Databases Reference
In-Depth Information
rity concepts and techniques), first, the status of the security of the existing
“legacy” database needs to be evaluated. This should be done with a partic-
ular focus on potential vulnerabilities that give rise to insider misuse, which
is primarily caused by not adhering to the principle of least privilege [11, 31].
In this topic chapter, we present the fundamental concepts and techniques
to support different security re-engineering tasks for relational databases. The
proposed approach is
data-driven
, meaning that a comprehensive evaluation
of the security of a given database necessitates the evaluation of the quality
of the data to be protected first. Only if it is known that the mission-critical
and sensitive data is of good quality (which is often not the case in practice,
see, e.g., [9, 18]), suitable data and user profiling techniques can be deployed.
Otherwise, statistical models representing the normal behavior of users and
data, which are to be monitored and enforced by respective mechanisms, is
skewed due to poor quality data underlying the model generation. The data
and user profiling techniques we present employ selective database auditing
using standard database functionality and well-known profiling techniques
based on data mining approaches.
We further present a methodological framework, called the
access path
model
, in which administrators and security personnel can discover, annotate,
and evaluate access paths. An access path represents the current (admissi-
ble) ways in which application users can operate on the data managed in
a database. Correlating data accesses and user accounts (represented in the
form of profiles) at the database layer and application layer is crucial in order
to strengthen or replace current security policies. A feature of the access path
model is that it allows to back-track accesses to and operations on database
relations to application users by correlating user profiles and audit trails man-
aged at the database and application layers. The information extracted from
such access exploration and analysis tasks is then used in the re-design of exist-
ing or the implementation of new security mechanisms. Our primary objective
here is to provide a comprehensive overview of existing and novel techniques
and in particular their integration into a single coherent framework for the
security re-engineering of databases.
The remainder of the chapter is organized as follows. In Section 2, we re-
view some basic concepts underlying the notion of intrusion detection, with a
particular focus on insider misuse. In Section 3, we then present basic princi-
ples of database auditing techniques and discuss the concepts of data and user
profiling in databases. The access path model is discussed in Section 4. Based
on the information obtained through employing the access path model, in
Section 5, we summarize basic database security reconfiguration approaches.
After a review of related work in Section 6, we conclude the chapter with a
summary and outlook in Section 7.
