DECISION TABLE BASED MODEL & ITS IMPLEMENTATION FOR AUTOMATIC PREVANTION OF UNAUTHORIZED DATABASE TRANSACTIONS BY TRUSTED DATABASE USERS

Abstract

Database security is one of the most important issues for any organization, especially for financial institutions such as banks, stock exchanges, insurance firms, etc. Database security has always been an important subject of research for researchers. Existing security policies are inadequate to prevent the attacks from insiders (trusted users) and require human intervention in some form or other to detect unauthorized transactions.eg Oracle Vault. This thesis addresses this issue and proposes an automated detection and prevention mechanism with minimal/nil human interaction. Each database user is authorized to do particular transactions by performing a sequence of queries. These queries perform operations (select, insert, update, delete) on various attributes of different tables in RDBMS. However the sequence of queries, attributes & tables authorized to User1 are not authorized to User2. User2 may be authorized to perform a different sequence and types of queries. If in a Database, User2 is able to deviate from its normal course of transaction queries and perform such a query for which it is not authorized then it is a serious breach in database security. This thesis proposes a Decision Table based methodology and a working model to protect databases from such security breaches and prevent trusted database users from doing unauthorized Transactions. Our approach recommends creation of Decision tables with the help of TQLC (Transaction Queries Log Crawler), Authorized Query Indicator Arrays (AQIA), Transaction Query Sequence Analyzer Arrays(TQSAA), Query Weight Analysis and Quad Phase Verification Techniques. These decision tables automatically identify any malicious intent during Transaction initiated from a User thereby, suggesting and activating a particular action as specified in Decision Table. We have implemented this system model in Oracle-J2EE based environment. Our model is also equipped with the feature of "Customization in Implementation".. For experimental purposes, we are generating arbitrary dummy transaction loads to measure the overall performance of our mechanism through graphical Dashboard.