CFP last date
22 April 2024
Reseach Article

A Framework for Constructing a New Model of Web Database Security

by Eslam MohsinHassib, Amany Mahmoud Sarhan, Ahmed Ibrahim Saleh
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 34 - Number 3
Year of Publication: 2011
Authors: Eslam MohsinHassib, Amany Mahmoud Sarhan, Ahmed Ibrahim Saleh
10.5120/4082-5886

Eslam MohsinHassib, Amany Mahmoud Sarhan, Ahmed Ibrahim Saleh . A Framework for Constructing a New Model of Web Database Security. International Journal of Computer Applications. 34, 3 ( November 2011), 41-50. DOI=10.5120/4082-5886

@article{ 10.5120/4082-5886,
author = { Eslam MohsinHassib, Amany Mahmoud Sarhan, Ahmed Ibrahim Saleh },
title = { A Framework for Constructing a New Model of Web Database Security },
journal = { International Journal of Computer Applications },
issue_date = { November 2011 },
volume = { 34 },
number = { 3 },
month = { November },
year = { 2011 },
issn = { 0975-8887 },
pages = { 41-50 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume34/number3/4082-5886/ },
doi = { 10.5120/4082-5886 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:20:10.960071+05:30
%A Eslam MohsinHassib
%A Amany Mahmoud Sarhan
%A Ahmed Ibrahim Saleh
%T A Framework for Constructing a New Model of Web Database Security
%J International Journal of Computer Applications
%@ 0975-8887
%V 34
%N 3
%P 41-50
%D 2011
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Through the last decade, web database security had become a very important issue when designing web database applications. Those applications usually include critical processes such as electronic-commerce web applications that include money transfer via visa or master cards. Security is a critical issue in other web based application such as sites for military weapons companies and national security of countries. The main contribution of this paper is to introduce a new web database security model that includes a combinationof triplesystem ; (i) Host Identity protocol(HIP) in a new authentication method called DSUC (Data Security Unique Code), (ii) a strong filtering rules that detects intruders with high accuracy, and (iii) a real time monitoring system that employs the Uncertainty Degree Model (UDM) using fuzzy sets theory. It was shown that the combination of those three powerful security issues results in very strong security model. Accordingly, the proposed web database security model has the ability to detect and provide a real time prevention of intruder access with high precision. Experimental results have shown that the proposed model introduces satisfactory web database protection levels which reach in some cases to detect and prevent more that 93% of the intruders

References
  1. Michael C. Boeckeler, "Overview of Security Issues Facing Computer Users", GIAC Security Essentials Certification (GSEC), March 17, 2004.
  2. McAfee, "IntruShield Virtualization Delivering Real Benefits ", February 2005.
  3. Jack TIMOFTE, “Wireless Intrusion Prevention Systems”, RevistaInformaticaEconomicănr.3(47)/2008.
  4. Dr. FengminGong ,“ Next Generation Intrusion Detection Systems (IDS)”, March 2002.
  5. B. Meyer, Object Oriented Software Construction, Prentice Hall, Upper Saddle River, NJ, USA, 2nd edition, 2005.
  6. Karen Scarfone, peter Mell, “Guide to Intrusion Detection and Prevention Systems (IDPS)”, (February 2007).
  7. 7ct cert,"Malicious software (Malware):A security Threat to the Internet Economy", OECD Ministerial Meeting on the Future of Internet Economy, Korea ,June 2008.
  8. Peter Stephenson , " investigatingComputer-related Crime A handbook for Corporate investigators ", 2000 by CRC Press.
  9. Ramesh Subramanian," Computer Security, Privacy, and Politics: Current Issues, Challenges, and Solutions",Quinnipiac University, USA, 2008 by IGI Global.
  10. Damon Reed, "Applying the OSI Seven Layer Network Model To Information Security", November 21, 2003.
  11. R. Moskowitz, “Host Identity Protocol Architecture.”RFC 4423 (Proposed Standard), may 2006.
  12. T. Okagawa et al., “Ip packet routing mechanism based on mobility management in aipbasednetwork,” 14th International Conference on IntelligenceinNGN, 2009.
  13. PedryczWitold, Gomide Fernando. "An Introduction to Fuzzy Sets: Analysis and Design", 2008.
  14. 14 P. Nikander, Host Identity Protocol (HIP) Domain NameSystem(DNS)Extensions, 2006.09.
  15. A. Matos, J. Santos, J. Girao, M. Liebsch, andR. Aguiar, “Host Identity Protocol Location PrivacyExtensions.” Internet Draft (Work in Progress),March 2009.
  16. P. Nikander, “End-Host Mobility and Multi-Homing with Host Identity Protocol”, 2006.06.
  17. Madson, C. and R. Glenn, "The Use of HMAC-SHA -1-96 within ESP and AH", RFC 2404, 2008
  18. S. Kent, “IP Encapsulating Security Payload (ESP)”, (RFC 4303), 2005.12.
  19. Sin Yeung Lee, WaiLup Low, Pei Yuen Wong. Learning fingerprints for a database intrusion detection system. ESORICS 2002.
  20. K. Ilgun, R. A. Kemmerer, and P. A. Porras, “State transition analysis: A rule-based intrusion detection approach,” Transactions on SoftwareEngineering, 2005.
  21. Chung C Y,Gertz M, Levitt K. DEMIDS: A Misuse Detection System for Database Systems. In:The Third Annual IFIP 11.5 Working Conf. on Integrity and Internal Control in Information Systems, 2009
  22. L. Garber. \Denial-of-service attacks rip the Internet". IEEE Computer 33(4),12-17 (2000).
  23. Tao Peng, " Defending Against Distributed Denial of Service Attacks", April 2004.
  24. Stefan Axelsson,"Intrusion Detection Systems: A Survey and Taxonomy ",14 March 2000.
  25. 25 stevebauer, davidclark, williamlehr,"understanding broadband speed measurements ", 2008.
  26. j. williampfeiffer," conditions that hinder effective communication ", the pfeiffer library volume 6, 1998.
Index Terms

Computer Science
Information Sciences

Keywords

Host Identity Protocol Denial of service attacks (DOS) The Proposed Hybrid Intrusion Prevision System (HIPS)