Similar articles

Abstract: How to protect the database, the kernel resources of information warfare, is becoming more and more important since the rapid development of computer and communication technology. As an application-level firewall, database security proxy can successfully repulse attacks originated from outside the network, reduce to zerolevel damage from foreign DBMS products. We enhanced the capability of the COAST's firewall reference model by adding a transmission unit modification function and an attribute value mapping function, describes the schematic and semantic layer reference model, and finally forms a reference model for DBMS security proxy which greatly helps in the design and implementation of database security proxies. This modeling process can clearly separate the system functionality into three layers, define the possible security functions for each layer, and estimate the computational cost for each layer.

[1] Christoph,L.S., Eugene,H.S., 1997. A reference model for firewall technology. Proceedings of the 13th Annual Computer Security Applications Conference(ACSAC), p.133-145.

[2] Denning,D., 1985. Commutative filters for reducing inference threats in multilevel database systems. Proceedings of IEEE Symposium on Security and Privacy, p.134-146.

[3] Graubert,R., Duffy,K., 1985. Design overview for retrofitting integrity-lock architecture onto a commercial DBMS. Proceedings of IEEE Symposium on Security and Privacy, p.147-159.

[4] Ioannidis,S., Keromytis,A., Bellovin,S., et al., 2000. Implementing a distributed firewall. Proceedings of Computer and Communications Security, p.190-199.

[5] McDermott,J., 1997. Replication does survive information warfare attacks. Proceedings of IFIP WG 11.3 Annual Working Conference on Database Security, p.219-228.

[6] Paul,A., Sushil,J., Catherine,D., et al., 1997. Surviving information warfare attacks on databases. Proceedings of IEEE Symposium on Security and Privacy, p.164-174.