mn691 assignment 3 - final report 2
TRANSCRIPT
MN691 Research Methods and Project Design
Database security system for applying sophisticated
access control in organisations
MN691 Research Methods and Project DesignPage 2 of 22
Final Report
Student Names: Arunkumar Radhakrishnan (mit150189)
Sakthi Karthikeyan.L (mit150190)
Abilash reddy (mit150573)
School of IT and Engineering
Trimester 2015
MN691 Research Methods and Project DesignPage 3 of 22
ACKNOWLEDGEMENTWe are thankful to Prof. Dr. Savitri Bevinakoppa for her aspiring guidance,
invaluably constructive criticism and friendly advice throughout the course journey. We take
this opportunity to thank each and everyone for their relentless assistance during times of
difficulties and also on and off contact hours. We are sincerely grateful to you for sharing
your truthful and enlightening views on a number of issues related to the project.
Signature of Students: ARUNKUMAR RADHAKRISHNANSAKTHI KARTHIKEYAN.LABILASH REDDY
MN691 Research Methods and Project DesignPage 4 of 22
Date of Submission of Report: 09.10.2015
MN691 Research Methods and Project DesignPage 5 of 22
Table of Contents
ACKNOWLEDGEMENT............................................................................3ABSTRACT..................................................................................................5INTRODUCTION.........................................................................................5PROBLEM DOMAIN AND RESEARCH QUESTIONS.................................6PROJECT REQUIREMENTS ANALYSIS AND SPECIFICATION.................8SUMMARY OF LITERATURE REVIEW.......................................................8Objectives of the Project...........................................................................15PROJECT PLAN AND PRELIMINARY DESIGN........................................15RESEARCH METHODS TO BE USED FOR THE NEXT STAGE OF THE PROJECT...................................................................................................16Gantt Chart.................................................................................................19CONCLUSION AND LIMITATIONS..........................................................19REFERENCES...........................................................................................20GLOSSARY AND ABBREVIATIONS................................................................21
MN691 Research Methods and Project DesignPage 6 of 22
ABSTRACT
As of late, data leak incidents have happened because of database security
vulnerabilities. The heads in the customary database access control systems stipend basic
authorizations to clients for getting to database objects. Despite the fact that they attempted to
apply more strict consents in late database frameworks, it was hard to legitimately receive
complex access control approaches to business databases because of execution corruptions.
This paper proposes a database security framework including a database firewall server as an
upgraded database access control framework which can effectively uphold complex security
arrangements to give database with secrecy utilizing an information covering method for
various conditions for example, the date, time, SQL string, and table sections to database
frameworks.
INTRODUCTION
Security is one of the key ideas to safeguard the CPS environment and diverse
implanting devices with a specific end goal to have a dependable and secure correspondence
stage. There are numerous security methodologies and routines proposed and executed
internationally keeping in mind the end goal to secure databases. These days all the private
and sensitive information are being stored in databases and almost every organization have an
increasing growth of using the same. Since this information is highly important and cost
excess amount of money, there is a growth of illegal access of information. There are various
methods that can be used such as Access control methods and data encryption. But these
methods also have many significant problems like database performance and confidentiality.
Hence security is one of the key ideas to safeguard the CPS (Cyber physical systems)
environment and diverse implanting devices with a specific end goal to have a dependable
and secure correspondence stage. There are numerous security methodologies and routines
proposed and executed internationally keeping in mind the end goal to secure databases. Until
now, all the efforts to establish safety have inclined to servers or systems while customers or
system endpoints have missed the indulged security concerns generally. Utilizing secure
equipment as a premise for trusted processing gives a level of significance since equipment
based security is mooted hard to trade off than customary methodologies. Therefore this trust-
based system enhances the certainty of secure entities joining the CPS framework
MN691 Research Methods and Project DesignPage 7 of 22
furthermore assembles connections among elements, along these lines expanding the security
shielding the shaped databases from outside dangers and attacks.
