CLC number: TP309.2
On-line Access: 2024-08-27
Received: 2023-10-17
Revision Accepted: 2024-05-08
Crosschecked: 0000-00-00
Cited: 0
Clicked: 4564
CAI Liang, YANG Xiao-hu, DONG Jin-xiang. A reference model for database security proxy[J]. Journal of Zhejiang University Science A, 2002, 3(1): 30-36.
@article{title="A reference model for database security proxy",
author="CAI Liang, YANG Xiao-hu, DONG Jin-xiang",
journal="Journal of Zhejiang University Science A",
volume="3",
number="1",
pages="30-36",
year="2002",
publisher="Zhejiang University Press & Springer",
doi="10.1631/jzus.2002.0030"
}
%0 Journal Article
%T A reference model for database security proxy
%A CAI Liang
%A YANG Xiao-hu
%A DONG Jin-xiang
%J Journal of Zhejiang University SCIENCE A
%V 3
%N 1
%P 30-36
%@ 1869-1951
%D 2002
%I Zhejiang University Press & Springer
%DOI 10.1631/jzus.2002.0030
TY - JOUR
T1 - A reference model for database security proxy
A1 - CAI Liang
A1 - YANG Xiao-hu
A1 - DONG Jin-xiang
J0 - Journal of Zhejiang University Science A
VL - 3
IS - 1
SP - 30
EP - 36
%@ 1869-1951
Y1 - 2002
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/jzus.2002.0030
Abstract: How to protect the database, the kernel resources of information warfare, is becoming more and more important since the rapid development of computer and communication technology. As an application-level firewall, database security proxy can successfully repulse attacks originated from outside the network, reduce to zerolevel damage from foreign DBMS products. We enhanced the capability of the COAST's firewall reference model by adding a transmission unit modification function and an attribute value mapping function, describes the schematic and semantic layer reference model, and finally forms a reference model for DBMS security proxy which greatly helps in the design and implementation of database security proxies. This modeling process can clearly separate the system functionality into three layers, define the possible security functions for each layer, and estimate the computational cost for each layer.
[1] Christoph,L.S., Eugene,H.S., 1997. A reference model for firewall technology. Proceedings of the 13th Annual Computer Security Applications Conference(ACSAC), p.133-145.
[2] Denning,D., 1985. Commutative filters for reducing inference threats in multilevel database systems. Proceedings of IEEE Symposium on Security and Privacy, p.134-146.
[3] Graubert,R., Duffy,K., 1985. Design overview for retrofitting integrity-lock architecture onto a commercial DBMS. Proceedings of IEEE Symposium on Security and Privacy, p.147-159.
[4] Ioannidis,S., Keromytis,A., Bellovin,S., et al., 2000. Implementing a distributed firewall. Proceedings of Computer and Communications Security, p.190-199.
[5] McDermott,J., 1997. Replication does survive information warfare attacks. Proceedings of IFIP WG 11.3 Annual Working Conference on Database Security, p.219-228.
[6] Paul,A., Sushil,J., Catherine,D., et al., 1997. Surviving information warfare attacks on databases. Proceedings of IEEE Symposium on Security and Privacy, p.164-174.
Open peer comments: Debate/Discuss/Question/Opinion
<1>