Abstract Views :173 |
PDF Views:1
Authors
Affiliations
1 Dept. of CSE, SNGCE, Kadayiruppu, Kerala, IN
Source
Journal of Network and Information Security, Vol 5, No 1 (2017), Pagination: 20-23
Abstract
Existing SQL Access Control Mechanisms are extremely limited. Attackers can access the sensitive information through escalating their privileges. Practical attacks against existing database are increasing nowadays by using database features such as triggers and integrity constraints. Moreover the theories behind access control mechanism lack adequate security policies and attackers capabilities. This paper addresses the three main privilege escalation attacks by using database features and its prevention methods.
Keywords
DBMS, DB Security, Access Control Mechanism, Insider Attacks, Privilege Escalation, SQL.
References
- Z. Nick, “Database security and cryptography,” National Technical University of Athens, 2000.
- Q. He, and A. I. Anton, “Requirements-based Access Control Analysis and Policy Specification (ReCAPS),” Information and Software Technology, June 2011.
- T. F. Lunt, and E. B. Fernandez, “Database security,” ACM SIGMOD Record 19, no. 4, pp. 90-97, 1990.
- Kriti, and I. Kashyap, “Database security and access control models: A brief overview,” International Journal of Engineering Research & Technology, vol. 2, no. 5, pp. 743-751, May 2013.
- M. Guarnieri, S. Marinovic, and D. Basin, “Strong and provably secure database access control,” IEEE European Symposium on Security and Privacy, January 2016.
