The implementation and evaluation of a recovery system for workflows

Journal of Network and Computer Applications

Volumn 32, Issue 1, 2009, Pages 158-183

  Yu, Meng ^a   Liu, Peng ^b   Zang, Wanyu ^a  

^a WESTERN ILLINOIS UNIVERSITY   (United States)

^b PENNSYLVANIA STATE UNIVERSITY   (United States)

Author keywords

Attack recovery; Performance evaluation; Quality of information assurance

Indexed keywords

ACCESS CONTROL; INTRUSION DETECTION; MANAGEMENT; RECOVERY; WORK SIMPLIFICATION;

ARRIVAL RATES; ATTACK RECOVERY; BUSINESS PROCESSING; CONTROL DEPENDENCIES; DATA OBJECTS; DEFENSE MECHANISMS; FUNDAMENTAL THEORIES; INTEGRITY LEVELS; PERFORMANCE EVALUATION; PRACTICAL SOLUTIONS; PROTOTYPE SYSTEMS; QUALITY OF INFORMATION ASSURANCE; RECOVERY ALGORITHMS; RECOVERY SYSTEMS; WORK-FLOW SYSTEMS; WORKFLOW MANAGEMENT SYSTEMS; WORKFLOWS;

QUALITY CONTROL;

EID: 55949102930     PISSN: 10848045     EISSN: 10958592     Source Type: Journal    
DOI: 10.1016/j.jnca.2008.03.007     Document Type: Article

References (46)

