Implementing Severity Factor to Mitigate Malicious Insider
Aziah Asmawi1, Lilly Suriani Affendey2, Nur Izura Udzir3, Ramlan Mahmod4

1Aziah Asmawi, University Putra Malaysia.

2Lilly Suriani Affendey, University Putra Malaysia.

3Nur Izura Udzir, University Putra Malaysia.

4Ramlan Mahmod , University Putra Malaysia.

Manuscript received on 04 May 2019 | Revised Manuscript received on 09 May 2019 | Manuscript Published on 13 May 2019 | PP: 319-322 | Volume-8 Issue-7S May 2019 | Retrieval Number: G10570587S19/19©BEIESP

Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open-access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: Nowadays, the use of XML database is expending. XML is designed to store and transport data. A large quantity of information is presented in XML format on the web for easy transportation. Due to the increased use of XML database over the web, the need to protect this database is vital. In a multiuser system, where the information is being shared across users who have different permissions, the need to implement a security model which gives controlled access to the authorized users is very important. XML access control was introduced to suit this purpose. XML access control is a security mechanism which restricts the access of the XML data to authorized users. Many access control models and enforcement mechanisms have been proposed to prevent the unauthorized release of XML data. Who can access which information under what circumstances is implemented based on the access control policies. A database is very significant where it contains sensitive data that have been coordinated and maintained over usually long period of time, which make their loss or damage more costly. Databases used to save the data that have been collected and maintained over usually long period of time were loss of such data will cost more than any other components [1]. The problem of malicious insider is more risky in database systems because it manages precarious data. Many security technologies have been established to prevent threats from outsiders, but they have limited use in mitigating insiders misuse attacks. For instance, cryptography and encryption technique protects information from an outsider attack trying to obtain unauthorized access to it. However, these approaches could not provide an effective countermeasure against malicious insiders who already have authorized access to internal assets. Currently, there are some research techniques on detecting insider misuse attacks but the task of prohibited privileged insiders from internal assets still remains a challenge today. It is essential to tackle security problems in XML databases to decrease the malicious insider threats. One of important factor that we had to consider when we talk about database security is the severity of each transaction. In this research, we propose severity factor to indicate severity value for each bad transaction in order to improve security level in XML database.

Keywords: XML Database, Insider Misuse, Severity, Trust Value, Access Control.
Scope of the Article: Neural Information Processing