Here section 1 gives the review of the topic written. Section 2 gives a detailed
description of the problem domain and research questions. Section 3 provides the Project
requirements and Specifications. 3.1 provides the summary of the literature reviews .Section
4 is the Project plan & design. Section 5 is about project scheduling and Gantt chart. Section
6 is the conclusion and followed by section 7 are references.
PROBLEM DOMAIN AND RESEARCH QUESTIONS
The following discusses about the problems that the paper
encountered and the solutions that were derived from referring various other relative papers.
The solutions achieved may either be qualitative or quantitative based on their surveys.
How did we fix the performance reduction of data encryption and decryption time?
In the previous existing systems and oracle databases they have
the data encryption internally, in the new proposed system we made the data masking to work
independently. Therefore there is no reduction in performance. It is Qualitative.
How the confidentiality of the data is improved in proposed model?
The confidentiality of the data acts as a main feature for the
database security. Any way the database security is not significant. It may come up with new
challenges in the future, so we have fixed the present issues in the databases. The proposed
method fixes the problem of data packets that are sniffed while transmission. The data can be
hidden by using data masking so data masking is the new technique that we can implement to
secure the data while transmission. Hence the sensitive data are secured, even if one packet is
sniffed. Hence it is considered quantitative.
What did we improve with integrated management of database policy?
In terms of coordinated administration of a heterogeneous database approach, in
the previous technique, consent conflict issue can happen between different databases in
developing consent award structure. Additionally, incorporated approach can't be connected
MN691 Research Methods and Project DesignPage 8 of 22
since it is given by every database. In the proposed strategy, autonomous information
executions are conceivable on the grounds that information is worked before databases
specifically. Through this physical component, the expansion of consent structure in
incorporated administration can be conceivable. The following proposal is Qualitative.
Research Goal: Secrecy of information itself.
Viable inquiry and answer for access control.
Incorporated administration of heterogeneous database strategy.
Detailed access control as indicated by the differing access necessities.
Information handling which has the capacity do the indexing.
List of items Previously existing Oracle DBS Proposed model
Performance
reduction
Yes yes No-more
Delay of time Yes No-More No-more
Confidentiality No Yes Yes
Integrated
Management
NO Yes Yes
Specific column
result
Yes Yes Yes
SQL query No Yes Yes
Data indexing Yes Yes Yes
Table 1
The above table 1 explains about the improvements made in the proposed model.
The performance reduction is existing in previous model. In the proposed model there are no
more performance issues.
The delay time is reduced in the proposed model. Confidentiality is high in the proposed
model.
MN691 Research Methods and Project DesignPage 9 of 22
PROJECT REQUIREMENTS ANALYSIS AND SPECIFICATION
The paper is one of the recently published which describes about the modern security
threats that happen within an organization due to lack of security implementations, it also
describes about various strategies that secure the same. To all of the previously mentioned,
network security has always been a wide area to cover that has a vast opportunity for
individuals to specialize in.
Project requirements (hardware, Software, Etc):
1. oracle database “SQL”
2. The client machine should have to support windows 2000 & Unix
3. C++ is used for development the specifications.
4. Filter kit 2000 is to be used.
5. We also use group polices
6. Windows server 2000.
Resolve the information privacy issue of the existing database security framework,
and existing data can resolve framework overhead issue. Also, this data can cover time
postponement, proficiency, and incorporated administration issues, and can fulfil the
requirements of the information client. Furthermore, this paper applies the proposed system
to a strategy for information concealing; keeping in mind the end goal to ensure information
in and makes the information indexing conceivable.
SUMMARY OF LITERATURE REVIEW
This section gives ideas and other key elements gathered from other authors from
their work over the same topic. It also features new innovations that are possible to achieve
though the progress of this project. This area ought to contain highlights from the writing
audit segment, especially focuses and thoughts that this paper is to produce.
The paper [1] on “Internet of things” is commonly known as the intelligent way of
communication made by the network devices. Due to that reason there are many cyber
security vulnerabilities in them. Let us discuss about a few of them now.
