nach oben

Automatic Control and Computer Sciences

Erschienen in:

01.12.2020

Inference Attacks and Information Security in Databases

verfasst von: A. A. Poltavtsev, A. R. Khabarov, A. O. Selyankin

Erschienen in: Automatic Control and Computer Sciences | Ausgabe 8/2020

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract—

Security of modern data architectures implemented in relational DBMS’s is analyzed. The emphasis is placed on inference attacks, which are not prevented by traditional access control methods. Examples of such attacks are given and fundamental approaches to protecting against them are analyzed. The development of special software built and operating on the principles of intellectual data analysis is proposed as a security measure.

Vorheriger Artikel Countering Cyberattacks against Intelligent Bioinspired Systems Based on FANET

Nächster Artikel Application of Taint Analysis to Study the Safety of Software of the Internet of Things Devices Based on the ARM Architecture

Baraani-Dastjerdi, A., Pieprzyk, J., Pieprzyk, B.-D.J., and Safavi-Naini, R., Security in Databases: A Survey Study, 1996, pp. 1–39.

Shenets, N.N., Authentication in dynamic peer-to-peer networks based on homomorphic secret sharing, Autom. Control Comput. Sci., 2017, vol. 51, no. 8, pp. 936–946.CrossRef

Jiang, Q., Ma, J., and Wei, F., On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services, IEEE Syst. J., 2018, vol. 12, no. 2, pp. 2039–2042. https://doi.org/10.1109/JSYST.2016.2574719CrossRef

Kalinin, M., Krundyshev, V., Rezedinova, E., and Zegzhda, P., Role-based access control for vehicular adhoc networks, 2018 IEEE International Black Sea Conference on Communications and Networking, 2018. https://doi.org/10.1109/BlackSeaCom.2018.8433628

Konoplev, A.S. and Kalinin, M.O., Access control system for distributed computing networks, Autom. Control Comput. Sci., 2016, vol. 50, no. 8, pp. 664–668.CrossRef

Konoplev, A.S. and Kalinin, M.O., Tasks of providing information security in distributed computing networks, Autom. Control Comput. Sci., 2016, vol. 50, no. 8, pp. 669–672.CrossRef

Busygin, A.G., Konoplev, A.S., and Kalinin, M.O., Approaches to protection of applications based on the TLS protocol against attacks using revoked certificates, Autom. Control Comput. Sci., 2016, vol. 50, no. 8, pp. 743–748.CrossRef

Aleksandrova, E.B., Zegzhda, D.P., and Konoplev, A.S., Applying the group signature for entity authentication in distributed grid computing networks, Autom. Control Comput. Sci., 2016, vol. 50, no. 8, pp. 739–742.CrossRef

Keke, G., Longfei, Q., Min, C., Hui, Zh., and Meikang, Q., SA-EAST: Security-aware efficient data transmission for its in mobile heterogeneous cloud computing, ACM Trans. Embed. Comput. Syst., 2017, vol. 16, no. 2.

10.

Volkov, S.D., Tsaregorodtsev, A.V., and Tsatskina, E.P., Features of building systems for detecting computer attacks for information and telecommunication systems operating on the basis of cloud computing technology, Ogarev-Online, 2017, no. 13.

11.

Belenko, V., Chernenko, V., Kalinin, M., and Krundyshev, V., Evaluation of GAN applicability for intrusion detection in self-organizing networks of cyber physical systems, 2018 International Russian Automation Conference, RusAutoCon, 2018. https://doi.org/10.1109/RUSAUTOCON.2018.8501783

12.

Krundyshev, V. and Kalinin, M., Hybrid neural network frame work for detection of cyber attacks at smart infrastructures, ACM International Conference Proceeding Series, 2019. https://doi.org/10.1145/3357613.3357623

13.

Ovasapyan, T.D., Moskvin, D.A., and Kalinin, M.O., Using neural networks to detect internal intruders in vanets, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 954–958.CrossRef

14.

Poltavtseva, M.A. and Khabarov, A.R., Database security: Problems and prospects, Program. Prod. Sist., 2016, no. 3, pp. 36–41. https://doi.org/10.15827/0236-235X.115.036-041

15.

