Abstract
Even though self-healing techniques for transactional processes have attracted enough attention in recent years, several critical issues regarding the distributed systems have not been addressed. For example, if we do the recovery under sustained attacks, in which condition the recovery can terminate? Is a synchronized clock necessary for distributed recovery? In this paper, we proposed a dead-lock free algorithm for coordinated recovery and answered related questions. We also proved that under specific situations, we have to freeze the recovery scheme to guarantee that the recovery can make progress.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ammann, P., Jajodia, S., Liu, P.: Recovery from malicious transactions. IEEE Transaction on Knowledge and Data Engineering 14(5), 1167–1185 (2002)
Atluri, V., Chun, S.A., Mazzoleni, P.: A chinese wall security model for decentralized workflow systems. In: Proceedings of the 8th ACM conference on Computer and Communications Security, pp. 48–57. ACM Press, New York (2001)
Chen, Q., Dayal, U.: Failure handling for transaction hierarchies. In: Gray, A., Larson, P. (eds.) Proceedings of the Thirteenth International Conference on Data Engineering, Birmingham U.K, April 7-11, pp. 245–254. IEEE Computer Society Press, Los Alamitos (1997)
Chung, C.Y., Gertz, M., Levitt, K.: Demids: A misuse detection system for database systems. In: 14th IFIP WG11.3 Working Conference on Database and Application Security (2000)
Denning, D.E.: An intrusion-detection model. IEEE Trans. on Software Engineering SE-13, 222–232 (1987)
Eder, J., Liebhart, W.: Workflow recovery. In: Conference on Cooperative Information Systems, pp. 124–134 (1996)
Elnozahy, E.N., Alvisi, L., Wang, Y.-m., Johnson, D.B.: A survey of rollback-recovery protocols in message-passing systems. ACM Computing Surveys 34(3), 375–408 (2002)
Garvey, T.D., Lunt, T.F.: Model-based intrusion detection. In: The 14th National Computer Security Conference, Baltimore, MD (October 1991)
Helman, P., Liepins, G.: Statistical foundations of audit trail analysis for the detection of computer misuse. IEEE Trans. on Software Engineering 19(9), 886–901 (1993)
Ilgun, K.: Ustat: A real-time intrusion detection system for unix. In: The IEEE Symposium on Security and Privacy, Oakland, CA (May 1993)
Jagannathan, R., Lunt, T.: System design document: Next generation intrusion detection expert system (nides). Technical report, SRI International, Menlo Park, California (1993)
Javitz, H.S., Valdes, A.: The sri ides statistical anomaly detector. In: Proceedings IEEE Computer Society Symposium on Security and Privacy, Oakland, CA (May 1991)
Jefferson, D.R.: Virtual time. ACM Transaction on Programming Languages and Systems 7(3), 404–425 (1985)
Kruegel, C., Vigna, G.: Anomaly detection of web-based attacks. In: CCS 2003, Washington, DC, USA, October 27-31, pp. 251–261 (2003)
Lane, T., Brodley, C.E.: Temporal sequence learning and data reduction for anomaly detection. In: 5th ACM Conference on Computer and Communications Security, San Francisco, CA (November 1998)
Lee, W., Xiang, D.: Information-theoretic measures for anomaly detection. In: 2001 IEEE Symposium on Security and Privacy, Oakland, CA (May 2001)
Lee, W., Stolfo, S., Mok, K.: A data mining framework for building intrusion detection models. In: 1999 IEEE Symposium on Security and Privacy, Oakland, CA (May 1999)
Lee, W., Stolfo, S.J.: A framework for constructing features and models for intrusion detection systems. ACM Transactions on Information and System Security 3(4), 227–261 (2000)
Lin, J.-L., Dunham, M.H.: A survey of distributed database checkpointing. Distributed and Parallel Databases 5(3), 289–319 (1997)
Lin, J.-L., Dunham, M.H.: A low-cost checkpointing technique for distributed databases. Distributed and Parallel Databases 10(3), 241–268 (2001)
