Security

Showing results in 'Publications'. Show all posts
Rani S, Koshley DK, Halder R.  2016.  A Watermarking Framework for Outsourced and Distributed Relational Databases. In Proceedings of the 3rd International Conference on Future Data and Security Engineering (FDSE 2016). Springer LNCS 10018 Abstract19.pdf

Unlike centralized databases, watermarking of distributed databases faces serious challenges for various reasons, e.g. (i) Distribution of data (ii) Existence of replication (iii) Preservation of watermarks while partitioning and distributing databases, etc. In this paper, we propose a novel watermarking technique for distributed relational databases considering a generic scenario that supports database outsourcing and hybrid partitioning. Our approach addresses the above challenges in an effective way by maintaining metadata and by making the detection phase partition independent. To the best of our knowledge, this is the first proposal on watermarking of distributed relational databases that supports database outsourcing and its partitioning and distribution in a distributed setting.

Jana A, Halder R.  2016.  Defining Abstract Semantics for Static Dependence Analysis of Relational Database Applications. In Proceedings of the 12th International Conference on Information Systems Security (ICISS 2016). Springer LNCS Abstract18.pdf

Dependence Graph provides the basis for powerful programming tools to address a large number of software engineering activities including security analysis. This paper proposes a semantics-based static dependence analysis framework for relational database applications based on the Abstract Interpretation theory. As database attributes di ffer from traditional imperative language variables, we define abstract semantics of database applications in relational abstract domain. This allows to identify statically various parts of database information (in abstract form) possibly used or defined by database statements, leading to a more precise dependence analysis. This way the semantics-based dependence computation improves w.r.t. its syntax-based counterpart. We prove the soundness of our proposed approach which guarantees that non-overlapping of the defined-part by one statement and the used-part by another statement in abstract domain always indicates a non-dependency in practice. Furthermore the abstract semantics as a basis of the proposed framework makes it more powerful to solve undecidable scenario when initial database state is completely unknown.