MN691 Research Methods and Project DesignPage 10 of 22
The type of ubiquitous computing system of spontaneous interaction between digital
devices, bring convenience and risks that impact the society. Scientists say that it is good to
study about the risks that this system will cause before they are built and deployed. The
security the security of the devices are further classified in to three main classes 1
1. Integrity
2. Confidentiality
3. Availability
PDA is a kind of gadget which can control all your other devices. [1] we can say that
it is a centralized remote access. So by using a PDA we can get rid of all the other remote
controls like TV, STERIO, DVD, VCR, CENTRAL HEATING & AIR CONDITIONING.
So instead of having single remote for each and every devices all these devices are controlled
by one single gadget called PDA. To get it working all we need to do is establishing an
association between PDA and the device. The security issues with PDA are, these devices are
not supposed to be controlled by other people and replacing a broken PDA without losing the
control of all your appliances. [2]
How to solve the security issues with the resurrecting duckling security policy model.
The devices that are to be connected to PDA are assumed as slaves (Duckling) and the PDA
is the master (Mother Duck).
The 4 principles of the resurrection duckling are:
1. IMPRINTABLE: In this stage any one can take the connection of duckling.
2. IMPRINTED: In this stage the duckling obeys only to the Mother Duck.
3. IMPRINTING: The transition from imprint able to imprinted happens when the mother
duck sends the imprinting key to the duckling. This is done where the confidentiality and the
integrity is protected.
4. DEATH: The transition back from imprinted to imprint able is known as the death and this
can only be initiated by an order from the mother duck. The denial of service attacks are
resolved by this implementation. To tackle the new arising problems with the communication
and transmission. The new duckling policy model is been established. The security for the
authentication issues are well sorted.
Problem formulation:
The mother duck is the main person that have the privileges to change the policy of
the device. So we have two master long term and everyone have privileges which is
MN691 Research Methods and Project DesignPage 11 of 22
vulnerable. This can be closely held against the denial-of service attack by malicious people.
So the factor of security is less. [1]To provide high grade tamper resistance which can
significantly prevent attacker to modify settings, but it’s expensive[2]. To understand the
problem identification that technical mechanisms such as key-certification are too hard for
normal mortals to understand. The problem formulation for this type of ubiquitous computing
differs with various number of interesting ways from protection issues to distributed systems.
To tackle all this problem the author have proposed a new method called resurrecting
duckling policy.
Solution:
From the above justifications and the new approach methods the resurrection duckling
gives a great answers for the security of the systems. And how to secure this systems from the
attackers.
A. Denial of service of attacks Duckling policy.
B. Security of duckling policy issues.
Since it wasn’t practically experimented in a group of people. And it speaks about the
quality measures of security so I think this paper can be termed as a qualitative or analytical
research. This paper discuss more about the vulnerabilities of security issues and how the
duckling policy have overcome with that. This is experimented and implemented, there
would be future work on this section as well.
This paper [3] mainly focuses on how “Dutch government on cyber security strategy”
to reduce the cyber security threat, by building a partnerships between public and private
organizations. The author explains that this approach builds the trust building and
participation of common goals. This model was developed on the basis of study been made
from two decades. Firstly to distinguish the conceivable dangers that an association can
experience, then plan a particular examination model which will then organize the inputs and
after that furnish with arrangements that will help in alleviating the dangers.
Problem formulation
Any digital assault can hurt a relationship in any number of courses, stretching out
from minor damages to a site to shutting down focus frameworks and taking authorized
MN691 Research Methods and Project DesignPage 12 of 22
property. Consequently affiliations should execute critical, risk based understanding
structures remembering the final objective to opportune distinguish misrepresentation
exercises. The paper is generally common sense based which adjusts a substantial bit of the
current issues from the past investigation and courses of action that were made, by all plans
what's more, purposes realizes the probable game plans that are proposed here. It is test or
execution based where everything was inferred and actualized for the vital exercises, future
work will likewise be done from this paper considering their investigation.[4] This paper was
proposed as a consequence of investigating past cybercrime hones, following more current
dangers are rising regular the time has come to change the practices. It principally
concentrates on planning successful security frameworks that will anticipate interruptions.
Solution:
Along these lines helping in overseeing and securing the association's system
administrations. In addition this paper concentrates on the centre danger zones to which an
association is helpless and from which an investigation model is made which accumulates
the information, assesses them lastly gives a legitimate answer for the same. It is empirical or
quantitative and the Research is quantitative. The paper is generally research based which
adapts the vast majority of the momentum issues from the past examination and arrangements
that were made, it doesn't for all intents and purposes actualize the conceivable arrangements
that are proposed here. It is hypothesis based and future work can be done from this paper
taking into account their examination.
This paper[4] ‘Managing Information Technology Security in the Context of Cyber
Crime Trends’ was proposed as a result of analysing previous cybercrime practices, since
newer risks are emerging everyday it is time to change the practices. It mainly focuses on
designing effective security systems that will prevent intrusions, thus aiding in managing and
securing the organization’s network services. Moreover this paper focuses on the core risk
areas to which an organization is vulnerable and from which an analysis model is made
which gathers the input data, evaluates them and finally provides a valid solution to the same.
Problem formulation:
MN691 Research Methods and Project DesignPage 13 of 22
This paper highlights the significance of planning viable security procedures and
proactively tending to cybercrime issues as key components and to expand awareness efforts
and to highlight the critical significance of utilizing the full degree of resources provided.
Solution:
Entities are in charge of actualizing and keeping up a coordinated methodology
between its representatives, operational procedure, and innovation assets executed with a
specific end goal to finish effective risk administration techniques. Assets must be dispensed
to accumulate and process digital risk analysis data, informing the outcomes and
characterizing alarms for better security controls furthermore, measures to be taken by the
operational units. Complex cyber risk analysis procedures are repeatable, unmistakably
characterized, all around recorded, also, adjusted to an association’s bigger IT hazard
administration.
This paper [5] “Securing database as a service” The heads in the traditional database
access control frameworks award clear agrees to customers for getting to database objects. In
spite of the way that they endeavoured to apply more strict approvals in late database
systems, it was difficult to grasp propelled access control ways to deal with business
databases due to execution corruptions. This paper proposes a database security structure
including a database firewall server as an enhanced database access control system which can
beneficially approve refined security ways to deal with give database with classifieds using a
data veiling framework for different conditions for instance, the date, time, SQL string,
furthermore, table fragments to database structures. A couple of studies are in no time being
directed to control access to and supervise data for database security. The strategies for
database security can be divided into two areas, access control/review frameworks and data
encryption routines. Access control/review frameworks pay exceptional personality to
enter/yield course of the database, and data encryption schedules deal with the encoded
information in the database.[6] There are bundle of breaking down technique is utilized, a
nitty gritty access control is conceivable which is in light of a reference screen model. The
proposed model controls the client's entrance inside and out what's more, henceforth
diminishing the interim taken to apply arrangements and along these lines making it secure.
Also future exploration work will be completed to give much more solid access control and
that can be connected to all databases independent of the kind.
MN691 Research Methods and Project DesignPage 14 of 22
Problem formulation
As indicated by paper [1], Present studies which use access control schedules, nitty
gritty furthermore, distinctive access necessities can't be suited, it is hard to change these
necessities when a customer's security necessities change every now and again. From paper
[2], Usage of the encryption module is exceptionally constraining, the reason being its
productivity is declining. From paper [3], Lately research on security structures for diverse
sizes of data social affairs focused on a couple of necessities related to data size. In any case,
it couldn't promise data mystery in databases. Likewise, in describing data groups, overhead
could happen, besides, including the methodology could in like manner bring around a
diminishing of execution viability and duplication of the methodology. Too, consolidated
organization would not be practical for diverse databases. The proposed security system uses
the confirmation procedure to keep the change of the entrance to customer information to the
database and exchanges the encoded SQL acceptance code between CAA likewise, DFS to
ensure the uprightness of the asked for SQL from the client. Besides, it lessens the
obstruction of SQL period owing to the entrance control game plan by each area and executes
the data veiling methodology for data access as showed by the assent. Thus, the
confirmations of this paper are according to the following:
Solution:
1. Security for data and reasonable data handling.
2. Intense Query and Answer execution for access control.
3. Coordinated organization for heterogeneous database approaches.
4. Point by point access control according to diverse access conditions.
5. List capable data handling. Identify whether: analytical or empirical or qualitative or
quantitative. It is empirical or quantitative. The Research is quantitative. The paper is
generally common sense based which adjusts a substantial bit of the current issues from the
past investigation and courses of action that were made, it by all plans what's more, purposes
realizes the probable game plans that are proposed here. It is test or execution based where
everything was inferred and actualized for the vital exercises, future work will likewise be
done from this paper considering their investigation.
