摘要
传统数据库安全的研究重点是如何防止非授权用户对数据库的恶意干扰和破坏,事实上根本无法阻止所有的攻击。因此,在信息战语义下,更为紧迫的是如何找到有效的措施来缓解或消除恶意用户的攻击,而入侵容忍(即抗恶意用户攻击和攻击后DBMS的恢复能力)是数据库安全最为重要的。本文概述了信息战中数据库入侵容忍技术研究的现状,指出了目前存在的问题和未来的研究方向。
Traditional database security focuses on how to prevent the unauthorized users from stealing data and making damage to data. It can not do anything to mitigate the damage caused by malicious authorized users. Especially in information warfare context, it is more urgent to find effective measures to alleviate or eliminate the damage caused by malicious authorized users. Information Warfare has been one new challenge of Database Security research. In information warfare context, Database Intrusion Tolerance, the ability of anti-malicious authorized users attacks and post-attacks recovery of DBMS, is an emergent principle of database security. It can enhance database survivability. In this paper, we survey the state of the art of database intrusion tolerance in information warfare and present some open problems and possible future research directions.
出处
《计算机科学》
CSCD
北大核心
2004年第4期14-18,共5页
Computer Science
基金
国家"863’高技术(NO:2001AA144010)经费资助
关键词
数据库管理系统
入侵容忍技术
应用程序
数据库系统
Information warfare, Database security, Intrusion tolerance, Malicious authorized users, Trusted recover
