This is cache of http://infocentric.typepad.com/blog/2008/06/demids-and-database-misuse-detection.html. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
DEMIDS and Database Misuse Detection
2008-06-05 07:44:18 by Adrian Lane in Information Centric Security
 
DEMIDS is an early paper on how to detect errant use of a database. As an overview, the paper describes a system where misuse is ‘detected’ by the use of a distance function. It attributes a set of tables or database functions as the normal domain of a user, and everything that the user accesses outside of that specified domain has some distance factor associated with it. Tables in other schema’s are viewed as being a certain distance outside of that domain, and tables in different database further still. The further away a resource is, the more likely there is misuse. It is a basic assumption that the users are sufficiently privileged to perform the access. And it is inherent with the methodology described that the system is closely coupled to the database itself, and it performs the work of detection locally.
 
Tags: database, distance, database functions, distance factor, misuse, domain, normal domain, tables, user accesses
 
 
 
 
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia