions, Architecture I can detect intrusions, and locate and repair the damage caused by the intrusions. Architecture II enhances Architecture I with the ability to isolate attacks so that the database can be immunized from the damage caused by a lot of attacks. Architecture III enhances Architecture I with the ability to dynamically contain the damage in such a way that no damage will leak out during the attack recovery process. Architecture IV enhances Architectures II and III with the ability to adapt the intrusion-tolerance controls to the changing environment so that a stabilized level of trustworthiness can be maintained. Architecture V enhances Architecture IV with the ability to deliver differential, quantitative QoIA services to customers who have subscribed for these services even in the face of attacks.",
author = "Peng Liu",
year = "2003",
month = "1",
day = "1",
doi = "10.1109/FITS.2003.1264924",
language = "English (US)",
series = "Foundations of Intrusion Tolerant Systems, OASIS 2003",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "3--13",
editor = "Lala, {Jaynarayan H.}",
booktitle = "Foundations of Intrusion Tolerant Systems, OASIS 2003",
address = "United States",

}

Liu, P 2003, Architectures for intrusion tolerant database systems. in JH Lala (ed.), Foundations of Intrusion Tolerant Systems, OASIS 2003., 1264924, Foundations of Intrusion Tolerant Systems, OASIS 2003, Institute of Electrical and Electronics Engineers Inc., pp. 3-13, Foundations of Intrusion Tolerant Systems, OASIS 2003, Los Alamitos, United States, 12/1/03. https://doi.org/10.1109/FITS.2003.1264924

Architectures for intrusion tolerant database systems. / Liu, Peng.

Foundations of Intrusion Tolerant Systems, OASIS 2003. ed. / Jaynarayan H. Lala. Institute of Electrical and Electronics Engineers Inc., 2003. p. 3-13 1264924 (Foundations of Intrusion Tolerant Systems, OASIS 2003).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Architectures for intrusion tolerant database systems

AU - Liu, Peng

PY - 2003/1/1

Y1 - 2003/1/1

N2 - In this paper, we propose four architectures for intrusion-tolerant database systems. While traditional secure database systems rely on prevention controls, an intrusion-tolerant database system can operate through attacks in such a way that the system can continue delivering essential services in the face of attacks. With a focus on attacks by malicious transactions, Architecture I can detect intrusions, and locate and repair the damage caused by the intrusions. Architecture II enhances Architecture I with the ability to isolate attacks so that the database can be immunized from the damage caused by a lot of attacks. Architecture III enhances Architecture I with the ability to dynamically contain the damage in such a way that no damage will leak out during the attack recovery process. Architecture IV enhances Architectures II and III with the ability to adapt the intrusion-tolerance controls to the changing environment so that a stabilized level of trustworthiness can be maintained. Architecture V enhances Architecture IV with the ability to deliver differential, quantitative QoIA services to customers who have subscribed for these services even in the face of attacks.

AB - In this paper, we propose four architectures for intrusion-tolerant database systems. While traditional secure database systems rely on prevention controls, an intrusion-tolerant database system can operate through attacks in such a way that the system can continue delivering essential services in the face of attacks. With a focus on attacks by malicious transactions, Architecture I can detect intrusions, and locate and repair the damage caused by the intrusions. Architecture II enhances Architecture I with the ability to isolate attacks so that the database can be immunized from the damage caused by a lot of attacks. Architecture III enhances Architecture I with the ability to dynamically contain the damage in such a way that no damage will leak out during the attack recovery process. Architecture IV enhances Architectures II and III with the ability to adapt the intrusion-tolerance controls to the changing environment so that a stabilized level of trustworthiness can be maintained. Architecture V enhances Architecture IV with the ability to deliver differential, quantitative QoIA services to customers who have subscribed for these services even in the face of attacks.

UR - http://www.scopus.com/inward/record.url?scp=84946196833&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84946196833&partnerID=8YFLogxK

U2 - 10.1109/FITS.2003.1264924

DO - 10.1109/FITS.2003.1264924

M3 - Conference contribution

T3 - Foundations of Intrusion Tolerant Systems, OASIS 2003

SP - 3

EP - 13

BT - Foundations of Intrusion Tolerant Systems, OASIS 2003

A2 - Lala, Jaynarayan H.

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Liu P. Architectures for intrusion tolerant database systems. In Lala JH, editor, Foundations of Intrusion Tolerant Systems, OASIS 2003. Institute of Electrical and Electronics Engineers Inc. 2003. p. 3-13. 1264924. (Foundations of Intrusion Tolerant Systems, OASIS 2003). https://doi.org/10.1109/FITS.2003.1264924