Full Text:   <1850>

CLC number: TP309.2

On-line Access: 

Received: 2000-12-15

Revision Accepted: 2001-06-06

Crosschecked: 0000-00-00

Cited: 0

Clicked: 3804

Citations:  Bibtex RefMan EndNote GB/T7714

-   Go to

Article info.
1. Reference List
Open peer comments

Journal of Zhejiang University SCIENCE A 2002 Vol.3 No.1 P.30-36


A reference model for database security proxy

Author(s):  CAI Liang, YANG Xiao-hu, DONG Jin-xiang

Affiliation(s):  Artificial Intelligence Institute, Zhejiang University, Hangzhou 310027, China

Corresponding email(s): 

Key Words:  information warfare, database security, firewall, reference model, security proxy

Share this article to: More

CAI Liang, YANG Xiao-hu, DONG Jin-xiang. A reference model for database security proxy[J]. Journal of Zhejiang University Science A, 2002, 3(1): 30-36.

@article{title="A reference model for database security proxy",
author="CAI Liang, YANG Xiao-hu, DONG Jin-xiang",
journal="Journal of Zhejiang University Science A",
publisher="Zhejiang University Press & Springer",

%0 Journal Article
%T A reference model for database security proxy
%A CAI Liang
%A YANG Xiao-hu
%A DONG Jin-xiang
%J Journal of Zhejiang University SCIENCE A
%V 3
%N 1
%P 30-36
%@ 1869-1951
%D 2002
%I Zhejiang University Press & Springer
%DOI 10.1631/jzus.2002.0030

T1 - A reference model for database security proxy
A1 - CAI Liang
A1 - YANG Xiao-hu
A1 - DONG Jin-xiang
J0 - Journal of Zhejiang University Science A
VL - 3
IS - 1
SP - 30
EP - 36
%@ 1869-1951
Y1 - 2002
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/jzus.2002.0030

How to protect the database, the kernel resources of information warfare, is becoming more and more important since the rapid development of computer and communication technology. As an application-level firewall, database security proxy can successfully repulse attacks originated from outside the network, reduce to zerolevel damage from foreign DBMS products. We enhanced the capability of the COAST's firewall reference model by adding a transmission unit modification function and an attribute value mapping function, describes the schematic and semantic layer reference model, and finally forms a reference model for DBMS security proxy which greatly helps in the design and implementation of database security proxies. This modeling process can clearly separate the system functionality into three layers, define the possible security functions for each layer, and estimate the computational cost for each layer.

Darkslateblue:Affiliate; Royal Blue:Author; Turquoise:Article


[1] Christoph,L.S., Eugene,H.S., 1997. A reference model for firewall technology. Proceedings of the 13th Annual Computer Security Applications Conference(ACSAC), p.133-145.

[2] Denning,D., 1985. Commutative filters for reducing inference threats in multilevel database systems. Proceedings of IEEE Symposium on Security and Privacy, p.134-146.

[3] Graubert,R., Duffy,K., 1985. Design overview for retrofitting integrity-lock architecture onto a commercial DBMS. Proceedings of IEEE Symposium on Security and Privacy, p.147-159.

[4] Ioannidis,S., Keromytis,A., Bellovin,S., et al., 2000. Implementing a distributed firewall. Proceedings of Computer and Communications Security, p.190-199.

[5] McDermott,J., 1997. Replication does survive information warfare attacks. Proceedings of IFIP WG 11.3 Annual Working Conference on Database Security, p.219-228.

[6] Paul,A., Sushil,J., Catherine,D., et al., 1997. Surviving information warfare attacks on databases. Proceedings of IEEE Symposium on Security and Privacy, p.164-174.

Open peer comments: Debate/Discuss/Question/Opinion


Please provide your name, email address and a comment

Journal of Zhejiang University-SCIENCE, 38 Zheda Road, Hangzhou 310027, China
Tel: +86-571-87952783; E-mail: cjzhang@zju.edu.cn
Copyright © 2000 - 2022 Journal of Zhejiang University-SCIENCE