Project title: Securing Database as a service: Issues and compromises
MN691 Research Methods and Project DesignPage 15 of 22
Project Scope:
1. Analysing threats from the researches done previously
2. Comparison and evaluation
3. Design a secured data base.
4. Expansion for further research.
Problem statement
In the present studies which use access control schedules, furthermore, distinctive
access necessities can't be suited, it is hard to change these necessities when a customer's
security necessities change every now and then. We have to have a chance of breaking down
the convention down in more detail for the solid access.
Objectives:
1. Information security of the data itself
2. The certifications of this paper are according to the accompanying:
3. Feasible request and answer for access control.
4. Joined organization of heterogeneous database methodology.
5. Point by point access control as showed by the contrasting access necessities.
6. Data taking care of which has the limit do the indexing
Current State of Research:
The paper gives a comprehensive look into Scyther as an analysis tool for verification
of security protocols. It advocates for its performance mainly due to advanced features not
available to its predecessors. The relevance for such a tool is understood by looking at the
way the internet operates. It is known that communication occurs over predefined protocols
and new protocols are developed as applications are created. Hence, the driving force for
developing a protocol is inherently dependant on the application for which it is written. To
ensure secure communications, the protocols need to have a mechanism to ensure it has
adequate security measures incorporated in it. According to the paper, Scythe helps in
verifying the security mechanisms and possible vulnerabilities in the protocol though the
execution of its algorithm.
List of open and current problems:
MN691 Research Methods and Project DesignPage 16 of 22
The existing protocol verification tools predominantly use command line interfaces to
carry out the verification and analysis. Scyther, on the other hand, provides a graphical user
interface which aids in detailed analysis with pictorial representation. With respect to other
protocol verification tools, the paper claims that Scyther outperforms the other in terms of
performance. Scyther has capabilities for multi-protocol analysis, where a protocol that
contains additional sub protocols are analysed simultaneously with the main protocol. The
paper provides a brief description of three capabilities possessed by Scyther namely,
verification of claims, automatic claims and the characterization of the protocol under
assessment. Although the paper suggests the superiority of the algorithm and mechanisms
used in Scyther, the paper is strictly applied in teaching and research scenarios and more
work is to be done on obtaining a working model to be used on real time applications for
threat detection and mitigation.
Objectives of the Project
This section is very specific to your project. It is where you now undertake detailed
and further research on the theory surrounding your project and also proper and focused
research on what to do and how to do it. You may even propose a theory of your own here.
The objectives of the project are analysing threats from the researches done previously
Comparison and evaluation, to design a secure database that extends for further research.
Specific objectives of the project are:
1. Classification for information and powerful information handling.
2. Successful Query and Answer execution for access control.
3. Incorporated administration for heterogeneous database strategies.
4. Definite access control as indicated by differing access prerequisites.
5. Index able information handling.
PROJECT PLAN AND PRELIMINARY DESIGN
MN691 Research Methods and Project DesignPage 17 of 22
This section showcases the design of the project, documentation
that were carried out, equations made, methods followed in a block diagram.
In the above diagram the database fire wall server is placed in-
front of Database farm. The client authentication agent bypasses TCP and IP to read the data.
And hence the textual code is generated from the message. The DFS analyses the traffic
entering in to the database farm. By using the packet analyser the packets are further
examined like Ethernet frame header, TCP header, IP . The ACRP used to separate the
permissions in the database farm.so the system analyse the data and the request to the desired
database. The server can speak with customer system through two sorts of strategy; access for
outside client through system convention, for example, TCP/IP and access for inside client by
means of BEQ (Bequeath convention). Be that as it may, in this paper, we concentrate on the
TCP/IP for outside client. The checked bundle substance are examined by utilizing Ethereal
at the point when inquiries are asked. The broke down result depends on 100 example
information and in the event of answer parcels, on `SELECT' explanations which have
segment data as SQL data results.