Lin, Y.-b., Lazowska, E.D.: A study of time warp rollback machanisms. ACM Transactions on Modeling and Computer Simulations 1(1), 51–72 (1991)
Liu, P.: Dais: A real-time data attack isolation system for commercial database applications. In: The 17th Annual Computer Security Applications Conference (2001)
Liu, P., Ammann, P., Jajodia, S.: Rewriting histories: Recovery from malicious transactions. Distributed and Parallel Databases 8(1), 7–40 (2000)
Liu, P., Jajodia, S.: Multi-phase damage confinement in database systems for intrusion tolerance. In: Proc. 14th IEEE Computer Security Foundations Workshop, Nova Scotia, Canada, June 2001, pp. 191–205 (2001)
Liu, P., Jajodia, S., McCollum, C.D.: Intrusion confinement by isolation in information systems. Journal of Computer Security 8(4), 243–279 (2000)
Liu, P., Wang, Y.: The design and implementation of a multiphase database damage confinement system. In: The 2002 IFIP WG 11.3 Working Conference on Data and Application Security (2002)
Luenam, P., Liu, P.: Odar: An on-the-fly damage assessment and repair system for commercial database applications. In: The 2001 IFIP WG 11.3 Working Conference on Database and Application Security (2001)
Luenam, P., Liu, P.: The design of an adaptive intrusion tolerant database system. In: IEEE Workshop on Intrusion Tolerant Systems (2002)
Lunt, T., Tamaru, A., Gilham, F., Jagannathan, R., Jalali, C., Javitz, H.S., Valdes, A., Neumann, P.G., Garvey, T.D.: A real time intrusion detection expert system (ides). Technical report, SRI International, Menlo Park, California (1992)
Lunt, T., McCollum, C.: Intrusion detection and response research at DARPA. Technical report, The MITRE Corporation, McLean, VA (1998)
Lunt, T.F.: A survey of intrusion detection techniques. Computers & Security 12(4), 405–418 (1993)
Mukherjee, B., Heberlein, L.T., Levitt, K.N.: Network intrusion detection. IEEE Network, 26–41 (June 1994)
Samfat, D., Molva, R.: Idamn: An intrusion detection architecture for mobile networks. IEEE J. of Selected Areas in Communications 15(7), 1373–1380 (1997)
Sekar, S., Bendre, M., Bollineni, P.: A fast automaton-based method for detecting anomalous program behaviors. In: 2001 IEEE Symposium on Security and Privacy, Oakland, CA (May 2001)
Shieh, S.-P., Gligor, V.D.: On a pattern-oriented model for intrusion detection. IEEE Trans. on Knowledge and Data Engineering 9(4), 661–667 (1997)
Stolfo, S., Fan, D., Lee, W.: Credit card fraud detection using meta-learning: Issues and initial results. In: AAAI Workshop on AI Approaches to Fraud Detection and Risk Management (1997)
Tang, J., Hwang, S.-Y.: A scheme to specify and implement ad-hoc recovery in workflow systems. In: Schek, H.-J., Saltor, F., Ramos, I., Alonso, G. (eds.) EDBT 1998. LNCS, vol. 1377, pp. 484–498. Springer, Heidelberg (1998)
Yu, M., Liu, P., Zang, W.: Intrusion masking for distributed atomic operations. In: The 18th IFIP International Information Security Conference, Athens Chamber of Commerce and Industry, Greece, IFIP Technical Committee 11, May 26-28, pp. 229–240. Kluwer Academic Publishers, Dordrecht (2003)
Yu, M., Liu, P., Zang, W.: Self-healing workflow systems under attacks. In: The 24th International Conference on Distributed Computing Systems (ICDCS 2004), pp. 418–425 (2004)
Yu, M., Liu, P., Zang, W.: Multi-version based attack recovery of workflow. In: The 19th Annual Computer Security Applications Conference, December, pp. 142–151 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zang, W., Yu, M. (2006). A Dead-Lock Free Self-healing Algorithm for Distributed Transactional Processes. In: Bagchi, A., Atluri, V. (eds) Information Systems Security. ICISS 2006. Lecture Notes in Computer Science, vol 4332. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11961635_20
Download citation
DOI: https://doi.org/10.1007/11961635_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68962-1
Online ISBN: 978-3-540-68963-8
eBook Packages: Computer ScienceComputer Science (R0)