• DocumentCode
    2274222
  • Title

    Design, implementation, and evaluation of a repairable database management system

  • Author

    Chiueh, Tzi-cker ; Pilania, D.

  • Author_Institution
    Rether Networks Inc., Centereach, NY, USA
  • fYear
    2004
  • fDate
    6-10 Dec. 2004
  • Firstpage
    179
  • Lastpage
    188
  • Abstract
    Although conventional database management systems are designed to tolerate hardware and to a lesser extent even software errors, they cannot protect themselves against syntactically correct and semantically damaging transactions, which could arise because of malicious attacks or honest mistakes. The lack of fast post-intrusion or post-error damage repair in modern DBMSs results in a longer mean time to repair (MTTR) and sometimes permanent data loss that could have been saved by more intelligent repair mechanisms. In this paper, we describe the design and implementation of Phoenix - a system that significantly improves the efficiency and precision of a database damage repair process after an intrusion or operator error and thus, increases the overall database system availability. The two key ideas underlying Phoenix are (1) maintaining persistent intertransaction dependency information at run time to allow selective undo of database transactions that are considered "infected" by the intrusion or error in question and (2) exploiting information present in standard database logs for fast selective undo. Performance measurements on a fully operational Phoenix prototype, which is based on the PostgreSQL DBMS, demonstrate that Phoenix incurs a response time and a throughput penalty of less than 5% and 8%, respectively, under the TPC-C benchmark, but it can speed up the post-intrusion database repair process by at least an order of magnitude when compared with a manual repair process.
  • Keywords
    SQL; back-up procedures; database management systems; fault tolerance; security of data; transaction processing; Phoenix system; PostgreSQL DBMS; database damage repair process; database management systems; intertransaction dependency information; software errors; Availability; Database systems; Delay; Error correction; Hardware; Measurement; Protection; Prototypes; Throughput; Transaction databases;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Applications Conference, 2004. 20th Annual
  • ISSN
    1063-9527
  • Print_ISBN
    0-7695-2252-1
  • Type

    conf

  • DOI
    10.1109/CSAC.2004.15
  • Filename
    1377228