S. Jajodia, P. Liu, and C. D. McCollum. Application-level isolation to cope with malicious database users. In Proceedings of Annual Computer Security Applications Conference, 1998.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....reachable by at most m hops from p in a conflict graph. The 0 neighborhood of a process p is just p itself, and its 1 neighborhood is p and its immediate neighbors. A reconfiguration algorithm has failure locality m if the failure of a process only affects processes within its mneighborhood. [10] introduces application level confinement as the bounding of damage caused by using isolation. Confinement is the process of preventing flaws from propagating to other parts of a system. In itself, containment neither prevents nor repairs faults. 10] uses the idea of fishbowling suspicious ....

....affects processes within its mneighborhood. 10] introduces application level confinement as the bounding of damage caused by using isolation. Confinement is the process of preventing flaws from propagating to other parts of a system. In itself, containment neither prevents nor repairs faults. [10] uses the idea of fishbowling suspicious activities into a safe separate environment that is monitored but still appears to the potential attacker to be the same system. 3] presents a SIMPLEX architectual framework examining real time control in the face of communication flaws, faulty software, ....

Jajodia, S., P. Liu, and C. McCollum. ApplicationLevel Isolation to Cope with Malicious Database Users, 14 th Annual Computer Security Application Conference, Phoenix AZ, Dec. 19998, pp. 73-82.

....of x nor the suspicious data version of x is correct when we decide to merge the suspicious version into the main version. The techniques to identify and resolve these conflicts usually vary from one type of system to another. For example, the techniques we once proposed for database systems in [Jajodia et al. 1998] are quite different from the techniques we will propose for file systems in Section 4. However, we can generally classify these techniques into two categories: 1) Static Resolution allows both the main action history and the suspicious action histories to grow without any restrictions. ....

....(especially integrity and availability) of a system in many situations. Although a concrete isolation scheme is proposed only for file systems, intrusion confinement can be enforced in many other types of information systems, such as database systems (a simple isolation scheme is proposed in [Jajodia et al. 1998]) object oriented systems, distributed information systems, and workflow management systems. Developing concrete isolation protocols for these systems is a topic of our future research. Acknowledgments Jajodia and McCollum were partially supported by Rome Laboratory, Air Force Material ....

Jajodia, S., Liu, P., and McCollum, C. (1998). Application-level isolation to cope with malicious database users. In Proceedings of the 14th Annual Computer Security Application Conference, pages 73--82, Phoenix, AZ. 16

....[HLR92] re ect a mapping from discrete time units to a nite action space. Moreover, our model is based on behaviors which are a sequence of actions, whereas the model presented in [HL93] and [HLR92] is based on single actions. In [HL93] and [HLR92] actions are called transactions. 28 In [JLM98] an application level isolation protocol is proposed to cope with malicious database users. In this paper, we extend the work of [JLM98] in several aspects: 1) JLM98] does not answer clearly such questions as Why are there suspicious actions , How can these suspicious actions be detected , ....

....of actions, whereas the model presented in [HL93] and [HLR92] is based on single actions. In [HL93] and [HLR92] actions are called transactions. 28 In [JLM98] an application level isolation protocol is proposed to cope with malicious database users. In this paper, we extend the work of [JLM98] in several aspects: 1) JLM98] does not answer clearly such questions as Why are there suspicious actions , How can these suspicious actions be detected , Why is isolation necessary , and When should isolation be enforced . In this paper, we give clear answers to these questions by ....

[Article contains additional citation context not shown here]

S. Jajodia, P. Liu, and C. D. McCollum. Application-level isolation to cope with malicious database users. In Proceedings of the 14th Annual Computer Security Application Conference, pages 73-82, Phoenix, AZ, December 1998.

....additional good transactions. Although we develop these algorithms to repair a database when some malicious activity happens, our methods can be easily extended to other applications where some committed transactions may also be identi ed undesirable, thus have to be backed out. For example In [JLM98], the use of isolation is proposed to protect systems from the damage caused by authorized but malicious users, masqueraders, and misfeasors, where the capacity of intrusion detection techniques is limited. In the database context, the basic idea is when a user is found suspicious, his ....

S. Jajodia, P. Liu, and C.D. McCollum. Application-level isolation to cope with malicious database users. In Proceedings of the 14th Annual Computer Security Application Conference, Phoenix, AZ, December 1998. To appear. 41

No context found.

S. Jajodia, P. Liu, and C. D. McCollum. Application-level isolation to cope with malicious database users. In Proceedings of Annual Computer Security Applications Conference, 1998.

No context found.

S. Jajodia, P. Liu, and C. D. McCollum. Application-level isolation to cope with malicious database users. In ACSAC, 1998.

No context found.

S. Jajodia, P. Liu, and C. D. McCollum. Application-level isolation to cope with malicious database users. In ACSAC, 1998.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC