Verity: Blockchains to Detect Insider Attacks in DBMS

by   Shubham S. Srivastava, et al.

Integrity and security of the data in database systems are typically maintained with access control policies and firewalls. However, insider attacks -- where someone with an intimate knowledge of the system and administrative privileges tampers with the data -- pose a unique challenge. Measures like append only logging prove to be insufficient because an attacker with administrative privileges can alter logs and login records to eliminate the trace of attack, thus making insider attacks hard to detect. In this paper, we propose Verity -- first of a kind system to the best of our knowledge. Verity serves as a dataless framework by which any blockchain network can be used to store fixed-length metadata about tuples from any SQL database, without complete migration of the database. Verity uses a formalism for parsing SQL queries and query results to check the respective tuples' integrity using blockchains to detect insider attacks. We have implemented our technique using Hyperledger Fabric, Composer REST API, and SQLite database. Using TPC-H data and SQL queries of varying complexity and types, our experiments demonstrate that any overhead of integrity checking remains constant per tuple in a query's results, and scales linearly.


page 1

page 2

page 3

page 4


πQLB: A Privacy-preserving with Integrity-assuring Query Language for Blockchain

The increase in the adoption of blockchain technology in different appli...

Axiomatic Foundations and Algorithms for Deciding Semantic Equivalences of SQL Queries

Deciding the equivalence of SQL queries is a fundamental problem in data...

Integrity Authentication for SQL Query Evaluation on Outsourced Databases: A Survey

Spurred by the development of cloud computing, there has been considerab...

HyperSec: Visual Analytics for blockchain security monitoring

Today, permissioned blockchains are being adopted by large organizations...

vChain: Enabling Verifiable Boolean Range Queries over Blockchain Databases

Blockchains have recently been under the spotlight due to the boom of cr...

Extended Diffix

A longstanding open problem is that of how to get high quality statistic...

Leveraging Blockchain for Immutable Logging and Querying Across Multiple Sites

Blockchain has emerged as a decentralized and distributed framework that...

Please sign up or login with your details

Forgot password? Click here to reset