Main
Project Description
Many of today's mission critical databases have not been designed with a particular focus on security aspects such as integrity, confidentiality, and availability. Even if security mechanisms have been used during the initial design, these mechanisms are often outdated due to new requirements and applications, and do not reflect current security polices, thus leaving ways for insider misuse and intrusion. The proposed research is concerned with analyzing various security aspects of mission critical (relational)databases that are embedded in complex information system infrastructures. We propose the following avenues of complimentary research: (1) models and techniques to profile the behavior of mission critical data stored in databases, (2) algorithms to correlate (anomalous) data behavior to application/user behavior, (3) techniques to determine and model user profiles and roles from behavioral descriptions, and (4) the integration of techniques, algorithms, and mechanisms into a security re-engineering workbench for (relational) databases (5) development of a unified access control framework that utilizes profile and role information seamlessly to dynamically guard access to data.
Funding
This project is funded under NSF Award #0242414.
Michael Gertz gertz(at)cs.ucdavis.edu (Principal
Investigator, current)
Karl N. Levitt (Co-Principal Investigator, former)