RESEARCH METHODS TO BE USED FOR THE NEXT STAGE OF THE PROJECT
Group of Data bases
Packet analyser
Data Masker
Client&CAA
Query Analyzer Access Control Policy Repository
MN691 Research Methods and Project DesignPage 18 of 22
Compose how are you going to This section actualizes the
project’s outline in regards to the strategy followed, configuration of examination,
information gathering system, information investigation technique and so forth. Also shows
the distinct options for the investigative model outline.
In this execution for the database piece environment, `Oracle',
which is a business DBMS, is utilized, and we can get to the Oracle database by utilizing
SQL*Plus Windows 2000 and Oracle Client Release 9.x adaptation are utilized for the
customer and DFS. What's more, UNIX and Oracle9i Enterprise Edition Release 9.x are
utilized for the ACPR and item database of control, and Windows 2000 and Visual C++ 6.0
are utilized for the improvement synthesis environment. To contrast customer augments, the
Oracle server applies gets the chance to accord to the two separate cases, which gets to an
outer client utilizing TCP/IP in addition, gets to of an inside client utilizing BEQ. This
paper concentrates on TCP/IP essentially as the gets to of an outer client in databases. This
proposed structure utilizes a camouflaging system by bit unit to ensure information from
unapproved clients as appeared by the aftereffect of a solicitation in a bundle between a
customer and server. This strategy first investigates packs of a request got from the database
server and picks whether the information containing them should be hidden. In the event
that it should be concealed, it changes the first character into a `*' check and interchange
characters into a `NULL' string. This is not the same as the `data encryption' system. By
ideals of information encryption, blended information can be longer than stand-out
information as indicated by the encryption tally. This proposes that substance and length of
the
Database Security System 1203 sorted out convention is changed
in the Oracle database server. By then, the DFS ought to recover partitions to relate to the
Oracle custom. Besides, pay-load length data in the TCP header ought to be changed. Along
these lines, the proposed structure utilizes the value of framework which is all the more
extraordinary to the degree expense, and it is comparatively more real with the last target of
camouflaging information area values from unauthorized clients essentially. And the
justification is empirical.
MN691 Research Methods and Project DesignPage 19 of 22
The next stage of the project progresses every week as follows:
Week Task
1 Data collection and requirement analysis
2 Designing the database firewall server
3 Create domains, group policies and
configure servers
4 Write the coding
5 Check for coding errors/ Debug
6 Project implementation
7 Project implementation
8 Troubleshoot
9 Hardware implementation
10 Collecting results and further analysis
11 Demonstrate
12 Report writing
MN691 Research Methods and Project DesignPage 20 of 22
Gantt Chart
CONCLUSION AND LIMITATIONS
Late research on security frameworks for different sizes of information gatherings
concentrated on a few necessities identified with information size. Nonetheless, it couldn't
guarantee information secrecy in databases. Also, in characterizing information bunches,
overhead could happen, furthermore, including the strategy could likewise bring about a
lessening of execution effectiveness and duplication of the strategy. Also, incorporated
administration would not be feasible for different databases. Hence this database firewall
server was developed to address the issues by providing discretion, performance proficiency
and integrated administration for imposing security guidelines. The proposed security
framework utilizes the verification technique to keep the modification of the access to client
data to the database and trades the encrypted SQL validation code between CAA also, DFS to
guarantee the integrity of the requested SQL from the customer. Furthermore, it diminishes
the hindrance of SQL period attributable to the access control arrangement by every section
and executes the information veiling procedure for information access as indicated by the
consent. Along these, the influences of this paper are as per the following:
1. Privacy for information and viable information processing.
2. Powerful Query and Answer execution for access control.
3. Integrated administration for heterogeneous database approaches.
MN691 Research Methods and Project DesignPage 21 of 22
4. Point by point access control as per different access conditions.
5. Index able information processing.
To start with, the projected framework can safeguard the information and make a
record by utilizing a masking system simultaneously. Likewise, client can deal with an ideal
opportunity to get to databases and get the information with this information masking system.
