• DocumentCode
    2858157
  • Title

    Intrusion detection in RBAC-administered databases

  • Author

    Bertino, Elisa ; Terzi, Evimaria ; Kamra, Ashish ; Vakali, Athena

  • Author_Institution
    Purdue Univ., West Lafayette, IN
  • fYear
    2005
  • fDate
    5-9 Dec. 2005
  • Lastpage
    182
  • Abstract
    A considerable effort has been recently devoted to the development of database management systems (DBMS) which guarantee high assurance security and privacy. An important component of any strong security solution is represented by intrusion detection (ID) systems, able to detect anomalous behavior by applications and users. To date, however, there have been very few ID mechanisms specifically tailored to database systems. In this paper, we propose such a mechanism. The approach we propose to ID is based on mining database traces stored in log files. The result of the mining process is used to form user profiles that can model normal behavior and identify intruders. An additional feature of our approach is that we couple our mechanism with role based access control (RBAC). Under a RBAC system permissions are associated with roles, usually grouping several users, rather than with single users. Our ID system is able to determine role intruders, that is, individuals that while holding a specific role, have a behavior different from the normal behavior of the role. An important advantage of providing an ID mechanism specifically tailored to databases is that it can also be used to protect against insider threats. Furthermore, the use of roles makes our approach usable even for databases with large user population. Our preliminary experimental evaluation on both real and synthetic database traces show that our methods work well in practical situations
  • Keywords
    authorisation; data mining; database management systems; DBMS; RBAC-administered databases; anomalous behavior detection; assurance security solution; data privacy; database management system; database mining; intruder identification; intrusion detection system; role based access control; Access control; Data privacy; Data security; Database systems; Demography; Intrusion detection; Operating systems; Permission; Protection; Spatial databases;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Applications Conference, 21st Annual
  • Conference_Location
    Tucson, AZ
  • ISSN
    1063-9527
  • Print_ISBN
    0-7695-2461-3
  • Type

    conf

  • DOI
    10.1109/CSAC.2005.33
  • Filename
    1565245