SPIDER: An Autonomic Computing Approach to Database Security Management

  • Hakan Hacıgümüş
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4165)


The system management complexity is exponentially increasing for the computing systems by even threatening their viability. Researchers and practitioners are scrambling to significantly simplify the all aspects of system management complexity. One of the most notable efforts towards this direction is the autonomic computing initiative, which is inspired by how the human body works to manage itself. In this paper, we focus on the database security management. We approach the security management issues from the autonomic computing perspective. We consider situations where the database is damaged by successful malicious attacks. Our goal is to design the system in such a way that the database system should be able to isolate the damaged parts of the system and to keep the other parts of the system functioning as the damage is being repaired.


Intrusion Detection System Query Result Query Execution Autonomic Computing Select Query 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    IBM Tivoli Risk Manager. Info. available at:
  2. 2.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: Proc. of VLDB (2002)Google Scholar
  3. 3.
    Agrawal, S., Chaudri, S., Narasayya, V.R.: Automated Selection of Materialized Views and Indexes for SQL Databases. In: Proc. of VLDB (2000)Google Scholar
  4. 4.
    Axelsson, S.: Intrusion Detection Systems: A Taxomomy and Survey. Technical report, Dept. of Computer Engineering, Chalmers University of Technology, Sweden (2000)Google Scholar
  5. 5.
    Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison-Wesley Publishing Company, Reading (1995)MATHGoogle Scholar
  6. 6.
    Chaudhuri, S., Christensen, E., Graefe, G., Narasayya, V.R., Zwilling, M.J.: Self-tuning technology in microsoft SQL server. Data Engineering Bulletin 22(2), 20–26 (1999)Google Scholar
  7. 7.
    Damiani, E., di Vimercati, S.D.C., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted Relational DBMSs. In: Proc. of 10th ACM Conf. On Computer and Communications Security (2003)Google Scholar
  8. 8.
    Denning, D.: An Intrusion-Detection Model. IEEE Transactions on Software Engineering 13(2) (1987)Google Scholar
  9. 9.
    Ganek, A.G., Corbi, T.A.: The Dawning of the Autonomic Computing Era. IBM Systems Journal 42(1), 5–18 (2003)CrossRefGoogle Scholar
  10. 10.
    Hacıgümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over Encrypted Data in Database Service Provider Model. In: Proc. of ACM SIGMOD (2002)Google Scholar
  11. 11.
    Hacıgümüş, H., Iyer, B., Mehrotra, S.: Providing Database as a Service. In: Proc. of ICDE (2002)Google Scholar
  12. 12.
    Jensen, C.S., Mark, L., Roussopoulos, N.: Incremental Implementation Model for Relational Databases with Transaction Time. IEEE Transactions on Knowledge and Data Engineering 3(4), 461–473 (1991)CrossRefGoogle Scholar
  13. 13.
    Kemmerer, R.A., Vigna, G.: Intrusion detection: a brief history and overview. IEEE Computer 35(4) (2002)Google Scholar
  14. 14.
    Kephart, J.O., Chess, D.M.: The Vision of Autonomic Computing. IEEE Computer 36(1), 41–50 (2003)Google Scholar
  15. 15.
    Kwan, E., Lightstone, S., Storm, A., Wu, L.: Automatic Configuration for IBM DB2 Universal Database, available at:
  16. 16.
    Lohman, G., Lightstone, S.: SMART: Making DB2 (More) Autonomic. In: Bressan, S., Chaudhri, A.B., Li Lee, M., Yu, J.X., Lacroix, Z. (eds.) CAiSE 2002 and VLDB 2002. LNCS, vol. 2590. Springer, Heidelberg (2003)Google Scholar
  17. 17.
    Lohman, G., Valentin, G., Zilio, D., Zuliani, M., Skelly, A.: DB2 Advisor: An optimizer Smart Enough to Recommend Its Own Indexes. In: Proc. of ICDE (2000)Google Scholar
  18. 18.
    Lunt, T., Fernandez, E.B.: Database Security. ACM SIGMOD Record 19(4) (1990)Google Scholar
  19. 19.
    Rao, J., Zhang, C., Lohman, G., Megiddo, G.: Automating Physical Database Design in a Parallel Database System. In: Proc. of ACM SIGMOD (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Hakan Hacıgümüş
    • 1
  1. 1.IBM Almaden Research CenterUSA

Personalised recommendations