Netinfo Security ›› 2018, Vol. 18 ›› Issue (4): 38-46.doi: 10.3969/j.issn.1671-1122.2018.04.006

• Orginal Article • Previous Articles     Next Articles

Analyzer for Caché Database Communication Protocol

Lin LI, Zhenhuan LI(), Xiaolin CHANG, Zhen HAN   

  1. Beijing Key Laboratory of Security and Privacy in Intelligent Transportation, School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China
  • Received:2018-02-01 Online:2018-04-15 Published:2020-05-11

Abstract:

Intersystems Caché is an advanced commercial database management system with proprietary license. It has been widely applied in industries, especially in healthcare environments. Its private communication protocol makes it hard, if not impossible, to audit the messages between Caché remote clients and Caché server. This paper develops an analyzer, which could filter Caché database data from packets between Caché clients and Caché server. The packets are obtained from network monitors. The details of the analyzer are given. We carry out extensive experiments to verify the correctness of the analyzer in terms of auditing common Caché database operations. This analyzer enables the analysis of the behaviors of remote database clients and then enables the management and audit of the database operation of Caché clients.

Key words: bypass monitoring, private protocol analyzer, Caché database;, audit

CLC Number: