The architecture of an intrusion tolerant database system

Abstract

With the ever increasing development and expansion of database use, protection of database against hazards, which threaten the integrity, availability and confidentiality of database, is inevitable. However, traditional mechanisms of database security is concentrated on protection or prevention. The main objective of an intrusion tolerant database system is such that even if a number of attacks penetrated inside information system, specified levels of availability, integrity and confidentiality are yet guaranteed. A key part of intrusion tolerant database system is intrusion detection which informs system about attacks. However, detection latency will result in damage spreading. Two novel techniques are used for containment of damage in intrusion tolerant database system: Attack isolation and multiphase damage Confinement. These techniques have been posed as general solutions and in real applications, they may cause outbreak of problems in integrity and availability. In this paper, we present a practical architecture for an intrusion tolerant database system with the aim of safeguarding integrity and availability in the presence of successful attacks through taking advantages of these two techniques.