We use cookies to improve your experience with our site.

Indexed in:

SCIE, EI, Scopus, INSPEC, DBLP, CSCD, etc.

Submission System
(Author / Reviewer / Editor)
Advanced Search
Volume 25 Issue 3
May  2010
Turn off MathJax
Article Contents
Abstract
References
Hong Zhu, Ge Fu, Yu-Cai Feng, Kevin Lü. Dynamic Damage Recovery for Web Databases[J]. Journal of Computer Science and Technology, 2010, 25(3): 548-561.
Citation: Hong Zhu, Ge Fu, Yu-Cai Feng, Kevin Lü. Dynamic Damage Recovery for Web Databases[J]. Journal of Computer Science and Technology, 2010, 25(3): 548-561.
shu

Dynamic Damage Recovery for Web Databases

  • 1School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, China
    2Brunel University, Uxbridge UB8 3PH, U.K.

Funds: Supported by the National Hi-Tech Research and Development 863 program of China under Grant No. 2006AA01Z430.
More Information
  • Author Bio:

    Hong Zhu received her Ph.D. degree in computer software andtheoretical computer science from Huazhong University of Science andTechnology in 2001. She is now a professor and Ph.D. advisor inSchool of Computer Science and Technology, Huazhong University ofScience and Technology. Her current research interests includedatabase theory and techniques, database security etc. She is a member of CCF.

    Ge Fu received his B.S. degree in software engineering fromXidian University in 2002. He is currently working towards the Ph.D.degree with the School of Computer Science, Huazhong University ofScience and Technology. He is now a research fellow in RFID Lab,Singapore Management University. His research interests includedatabase security, fault-tolerant database system, RFID security,EHR security and privacy etc.

    Yu-Cai Feng is a professor and Ph.D. advisor in School ofComputer Science and Technology, Huazhong University of Science andTechnology. He is chairman of the committee for the databasestandard in China. His current research interests include databasetheory, multimedia techniques and database security.

  • Received Date: June 17, 2009
  • Revised Date: March 21, 2010
  • Published Date: May 04, 2010
    Abstract
  • In the web context, there is an urgent need for a self-healing database system which has the ability to automatically locate and undo a set of transactions that are corrupted by malicious attacks. The metrics of survivability and availability require a database to provide continuous services during the period of recovery, which is referred to as dynamic recovery. In this paper, we present that an extended read operation from a corrupted data would cause damage spreading. We build a fine grained transaction log to record the extended read and write operations while user transactions are processing. Based on that, we propose a dynamic recovery system to implement the damage repair. The system captures damage spreading caused by extended read-write dependency between transactions. It also retains the execution results for blind write transactions and gives a solution to the issues of recovery conflicts caused by forward recovery. Moreover, a confinement activity is imposed on the in-repairing data to prevent a further damage propagation while the data recovery is processing. The performance evaluation in our experiments shows that the system is reliable and highly efficient.
    • FullText(HTML)
    • References (19)
  • [1]
    Liu P. Architectures for intrusion tolerant database systems. In Proc. the 18th Annual Computer Security Applications Conference, Las Vegas, USA, Dec. 9-13, 2002, pp.311-322.
    [2]
    Ammann P, Jajodia S, Liu P. Recovery from malicious transactions. IEEE Transactions on Knowledge and Data Engineering, 2002, 14(5): 1167-1185.
    [3]
    Yu M, Liu P, Zang W. Self-healing workflow systems under attacks. In Proc. 24th International Conference on Distributed Computing Systems (ICDCS 2004), Tokyo, Japan, Mar. 2426, 2004, pp.418-425.
    [4]
    Wang H, Liu P. Modeling and evaluating the survivability of an intrusion tolerant database-system. In Proc. 11th European Symposium on Research in Computer Security, Hamburg, Germany, Sept. 18-20, 2006, pp.207-224.
    [5]
    Panda B, Giordano J. An overview of post information warfare data recovery. In Proc. ACM Symposium on Applied Computing (SAC1998), Atlanta, USA, Feb. 27-Mar. 1, 1998, pp.253-254.
    [6]
    Liu P, Ammann P, Jajodia S. Rewriting histories: Recovering from malicious transactions. Distrib. Parallel Databases, 2000, 8(1): 7-40.
    [7]
    Pilania D, Chiueh T. Design, implementation, and evaluation of an intrusion-resilient database system. Technical Report TR-123, Computer Science Department, State Univ. New York at Stony Brook, 2002.
    [8]
    Rajesh Y, Panda B. Transaction fusion: A model for data recovery from information attacks. Journal of Intelligent Information Systems Attacks, 2004, 23(3): 225-245.
    [9]
    Ammann p, Jajodia S, McCollum C D. Surviving information warfare attacks on databases. In Proc. IEEE Symposium on Security and Privacy, Oakland, USA, May 3-6, 1997, p.164.
    [10]
    Fu G, Zhu H, Feng Y. Fine grained transaction log for data recovery in database systems. In Proc. the 3rd Asia-Pacific Trusted Infrastructure Technologies Conference, Wuhan, China, Oct. 14-17, 2008, pp.123-131.
    [11]
    Chiueh T, Pilania D. Design, implementation, and evaluation of a repairable database management system. In Proc. the 21st International Conference on Data Engineering, Tokyo, Japan, Apr. 5-8, 2005, pp.1024-1035.
    [12]
    Bai K , Yu M, Liu P. Zero-down-time database damage tracking, quarantine, and cleansing with negligible run-time overhead. In Proc. the 13th European Symposium on Research in Computer Security, Malaga, Spain, Oct. 6-8, 2008, pp.161176.
    [13]
    Bai K, Liu P. A data damage tracking quarantine and recovery (DTQR) scheme for mission-critical database systems. In Proc. the 12th International Conference on Extending Database Technology, Saint Petersburg, Russia, Mar. 24-26, 2009, pp.720-731.
    [14]
    Chiueh T, Bajpai S. Accurate and efficient inter-transaction dependency tracking. In Proc. the 24th International Conference on Data Engineering (ICDE 2008), Cancun, Mexico, Apr. 7-12, 2008, pp.1209-1218.
    [15]
    Xie M, Zhu H, Feng Y. Tracking and repairing damaged database using before image table. In Proc. the Japan-China Joint Workshop on Frontier of Computer Science and Technology (FCST), Tokyo, Japan, Dec. 27-28, 2008, pp.36-41.
    [16]
    Liu P, Jajodia S. Multi-phase damage confinement in database systems for intrusion tolerance. In Proc. 14th IEEE Workshop on Computer Security Foundations, Cape Breton, Canada, June 11-13, 2001, pp.191-204.
    [17]
    Valsangkar A, Panda B. An architecture for making data available ceaselessly during recovery. In Proc. IAW2003 West Point, USA, June 18-20, 2003, pp.196-202.
    [18]
    Liu P, Jajodia S, McCollum C D. Intrusion confinement by isolation in information systems. Journal of Computer Security, 2000, 8(4): 243-279.
    [19]
    Liu P, Wang H, Li L. Real-time data attack isolation for commercial database applications. J. Netw. Comput. Appl., 2006, 29(4): 294-320.
    • Relative Articles
  • Supplements (0)

Catalog

    Get Citation
    XML
    Article views (13) PDF downloads (1639) Cited by()
    Related

    Copyright ©2025 JCST, All Rights Reserved     京ICP备05002829号-1

    Institute of Computing Technology, Chinese Academy of Sciences
    P.O. Box 2704, Beijing 100190, P.R. China

    Tel.: 86-10-62610746 E-mail: jcst@ict.ac.cn

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return