Full Text:
<2349>
CLC number: TP309.2
On-line Access:
Received: 2002-06-12
Revision Accepted: 2002-10-10
Crosschecked: 0000-00-00
Cited: 0
Clicked: 4037
Building a highly available and intrusion tolerant database security and protection system (DSPS)
| |||||||||||||
CAI Liang, YANG Xiao-hu, DONG Jin-xiang. Building a highly available and intrusion tolerant database security and protection system (DSPS)[J]. Journal of Zhejiang University Science A, 2003, 4(3): 287-293.
@article{title="Building a highly available and intrusion tolerant database security and protection system (DSPS)",
author="CAI Liang, YANG Xiao-hu, DONG Jin-xiang",
journal="Journal of Zhejiang University Science A",
volume="4",
number="3",
pages="287-293",
year="2003",
publisher="Zhejiang University Press & Springer",
doi="10.1631/jzus.2003.0287"
}
%0 Journal Article
%T Building a highly available and intrusion tolerant database security and protection system (DSPS)
%A CAI Liang
%A YANG Xiao-hu
%A DONG Jin-xiang
%J Journal of Zhejiang University SCIENCE A
%V 4
%N 3
%P 287-293
%@ 1869-1951
%D 2003
%I Zhejiang University Press & Springer
%DOI 10.1631/jzus.2003.0287
TY - JOUR
T1 - Building a highly available and intrusion tolerant database security and protection system (DSPS)
A1 - CAI Liang
A1 - YANG Xiao-hu
A1 - DONG Jin-xiang
J0 - Journal of Zhejiang University Science A
VL - 4
IS - 3
SP - 287
EP - 293
%@ 1869-1951
Y1 - 2003
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/jzus.2003.0287
Abstract: Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.
[1]Barak, B., Herzberg, A., Naor, D. and Shai, E., 1999. The proactivesecurity toolkit and applications. Proceedings of the ACM Conference on Computer and Communications Security, ACM, Singapore, p.18-27.
[2]Cai, L., Yang, X.H. and Dong, J.X., 2002a. Database securityin information warfare - special requirements and antagonism in China. Journal of Computer Research and Development, 39(5):568-573(in Chinese).
[3]Cai, L., Yang, X.H and Dong, J.X., 2002b. A referencemodel for database security proxy. Journal of Zhejiang University SCIENCE, 3(1):30-36.
[4]Canetti, R., Gennaro, R., Herzberg, A. and Naor, D., 1997. Proactivesecurity: long-term protection against break-ins. CryptoBytes: the technical newsletter of RSA Labs, 3(1):1-8.
[5]Malkin, M., Wu, T. and Boneh, D., 1999. Experimenting withshared generation of RSA keys. Proceedings of the Internet Society's Symposium on Network and Distributed System Security, IEEE Computer Society Press, California, p.43-56.
[6]Malkin, M., Wu, T. and Boneh, D., 2000. Building intrusion tolerant applications. Proceedings of DARPA Information Survivability Conference & Exposition (DISCEX), IEEE Computer Society Press, California, p.74-87.
[7]Meiter, M., Franklin, M., Lacy,J. and Wright, R., 1996. The Ω keymanagement service. Proceedings of the ACM Conference on Computer and Communications Security, ACM, New Delphi, India, p.38-47.
Open peer comments: Debate/Discuss/Question/Opinion
<1>