Here we have utilized packet monitoring which provides greater access control at the packet
stage. Furthermore, every one of these procedures depend on the reference screen model.
Along these lines, we composed and actualized that this proposed framework can screen
whole access to the databases to deal with the varied databases, that may have diverse
policies, successfully and without any modification. Hence, the proposed framework can
control the client access in point of interest. The information masking module and veiling
information choice module is executed independently. Along these, it can lessen the time
deferral to allot policies including the reformed policies progressively. Besides, our
framework can shield the information from the assault brought on by unclear access on the
grounds that it can deal with all solicitations from client requests to databases via the
reference screen.
In future a standardized policy is to be developed that can be implemented in any kind of
database. When a database management demand increases, effective methods must be studied
and implemented. Further analysis are to be made for stronger access control.
REFERENCES
[1] C. H. O. Eun-Ae, Chang-Joo MOON, Dae-Ha PARK and Y. I. M. Kang-Bin, "Database
Security System for Applying Sophisticated Access Control Via Database Firewall
Server." Computing & Informatics, vol. 32, pp. 1192-1211, 12, 2013.
[2] S. ALI, R. W. ANWAR and O. K. HUSSAIN, "Cyber Security for Cyber Physical
Systems: a Trust-Based Approach," Journal of Theoretical & Applied Information
Technology, vol. 71, pp. 144-152, 01/20, 2015.
[3] F. Xia, A. Vinel, R. Gao,L. Wang and T. Qiu, “Evaluating IEEE 802.15.4 for Cyber-
Physical Systems”, EURASIP Journal on Wireless Communications and Networking, 24 Dec
2013.
MN691 Research Methods and Project DesignPage 22 of 22
[4] H. Giese, B. Rumpe, B. Schatz and J. Sztipanovits , “Science and Engineering of Cyber-
Physical Systems”, Dagsthul Reports ( 1/ 11), pp 1-22, 2011.
[5] S. Jajodia, P. Liu, V. Swarup, & C. Wang, “Cyber situational awareness” (Vol. 14). New
York, NY: Springer. 2010.
[6] D. Neghina and E. Scarlat, "Managing Information Technology Security in the Context of Cyber Crime Trends," International Journal of Computers, Communications & Control, vol. 8, pp. 97-104, 02, 2013.[7] H.LEE, G.LEE, S. M.NAM, T. Y.: “Database Encryption Technology and Current
Product Trend.” Electronics and Telecommunications Trend Analysis, Vol. 22, 2007, No. 1,
pp. 105-113.
[8] S.KIM, G.NAM, W.KIM, S. G.: “Filtering Unauthorized SQL Query by Uniting DB
Application Firewall with Web Application Firewall.” Proceedings of the Korea Institutes of
Information Security and Cryptology Conference 2003, pp. 686-690.
[9] S. PEAESON, A. BENAMEUR, “Privacy, Security and Trust Issues Arising from Cloud
Computing”, In Proceedings of 2nd IEEE International Conference on Cloud Computing
Technology and Science, Nov. 30 2010-Dec. 3 2010 , pp. 693-702.
[10] JEONG, M.A.KIM, J.J.WON, Y. G.: “A Flexible Database Security System Using
Multiple Access Control Policies”. LNCS No. 2736, 2003, pp. 876-885.
[11] T. Shimeall, P. Williams. (2000, June). Models of Information Security Trend Analysis
[Online].Available:http://citeseerx.ist.psu.edu/viewdoc/download?
doi=10.1.1.11.8034&rep=rep1&type=pdf
GLOSSARY AND ABBREVIATIONSTCP: Transmission Control Protocol
PDA: Personal Digital Assistance
IP: Internet Protocol
DFS: Database Firewall Server
DBMS: Data Base Management System
CPS: Cyber Physical Systems
CAA: Client Authentication Agent