Thesis
Volume 3 Issue 1
Sourav Mishra and Vijay K Chaurasiya*
June 06, 2023
DOI : 10.56831/PSEN-02-060
Abstract
Many web applications that rely on centralized databases face vulnerabilities to insider attacks. While these systems implement multiple layers of security measures against external hackers, they may overlook the threat posed by employees who are already within these security layers and have access to privileged information. Users with administrative privileges in the database system can potentially access, modify, or delete data, while also manipulating corresponding log entries to erase any evidence of tampering, making detection nearly impossible. While one approach could involve developing methods to detect and trace such attacks, along with recovering the original data, this report takes a different perspective. Instead of focusing on detection and recovery, we explore a new direction: ensuring that attacks do not occur in the first place. By establishing a system that comprehensively safeguards data integrity, the need for detection, tracing, and recovery can be minimized or eliminated. This report investigates the prevention of insider attacks on databases by utilizing Bluzelle, a NoSQL database that offers decentralized database solutions for decentralized applications.
Keywords: Tampering; Centralized Database Systems; Insider Attack; Detection; Recovery; Integrity; Bluzelle
References