{"title":"自保护自优化数据库系统:实现与实验评价","authors":"Firas B. Alomari, D. Menascé","doi":"10.1145/2494621.2494631","DOIUrl":null,"url":null,"abstract":"The ubiquity of database systems and the emergence of new and different threats require multiple and overlapping security mechanisms. Providing multiple and diverse database intrusion detection and prevention systems (IDPS) is a critical component of the defense-in-depth strategy for DB information systems. However, providing this level of security can greatly impact a system's QoS requirements. It would then be advantageous to use the combination of IDPSs that best meets the security and QoS concerns of the system stakeholders for each workload intensity level. Due to the dynamic variability of the workload intensity, it is not feasible for human beings to continuously reconfigure the system. We offer an autonomic computing approach for a self-protecting and self-optimizing database system environment that captures dynamic and fine-grained tradeoffs between security and QoS. The approach uses a multi-objective utility function that considers security overhead, perceived risk level, and high level stakeholder objectives. We describe the implementation of an autonomic controller that uses combinatorial search techniques and queuing network models to dynamically search for a near-optimal security configuration. We validate our approach experimentally on a TPC-W e-commerce site and show that our approach balances QoS and security goals.","PeriodicalId":190559,"journal":{"name":"ACM Cloud and Autonomic Computing Conference","volume":"51 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Self-protecting and self-optimizing database systems: implementation and experimental evaluation\",\"authors\":\"Firas B. Alomari, D. Menascé\",\"doi\":\"10.1145/2494621.2494631\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The ubiquity of database systems and the emergence of new and different threats require multiple and overlapping security mechanisms. Providing multiple and diverse database intrusion detection and prevention systems (IDPS) is a critical component of the defense-in-depth strategy for DB information systems. However, providing this level of security can greatly impact a system's QoS requirements. It would then be advantageous to use the combination of IDPSs that best meets the security and QoS concerns of the system stakeholders for each workload intensity level. Due to the dynamic variability of the workload intensity, it is not feasible for human beings to continuously reconfigure the system. We offer an autonomic computing approach for a self-protecting and self-optimizing database system environment that captures dynamic and fine-grained tradeoffs between security and QoS. The approach uses a multi-objective utility function that considers security overhead, perceived risk level, and high level stakeholder objectives. We describe the implementation of an autonomic controller that uses combinatorial search techniques and queuing network models to dynamically search for a near-optimal security configuration. We validate our approach experimentally on a TPC-W e-commerce site and show that our approach balances QoS and security goals.\",\"PeriodicalId\":190559,\"journal\":{\"name\":\"ACM Cloud and Autonomic Computing Conference\",\"volume\":\"51 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-08-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Cloud and Autonomic Computing Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2494621.2494631\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Cloud and Autonomic Computing Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2494621.2494631","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Self-protecting and self-optimizing database systems: implementation and experimental evaluation
The ubiquity of database systems and the emergence of new and different threats require multiple and overlapping security mechanisms. Providing multiple and diverse database intrusion detection and prevention systems (IDPS) is a critical component of the defense-in-depth strategy for DB information systems. However, providing this level of security can greatly impact a system's QoS requirements. It would then be advantageous to use the combination of IDPSs that best meets the security and QoS concerns of the system stakeholders for each workload intensity level. Due to the dynamic variability of the workload intensity, it is not feasible for human beings to continuously reconfigure the system. We offer an autonomic computing approach for a self-protecting and self-optimizing database system environment that captures dynamic and fine-grained tradeoffs between security and QoS. The approach uses a multi-objective utility function that considers security overhead, perceived risk level, and high level stakeholder objectives. We describe the implementation of an autonomic controller that uses combinatorial search techniques and queuing network models to dynamically search for a near-optimal security configuration. We validate our approach experimentally on a TPC-W e-commerce site and show that our approach balances QoS and security goals.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
