Open Access
Subscription Access
Open Access
Subscription Access
Prevention of Insider Attack against Database Access Control Mechanism
Subscribe/Renew Journal
Existing SQL Access Control Mechanisms are extremely limited. Attackers can access the sensitive information through escalating their privileges. Practical attacks against existing database are increasing nowadays by using database features such as triggers and integrity constraints. Moreover the theories behind access control mechanism lack adequate security policies and attackers capabilities. This paper addresses the three main privilege escalation attacks by using database features and its prevention methods.
Keywords
DBMS, DB Security, Access Control Mechanism, Insider Attacks, Privilege Escalation, SQL.
Subscription
Login to verify subscription
User
Font Size
Information
- Z. Nick, “Database security and cryptography,” National Technical University of Athens, 2000.
- Q. He, and A. I. Anton, “Requirements-based Access Control Analysis and Policy Specification (ReCAPS),” Information and Software Technology, June 2011.
- T. F. Lunt, and E. B. Fernandez, “Database security,” ACM SIGMOD Record 19, no. 4, pp. 90-97, 1990.
- Kriti, and I. Kashyap, “Database security and access control models: A brief overview,” International Journal of Engineering Research & Technology, vol. 2, no. 5, pp. 743-751, May 2013.
- M. Guarnieri, S. Marinovic, and D. Basin, “Strong and provably secure database access control,” IEEE European Symposium on Security and Privacy, January 2016.
Abstract Views: 191
PDF Views: 1