1. Ammann P, Jajodia S, McCollum CD, Blaustein BT. Surviving information warfare attacks on databases. In: Proceedings of the IEEE symposium on security and privacy, Oakland, CA, May 1997. p. 164-74.
2. Ammann P., Jajodia S., and Liu P. Recovery from malicious transactions. IEEE Trans Knowledge Data Eng 14 5 (2002) 1167-1185
3. Atluri V, Chun SA, Mazzoleni P. A Chinese wall security model for decentralized workflow systems. In: Proceedings of the 8th ACM conference on computer and communications security. New York: ACM Press; 2001. p. 48-57.
4. Barbara D, Goel R, Jajodia S. Using checksums to detect data corruption. In: Proceedings of the 2000 international conference on extending data base technology, March 2000.
5. Chen Q, Dayal U. Failure handling for transaction hierarchies. In: Gray A, Larson P, editors. Proceedings of the 13th international conference on data engineering. Birmingham, UK: IEEE Computer Society; April 7-11, 1997. p. 245-54.
6. Chiueh T, Pilania D. Design, implementation, and evaluation of a repairable database management system. In: Annual computer security applications conference, 2004. p. 179-88.
7. Chiueh T, Pilania D. Design, implementation, and evaluation of a repairable database management system. In: International conference on data engineering, 2005. p. 1024-35.
8. Denning D.E. An intrusion-detection model. IEEE Trans Software Eng SE-13 (1987) 222-232
9. Eder J, Liebhart W. Workflow recovery. In: Conference on cooperative information systems, 1996. p. 124-34.
10. (Mootaz) Elnozahy E.N., Alvisi L., Wang Y.m., and Johnson D.B. A survey of rollback-recovery protocols in message-passing systems. ACM Comput Surveys 34 3 (2002) 375-408
11. Ganger GR, Khosla PK, Bakkaloglu M, Bigrigg MW, Goodson GR, Oguz S, et al. Survivable storage systems. In: DARPA information survivability conference and exposition, vol. 2. Anaheim, CA: IEEE; June 12-14, 2001. p. 184-95.
12. Graubart R, Schlipper L, McCollum C. Defending database management systems against information warfare attacks. Technical report, The MITRE Corporation; 1996.
13. Helman P., and Liepins G. Statistical foundations of audit trail analysis for the detection of computer misuse. IEEE Trans Software Eng 19 9 (1993) 886-901
14. Jagannathan R, Lunt T. System design document: next generation intrusion detection expert system (nides). Technical report, SRI International, Menlo Park, CA; 1993.
15. Jefferson D.R. Virtual time. ACM Trans Programming Languages Syst 7 3 (1985) 404-425
16. Knight J, Sullivan K, Elder M, Wang C. Survivability architectures: issues and approaches. In: Proceedings of the 2000 DARPA information survivability conference and exposition, CA, June 2000. p. 157-71.
17. Lane T, Brodley CE. Temporal sequence learning and data reduction for anomaly detection. In: Proceedings of the 5th ACM conference on computer and communications security, San Francisco, CA, November 1998.
18. Lee W., and Stolfo S.J. A framework for constructing features and models for intrusion detection systems. ACM Trans Inf Syst Security 3 4 (2000) 227-261
19. Lee W, Stolfo S, Mok K. A data mining framework for building intrusion detection models. In: Proceedings of the 1999 IEEE symposium on security and privacy, Oakland, CA, May 1999.
20. Lin J.-L., and Dunham M.H. A survey of distributed database checkpointing. Distrib Parallel Databases 5 3 (1997) 289-319
21. Lin J.-L., and Dunham M.H. A low-cost checkpointing technique for distributed databases. Distrib Parallel Databases 10 3 (2001) 241-268
22. Lin Y.B., and Lazowska E.D. A study of time warp rollback mechanisms. ACM Trans Modeling Comput Simulations 1 1 (1991) 51-72
23. Liu P. Dais: a real-time data attack isolation system for commercial database applications. In: Proceedings of the 17th annual computer security applications conference, 2001.
24. Liu P, Jajodia S. Multi-phase damage confinement in database systems for intrusion tolerance. In: Proceedings of the 14th IEEE computer security foundations workshop, Nova Scotia, Canada, June 2001.
25. Liu P, Wang Y. The design and implementation of a multiphase database damage confinement system. In: Proceedings of the 2002 IFIP WG 11.3 working conference on data and application security, 2002.
26. Liu P., Ammann P., and Jajodia S. Rewriting histories: recovery from malicious transactions. Distrib Parallel Databases 8 1 (2000) 7-40
27. Liu P., Jajodia S., and McCollum C.D. Intrusion confinement by isolation in information systems. J Comput Security 8 4 (2000) 243-279
28. Luenam P, Liu P. Odar: an on-the-fly damage assessment and repair system for commercial database applications. In: Proceedings of the 2001 IFIP WG 11.3 working conference on database and application security, 2001.
29. Luenam P, Liu P. The design of an adaptive intrusion tolerant database system. In: Proceedings of the IEEE workshop on intrusion tolerant systems, 2002.
30. Lunt T, McCollum C. Intrusion detection and response research at DARPA. Technical report, The MITRE Corporation, McLean, VA; 1998.
31. Lunt T, Tamaru A, Gilham F, Jagannathan R, Jalali C, Javitz HS, et al. A real time intrusion detection expert system (IDES). Technical report, SRI International, Menlo Park, CA; 1992.
32. Lunt T.F. A survey of intrusion detection techniques. Comput Security 12 4 (1993) 405-418
33. McDermott J, Goldschlag D. Towards a model of storage jamming. In: Proceedings of the IEEE computer security foundations workshop, Kenmare, Ireland, June 1996. p. 176-85.
34. Medhi D, Tipper D. Multi-layered network survivability-models, analysis, architecture, framework and implementation: an overview. In: Proceedings of the 2000 DARPA information survivability conference and exposition, CA, June 2000. p. 173-86.
35. Mukherjee B., Heberlein L.T., and Levitt K.N. Network intrusion detection. IEEE Network (1994) 26-41
36. Panda B, Haque KA. Extended data dependency approach: a robust way of rebuilding database. In: SAC '02: proceedings of the 2002 ACM symposium on applied computing. New York, NY, USA: ACM Press; 2002. p. 446-52.
37. Stavridou V. Intrusion tolerant software architectures. In: Proceedings of the 2001 DARPA information survivability conference and exposition, CA, June 2001.
38. Strunk JD, Goodson GR, Scheinholtz ML, Soules CAN, Ganger GR. Self-securing storage: protecting data in compromised systems. In: Operating systems design and implementation. USENIX Association: San Diego, CA; October 23-25, 2000. p. 165-80.
39. Tang J, Hwang S-Y. A scheme to specify and implement ad-hoc recovery in workflow systems. Lecture notes in computer science, vol. 1377. Berlin: Springer; 1998. p. 484-98.
40. Workflow Management Coalition Workflow Standard. Process definition interface-xml process definition language, 2005 〈http://www.wfmc.org/standards/docs/TC-1025_xpdl_2_2005-10-03.pdf〉.
41. Wylie J.J., Bigrigg M.W., Strunk J.D., Ganger G.R., Kiliccote H., and Khosla P.K. Survivable information storage systems. IEEE Comput 33 8 (2000) 61-68
42. Wylie JJ, Bakkaloglu M, Pandurangan V, Bigrigg MW, Oguz S, Tew K, et al. Selecting the right data distribution scheme for a survivable storage system. Technical Report CMU-CS-01-120, Carnegie Mellon University; 2001.
43. Yu M, Liu P, Zang W. Multi-version based attack recovery of workflow. In: The 19th annual computer security applications conference, December 2003. p. 142-51.
44. Yu M, Liu P, Zang W. Self-healing workflow systems under attacks. In: The 24th international conference on distributed computing systems (ICDCS'04), 2004. p. 418-25.
45. Zhou J, Panda B, Hu Y. Succinct and fast accessible data structures for database damage assessment. In: Distributed computing and internet technology, 2004. p. 420-9.
46. Zuo Y, Panda B. Damage discovery in distributed database systems. In: Database security, 2004. p. 111-23.