ITDB: an attack self-healing database system prototype

Author

Liu, Peng

Author_Institution

Pennsylvania State Univ., University Park, PA, USA

Volume

2

fYear

2003

fDate

22-24 April 2003

Firstpage

131

Abstract

The ITDB project addresses the following problem: How can we tolerate the successful attacks (or intrusions) into a database system in such a way that the database system can continue delivering essential services in the the face of attacks and damage? While traditional secure database systems rely on preventive controls, an ITDB system can detect intrusions, isolate attacks, contain, assess, and repair the damage caused by intrusions in a timely manner such that a self-stabilized level of database trustworthiness can be provided to applications. ITMB illustrates intrusion tolerance design principles in three ways: (1) using multiple intrusion tolerance phases to achieve defense-in-depth; (2) using isolation and multiphase damage containment to tolerate (or live with) a not so good intrusion detector; (2) on-the-fly self-healing transparent to applications.

Keywords

authorisation; database management systems; military computing; DARPA; ITDB project; attack isolation; attack self-healing database; damage repair; database trustworthiness; defense-in-depth; intrusion tolerance; multiphase damage containment; on-the-fly self-healing; secure database systems; self-stabilized level; Cleaning; Control systems; Database systems; Detectors; Face detection; Object detection; Phase detection; Prototypes; Transaction databases; Yarn;

fLanguage

English

Publisher

ieee

Conference_Titel

DARPA Information Survivability Conference and Exposition, 2003. Proceedings

Print_ISBN

0-7695-1897-4

Type

conf

DOI

10.1109/DISCEX.2003.1194947

Filename

1194947