Engineering a Distributed Intrusion Tolerant Database System

Abstract

The primary accomplishment of this project is a new paradigm for secure database system design, intrusion tolerant database systems. In particular, an innovative intrusion tolerant database system framework, denoted ITDB, is developed. While traditional secure database systems rely on preventive controls, ITDB can detect intrusions, isolate attacks, contain, assess and repair the damage caused by intrusions in a timely manner such that a self-stabilized level of data integrity and availability can be provided to applications. Built on top of COTS DBMS, ITDB arms commercial database servers with the ability to deliver sustained valid data access services even in the face of intensive attacks. To validate ITDB, a prototype ITDB system is designed and implemented. The prototype is a seamless integration of five major subsystems, namely the Malicious Transaction Detection subsystem, the Attack Recovery subsystem, the Attack Isolation subsystem, the Damage Containment subsystem, and the Self-Stabilization subsystem. Extensive evaluation of the prototype based on practical database applications, simulated workload and injected attacks is done. Preliminary testing measurements suggest that when the accuracy of the intrusion detector is satisfactory, ITDB can effectively tolerate database intrusions with reasonable performance penalty.

Document Details

Document Type

Technical Report

Publication Date

Mar 01, 2003

Accession Number

ADA412970

Entities

Tags