Data profiling and the access path model: A step toward addressing insider misuse in database systems

2005 2005

Other formats: Order a copy

Abstract (summary)

In recent years, there has been a significant increase in the use of complex information infrastructures by government, industry, military, and academia. The users of these infrastructures depend heavily on the availability, confidentiality, and accuracy of the information. Despite many advances in intrusion detection systems (IDS), insider misuse, in which the malicious behavior (intentional or accidental) comes from within a system, such as the operating system or a database system, is difficult to detect using IDS. This leaves the mission critical data managed in a database vulnerable to misuse.

The problem of insider misuse is complex and non-trivial. The models and techniques presented in this dissertation take a step toward addressing this problem. The approach is “data-centric” as it focuses on protecting the mission critical data from insider misuse. This approach facilitates the enforcement of information integrity principles of least privilege and accountability. The two major aspects of the approach presented include data profiling framework to describe the data behavior and the access path model to describe access paths to this data from database users, application users, and operating system users. The access path model is enriched further to include profile information regarding the data, their users, and their access correlations. Focusing on relational database systems, a methodology is presented for data profiling based on the observed data values and data accesses over a period of time. Finally, the access path model and the data profiles are used to derive a fine-grained access policy, which forms the basis for preventing, deterring, and detecting insider misuse.

Indexing (details)

Computer science
0984: Computer science
Identifier / keyword
Applied sciences; Access path; Data profiling; Database; Insider
Data profiling and the access path model: A step toward addressing insider misuse in database systems
Gandhi, Madhavi
Number of pages
Publication year
Degree date
School code
DAI-B 66/04, Dissertation Abstracts International
Place of publication
Ann Arbor
Country of publication
United States
9780542085352, 0542085356
Gertz, Michael
University of California, Davis
University location
United States -- California
Source type
Dissertations & Theses
Document type
Dissertation/thesis number
ProQuest document ID
Database copyright ProQuest LLC; ProQuest does not claim copyright in the individual underlying works.
Document URL
Access the complete full text

You can get the full text of this document if it is part of your institution's ProQuest subscription.

Try one of the following:

  • Connect to ProQuest through your library network and search for the document from there.
  • Request the document from your library.
  • Go to the ProQuest login page and enter a ProQuest or My Research username / password.