Preventive approach to avoid intrusion in relational databases using response patterns

A rash of well-publicized database hacking incidents brings security to the forefront of issues faced by the database community. Anomalous requests are processed by the Intrusion Detection System (IDS). The intrusion response component is the major responsible component in IDS for anomalous requests processing. Response component manages some of the policy for authenticating the user requests for further access. The system is proposed with the Database Response Policies with two issues Policy Matching and Policy Administration. This system is termed as Joint Threshold Administrative Module (JTAM). The principle used in JTAM is Separation of Duty. The major idea is used to prevent the malicious modification of the policies by database administrators (DBA´s). The database modification proposed ought to be signed by k DBA´s for complete modified policy. Cryptographic algorithms are used to encrypt the policy and the signatures. The policies are limited for the user´s view and for this `pattern concept´ is used. An Intrusion Prevention Protocol (IPP) is proposed which detects the users that attacks the system and revokes the access rights of that user.