NotesFAQContact Us
Search Tips
ERIC Number: ED553626
Record Type: Non-Journal
Publication Date: 2013
Pages: 128
Abstractor: As Provided
Reference Count: N/A
ISBN: 978-1-3030-9794-2
An Autonomic Framework for Integrating Security and Quality of Service Support in Databases
Alomari, Firas
ProQuest LLC, Ph.D. Dissertation, George Mason University
The back-end databases of multi-tiered applications are a major data security concern for enterprises. The abundance of these systems and the emergence of new and different threats require multiple and overlapping security mechanisms. Therefore, providing multiple and diverse database intrusion detection and prevention systems (IDPS) is a critical component of the defense-in-depth strategy for DB information systems. At the same time, an e-business application is expected to process requests with a certain service quality to maintain current customers and attract new ones. It would then be advantageous to use the combination of IDPSs that best meets the security and QoS concerns of the system stakeholders for each workload intensity level. Due to the dynamic variability of the workload intensity, it is not feasible for human beings to continuously reconfigure the system. It is therefore important that current systems be built with adaptive capabilities that can--at run time--dynamically respond to changes in it is surroundings. This dissertation presents an autonomic computing approach for a self-protecting and self-optimizing database system environment that captures dynamic and fine-grained tradeoffs between security and QoS. Specifically, the dissertation presents an Integrated Security and Quality of service support in DB (ISQDB) framework that uses a multi-objective utility function. The utility functions considers the performance impact of IDPSs on the overall system under a certain workload, the detection and false detection rates of the IDPSs, and high level stakeholder preferences and constraints. The dissertation starts by describing the general architecture of the controller used in the design of the ISQDB. Then, it describes how a security utility function based on detection rates and a performance utility function based on response time can be developed. The utility is then improved to include false detection rates. The dissertation then presents the design of an autonomic controller that uses combinatorial search techniques and analytic performance models to dynamically search the space of possible system configurations. The dissertation further shows how performance models based on queuing networks are used to estimate the performance of different configurations. Different approximations for fork and join queues were developed to address parallel and concurrent features of the queuing models that support the autonomic controller. The dissertation also shows the viability of the proposed approach in a simulated environment. Then, it describes the implementation and experimental results in an e-commerce system based on the TPC-W benchmark. [The dissertation citations contained here are published with the permission of ProQuest LLC. Further reproduction is prohibited without permission. Copies of dissertations may be obtained by Telephone (800) 1-800-521-0600. Web page:]
ProQuest LLC. 789 East Eisenhower Parkway, P.O. Box 1346, Ann Arbor, MI 48106. Tel: 800-521-0600; Web site:
Publication Type: Dissertations/Theses - Doctoral Dissertations
Education Level: N/A
Audience: N/A
Language: English
Sponsor: N/A
Authoring Institution: N/A