Abstract/Details

Data profiling and the access path model: A step toward addressing insider misuse in database systems


2005 2005

Other formats: Order a copy

Abstract (summary)

In recent years, there has been a significant increase in the use of complex information infrastructures by government, industry, military, and academia. The users of these infrastructures depend heavily on the availability, confidentiality, and accuracy of the information. Despite many advances in intrusion detection systems (IDS), insider misuse, in which the malicious behavior (intentional or accidental) comes from within a system, such as the operating system or a database system, is difficult to detect using IDS. This leaves the mission critical data managed in a database vulnerable to misuse.

The problem of insider misuse is complex and non-trivial. The models and techniques presented in this dissertation take a step toward addressing this problem. The approach is “data-centric” as it focuses on protecting the mission critical data from insider misuse. This approach facilitates the enforcement of information integrity principles of least privilege and accountability. The two major aspects of the approach presented include data profiling framework to describe the data behavior and the access path model to describe access paths to this data from database users, application users, and operating system users. The access path model is enriched further to include profile information regarding the data, their users, and their access correlations. Focusing on relational database systems, a methodology is presented for data profiling based on the observed data values and data accesses over a period of time. Finally, the access path model and the data profiles are used to derive a fine-grained access policy, which forms the basis for preventing, deterring, and detecting insider misuse.

Indexing (details)


Subject
Computer science
Classification
0984: Computer science
Identifier / keyword
Applied sciences; Access path; Data profiling; Database; Insider
Title
Data profiling and the access path model: A step toward addressing insider misuse in database systems
Author
Gandhi, Madhavi
Number of pages
151
Publication year
2005
Degree date
2005
School code
0029
Source
DAI-B 66/04, Dissertation Abstracts International
Place of publication
Ann Arbor
Country of publication
United States
ISBN
9780542085352, 0542085356
Advisor
Gertz, Michael
University/institution
University of California, Davis
University location
United States -- California
Degree
Ph.D.
Source type
Dissertations & Theses
Language
English
Document type
Dissertation/Thesis
Dissertation/thesis number
3171877
ProQuest document ID
305032305
Copyright
Database copyright ProQuest LLC; ProQuest does not claim copyright in the individual underlying works.
Document URL
http://search.proquest.com/docview/305032305
Access the complete full text

You can get the full text of this document if it is part of your institution's ProQuest subscription.

Try one of the following:

  • Connect to ProQuest through your library network and search for the document from there.
  • Request the document from your library.
  • Go to the ProQuest login page and enter a ProQuest or My Research username / password.