Technique for Evaluating the Security of Relational Databases Based on the Enhanced Clements–Hoffman Model
| Autor: | Maryna Yesina, Vladyslav V. Vilihura, Vitalii I. Yesin, Stanislaw Rajba, Mikolaj Karpinski |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2021 |
| Předmět: |
Technology
security security model security measure security evaluation database QH301-705.5 Computer science Relational database QC1-999 Fuzzy set computer.software_genre Set (abstract data type) Resource (project management) General Materials Science Biology (General) Database security QD1-999 Instrumentation Fluid Flow and Transfer Processes Physics Process Chemistry and Technology General Engineering Computer security model Engineering (General). Civil engineering (General) Object (computer science) Computer Science Applications Chemistry Metric (unit) Data mining TA1-2040 computer |
| Zdroj: | Applied Sciences; Volume 11; Issue 23; Pages: 11175 Applied Sciences, Vol 11, Iss 11175, p 11175 (2021) |
| ISSN: | 2076-3417 |
| DOI: | 10.3390/app112311175 |
| Popis: | Obtaining convincing evidence of database security, as the basic corporate resource, is extremely important. However, in order to verify the conclusions about the degree of security, it must be measured. To solve this challenge, the authors of the paper enhanced the Clements–Hoffman model, determined the integral security metric and, on this basis, developed a technique for evaluating the security of relational databases. The essence of improving the Clements–Hoffmann model is to expand it by including a set of object vulnerabilities. Vulnerability is considered as a separate objectively existing category. This makes it possible to evaluate both the likelihood of an unwanted incident and the database security as a whole more adequately. The technique for evaluating the main components of the security barriers and the database security as a whole, proposed by the authors, is based on the theory of fuzzy sets and risk. As an integral metric of database security, the reciprocal of the total residual risk is used, the constituent components of which are presented in the form of certain linguistic variables. In accordance with the developed technique, the authors presented the results of a quantitative evaluation of the effectiveness of the protection of databases built on the basis of the schema with the universal basis of relations and designed in accordance with the traditional technology of relational databases. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|