Zegzhda, P.D. and Kalinin, M.O., Technology of security services virtualization for high-speed computer networks, Autom. Control Comput. Sci., 2016, vol. 50, no. 8, pp. 734–738.CrossRef

16.

Poltavtseva, M.A., A consistent approach to building secure big data processing and storage systems, Autom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 914–921.CrossRef

17.

Tanque, M. and Foxwell, H.J., Big data and cloud computing: A review of supply chain capabilities and challenges, Exploring the Convergence of Big Data and the Internet of Things, 2018. https://doi.org/10.4018/978-1-5225-2947-7.ch001CrossRef

18.

Gorton, I. and Gracio, D.K., Data-Intensive Computing Architectures, Algorithms, and Applications, Cambridge Press, 2012.CrossRef

19.

Elvis, D. and Foster, C., Database Systems: A Pragmatic Approach, Apress, 2016.

20.

Poltavtseva, M.A., Zegzhda, D.P., and Kalinin, M.O., Big data management system security threat model, Autom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 903–913.CrossRef

21.

Yip, R.W. and Levitt, K.N., Data level inference detection in database systems, Proceedings of 11th IEEE Computer Security Foundations Workshop, Rockport, MA, 1988, pp. 179–189.

22.

Hinke, T.H., Delugach, H.S., and Wolf, R.P., Protecting databases from inference attacks, Comput. Secur., 1997, vol. 16, no. 8, pp. 687–708.CrossRef

23.

Yang, Y.J., Li, Y.J., and Deng, R.H., New paradigm of inference control with trusted computing, IFIP Annual Conference on Data and Applications Security and Privacy, Redondo Beach, CA, 2007, pp. 243–258.

24.

Ozsoyoglu, G., On inference control in semantic data models for statistical databases, J. Comput. Syst. Sci., 1990, vol. 40, no. 3, pp. 405–443.MathSciNetCrossRef

25.

Hylkema, M., A Survey of Database Inference Attack Prevention Methods, Educ. Technol. Res., 2009.

26.

Biskup, J., Embley, D.W., and Lochner, J.H., Reducing inference control to access control for normalized database schemas, Inf. Process. Lett., 2008, vol. 106, no. 1, pp. 8–12.MathSciNetCrossRef

27.

Chen, Y. and Chu, W., Database security protection via inference detection, Intelligence and Security Informatics, San Diego, CA, 2006, pp. 452–458.CrossRef

28.

Goyal, V., Gupta, S.K., Singh, M., and Gupta, A., Auditing inference based disclosures in dynamic databases, Workshop on Secure Data Management, Auckland, 2008, pp. 67–81.

Titel: Inference Attacks and Information Security in Databases
verfasst von: A. A. Poltavtsev
A. R. Khabarov
A. O. Selyankin
Publikationsdatum: 01.12.2020
Verlag: Pleiades Publishing
Erschienen in: Automatic Control and Computer Sciences / Ausgabe 8/2020
Print ISSN: 0146-4116
Elektronische ISSN: 1558-108X
DOI: https://doi.org/10.3103/S0146411620080271

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Die Gewinner und Laudatoren des Sustainability Award in Automotive 2024/© Uli Regenscheit | ATZlive, Search Icon, Banner Hanser, Sebastian Glenschek/© Hermes International, Dinko Eror/© Red Hat GmbH, Suresh Vittal/© Alteryx, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade, chassis.tech plus 2023/© [M] ATZlive / TÜV SÜD PRODUCT SERVICE GMBH, adäsion-Webinar-Matinee/© krystiannawrocki_ Getty Images

Springer Professional

Abstract—

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Weitere Artikel der Ausgabe 8/2020

Detection of Network Attacks Using the Tsetlin Machine

Application of Taint Analysis to Study the Safety of Software of the Internet of Things Devices Based on the ARM Architecture

A Technique for Safely Transforming the Infrastructure of Industrial Control Systems to the Industrial Internet of Things

Development of the Intrusion Detection System for the Internet of Things Based on a Sequence Alignment Algorithm

Specification-Based Classification of Network Protocol Vulnerabilities

A Procedure for Improving Information System Audit Quality by Enhancing Cyberthreat Simulation in Practice

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.