Abstract
PurposeDamage assessment and recovery play key roles in the process of secure and reliable computer systems development. Post‐attack assessment in a distributed database system is rather complicated due to the indirect dependencies among sub‐transactions executed at different sites. Hence, the damage assessment procedure in these systems must be carried out in a collaborative way among all the participating sites in order to accurately detect all affected data items. This paper seeks to propose two approaches for achieving this, namely, centralized and peer‐to‐peer damage assessment models.Design/methodology/approachEach of the two proposed methods should be applied immediately after an intrusion on a distributed database system was reported. In the category of the centralized model, three sub‐models are further discussed, each of which is best suitable for a certain type of situations in a distributed database system.FindingsAdvantages and disadvantages of the models are analyzed on a comparative basis and the most suitable situations to which each model should apply are presented. A set of algorithms is developed to formally describe the damage assessment procedure for each model (sub‐model). Synchronization is essential in any system where multiple processes run concurrently. User‐level synchronization mechanisms have been presented to ensure that the damage assessment operations are conducted in a correct order.Originality/valueThe paper proposes two means for damage assessment.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
