Analyzer for Caché Database Communication Protocol

doi:10.3969/j.issn.1671-1122.2018.04.006

Abstract

Abstract:

Intersystems Caché is an advanced commercial database management system with proprietary license. It has been widely applied in industries, especially in healthcare environments. Its private communication protocol makes it hard, if not impossible, to audit the messages between Caché remote clients and Caché server. This paper develops an analyzer, which could filter Caché database data from packets between Caché clients and Caché server. The packets are obtained from network monitors. The details of the analyzer are given. We carry out extensive experiments to verify the correctness of the analyzer in terms of auditing common Caché database operations. This analyzer enables the analysis of the behaviors of remote database clients and then enables the management and audit of the database operation of Caché clients.

Key words: bypass monitoring, private protocol analyzer, Caché database;, audit

CLC Number:

TP309

Lin LI, Zhenhuan LI, Xiaolin CHANG, Zhen HAN. Analyzer for Caché Database Communication Protocol[J]. Netinfo Security, 2018, 18(4): 38-46.

Figures/Tables 15

References 12

[1]	SMIRNOV A, LAM L, CHIUEH T. Portable Intrusion-Resilient Database Management Server[EB/OL]., 2006-3-20.
[2]	GUO L, WU H. Design and Implementation of TDS Protocol Analyzer[EB/OL]., 2009-8-11.
[3]	JIN S, LI M, WANG Z. Research and Design of Preprocessor Plugin Based on PCRE under Snort Platform[EB/OL]., 2011-7-1.
[4]	WU K, HUA L, WANG X, et al. The Design and Implementation of Database Audit System Framework[EB/OL]., 2014-10-23.
[5]	OTTE L, DANEL R, ŘEPKA M, et al. Comparison of Database Mirror Technologies for Use in Fault-Tolerant Information System Solutions[EB/OL]., 2015-7-2.
[6]	DANEL R, KOZEL R, JOHANIDES D, et al.Database Mirroring in Fault-Tolerant Continuous Technological Process Control[J]. Metalurgija, 2016, 55(1): 83-86.
[7]	PRABAKAR M A, KARTHIKEYAN M, MARIMUTHU K. An Efficient Technique for Preventing SQL Injection Attack Using Pattern Matching Algorithm[EB/OL]., 2013-6-13.
[8]	QING Sihan.Security Protection of Critical Infrastructure[J]. Netinfo Security,2015(2):1-6.
	卿斯汉. 关键基础设施安全防护[J]. 信息网络安全,2015(2):1-6.
[9]	SHAO Z, LI Y, ZHANG K, et al. An Audit Method Based on Mathematical Statistics Detection in Database Audit System[EB/OL]., 2015-11-23.
[10]	ZHANG Jianbiao, ZHAO Zixiao, HU Jun, et al.The Design Framework of Reconfigurable Virtual Root of Trust in Cloud Environment[J]. Netinfo Security, 2018(1): 1-8.
	张建标, 赵子枭, 胡俊, 等. 云环境下可重构虚拟可信根的设计框架[J]. 信息网络安全, 2018(1): 1-8.
[11]	SHI J, YAO J, LIU M. Research on Database Audit Scheme Design of Life Insurance Industry Based on OLAP Technology[EB/OL]., 2017-2-16.
[12]	WEN Weiping, GUO Ronghua, MENG Zheng, et al.Research and Implementation on Information Security Risk Assessment Key Technology[J]. Netinfo Security, 2015 (2): 7-14.
	文伟平,郭荣华,孟正,等. 信息安全风险评估关键技术研究与实现[J]. 信息网络安全,2015(2):7-14.

[1]	Yuan TAO, Tao HUANG, Moyan LI, Wei HU. Research on Log Audit Analysis Model of Cyberspace Security Classified Protection Driven by Knowledge Map [J]. Netinfo Security, 2020, 20(1): 46-51.
[2]	Bilin SHAO, Xiaojun LI, Genqing BIAN, Yu ZHAO. A Survey on Data Integrity Auditing Technology in Cloud Storage [J]. Netinfo Security, 2019, 19(6): 28-36.
[3]	Jianli BAI, Xiaoran LI, Rong HAO, Jia YU. Algebraic Signature-based Secure Auditing and Deduplication Scheme with Ownership Dynamic Modification in Cloud Environment [J]. Netinfo Security, 2018, 18(8): 50-55.
[4]	Xiuqing LU, Hequn XIAN. A Big Data Integrity Auditing Scheme Based on User Authorization in Cloud Storage [J]. Netinfo Security, 2018, 18(4): 32-37.
[5]	Da FENG, Qiang WANG, Yiwen ZHAO, Jian XU. SGX-based Certificate Credibility Verification and Secure Software Issuance System [J]. Netinfo Security, 2018, 18(3): 63-69.
[6]	BIAN Genqing, SHAO Bilin, CAI Wandong, WANG Dong. Research on Multiple-replica Integrity Auditing Method on Supporting Data Dynamic Updating in Cloud Environment [J]. 信息网络安全, 2017, 17(10): 22-28.
[7]	HOU Huiying, YU Jia, HAO Rong. Research on an Integrity Auditing Scheme Based on Algebraic Signature in Cloud Storage [J]. 信息网络安全, 2017, 17(10): 69-74.
[8]	WANG Haitao. Research and Design of the Next Generation of Operation Security Audit System [J]. 信息网络安全, 2016, 16(6): 81-85.
[9]	ZHAO Yang, REN Hua-qiang, XIONG Hu, CHEN Yang. Cloud Data Integrity Verification Scheme without Bilinear Pairing [J]. 信息网络安全, 2015, 15(7): 7-12.
[10]	TANG Chun-ming, ZHENG Xiao-long. A Privacy-Preserving Public Auditing Mechanism for the Date with Large Groups Users in the Cloud Computing [J]. 信息网络安全, 2015, 15(2): 19-25.
[11]	ZHAO Yang, REN Huaqiang, XIONG Hu, CHEN Yang. A Dynamic Cloud Data Audit Scheme Based on Update Tree [J]. 信息网络安全, 2015, 15(12): 1-7.
[12]	. A Review on Data Integrity Auditing Protocols for Data Storage in Cloud Computing [J]. , 2014, 14(7): 1-.
[13]	LU Yun-long, LUO Shou-shan, GUO Yu-peng. The Design and Implementation of Firewall Policy Audit Plan Based on Improved Strategy Tree [J]. 信息网络安全, 2014, 14(10): 64-69.
[14]	DUAN Juan, XIN Yang, MA Yu-wei. Research and Design of Security Audit Log System Based on Web Application [J]. 信息网络安全, 2014, 14(10): 70-76.