8/13/2019 04756906
http://slidepdf.com/reader/full/04756906 1/4
Study on Security of Web-based Database
Qing Zhao1,Shihong Qin
1,2
1Electrical and information Engineer Department of Wuhan Polytechnic University,
Wuhan, 430023 P.R.China2Electrical and information Engineer Department of Wuhan Institute of technology,
Wuhan, 430205 P.R.China E-Mail:[email protected],[email protected]
Abstract
Web database is a combined production withdatabase technology and Web technology, it stores and
manages a great deal of data, if they are embezzled
or juggled, which maybe bring enormous
political and economic losses to the society. So it isimperative to properly establish security for Web
database against illegitimate intrusion. The Host Identity
Protocol (HIP) is designed by the Internet Engineering
Task Force(IETF) , it introduces a separationbetween the host identity and location identity,
and is used to authenticate the Host Identity of an
end system and to set up a limited relationship of trust
between two hosts on the Internet . One Web securitymodel is established using the Host Identity Protocol. Its
architecture is given. The security of the model is also
analyzed and discussed in the paper.
1. Introduction
With the increasingly development of Internet
technology, people are more and more depending on
network to realize data communication and resource
sharing, all kinds of Web-based information systemsemerge as the times require. Web database is a combined
production with database technology and Web technology[1-2]
. In the Database System, it stores and manages a great
deal of data, if they are embezzled or juggled, which
maybe bring enormous political and economic losses tothe society. In particular in E-commerce, the dealing was
transacted between manufacturers (or agents) and
customers, which must access sharing data. But the dataare stored in the database and the database is on WebServer. While the use of traditional network security
mechanisms—firewalls, Intrusion Detection Systems and
Https over Security Socket Layer (SSL) haven’t avoidedthe increasingly furious illegitimate intrusion on network,
which is to say that the Web databases cannot simply be
hidden behind a firewall. In spite of the large amounts of
money spent each year on IT security, the data stealing isvery universal all the time. So it is imperative to establish
properly secure Web database against illegitimate
intrusion. One security model using HIP is given. The
architecture and the security are analyzed in the paper.
2. Host Identity Protocol (HIP)
The Internet Protocol (IP) address is charged withaddressing function and it takes on the role of indicating
the location information node. The dual functions of t he
IP address causes problems when the IP address changes,
not only the route changes, but also the locationinformation changes. The IPv4 itself doesn’t comprise any
security property, consequently leads on the inadequacy of
the TCP/IP conversion on solving mobility, multi-homing, NAT/NAPT and IPv4/IPv6. Therefore the Internet
Engineering Task Force (IETF) designs the Host Identity
Protocol to support these problems as mobility,
multi-homing and so forth.
HIP introduces a separation between the host identityand location identity. The IP address remains as the locator,
while a new namespace is introduced for host identifiers.The HIP is used to authenticate the Host Identity of an end
system and to set up a limited relationship of trust betweentwo hosts on the Internet .The core of HIP is a new
namespace HI (Host Identity). The HI is independent ofthe location (IP address) of the host.
HIP introduces a new layer in the TCP/IP stack: Host
Identity Layer (HIL). The new layer is located between
the Networking Layer and the Transport Layer, which
signs the location of the host. The HIP packets architecture
as shown in Figure.1:In the HIP packets architecture, the using sign is
entitled Host Identifier (HI), which is the public key of a
public/private key pair, is a static globally unique name,and is stored in the DNS or the catalog of the Lightweight
Directory Access Protocol (LDAP).The length of HI is
different because of different public key systemalgorithms, we usually use Host Identity Tag (HIT) with
fixed length in the practical protocol. HIT is obtained by
taking the output of a secure hash function applied to HI,
truncated to the IPv6 address size. It is 128 bits long and is
used in the HIP payloads and to index the corresponding
state in the end host[3-5]
.
2008 IEEE Pacific-Asia Workshop on Computational Intelligence and Industrial Application
978-0-7695-3490-9/08 $25.00 © 2008 IEEE
DOI 10.1109/PACIIA.2008.390
902
2008 IEEE Pacific-Asia Workshop on Computational Intelligence and Industrial Application
978-0-7695-3490-9/08 $25.00 © 2008 IEEE
DOI 10.1109/PACIIA.2008.390
902
2008 IEEE Pacific-Asia Workshop on Computational Intelligence and Industrial Application
978-0-7695-3490-9/08 $25.00 © 2008 IEEE
DOI 10.1109/PACIIA.2008.390
902
8/13/2019 04756906
http://slidepdf.com/reader/full/04756906 2/4
Figure.1 HIP Packets Architecture
3. The Establishment and Architecture of the
Model
A Web-based interface is generally open to the public.
It is little control over the client who can access the
interface. So strong security measures are taken for thedatabase itself and for the part of the network owned by
the database provider
A common architecture for offering a relatively open
access to a database is to provide a web server that accepts
requests in an easy-to-use format, and passes them to the
database, but this architecture leaves the database open to be attacked based on invalid requests or invalidrequestors. In addition, the exchanged data must be
encrypted as part of the application requirements, so a
secure connection must be ultimately established between
the database and the requesting user. If a method can bedeveloped to validate user identities in the web server, and
the user is required to register for both his identity and thehost that he or she is tied to, then while these steps can be
achieved independently, it is also true that to validate the
identity of the host or the end user, it is essential to
establish a secure connection between them. This secure
connection can be used for the data exchange. The use of
the HIP can satisfy this demand[6-8]
.
The topology of the HIP-based Web database security
model to implement above functions is shown in Figure.2.
Figure.2 shows how to access the Web database with
m hosts and n users in the model, which is based on the
extended HIP with Rendezvous Server (RVS). The HIPResponder lies in the Web server logically in front of it.
The clients (hosts and users) accessing the Web databaseact as the HIP Initiators. They constitute a complete
extended HIP authentication system with the Rendezvous
Server (RVS) and DNSsec Server.
903903903
8/13/2019 04756906
http://slidepdf.com/reader/full/04756906 3/4
Figure.2 Architecture of the model (Dashed lines are processes of accessing DB)
In the model, the processes of a client accessing the
Web database include two phases: the first is the clientgets the extended HIP authentication of the Web server (S1,
2, 3); the second is the Web server starts actually accessing
the database (S4). Where HI(R) represents the HI of R(Responder), HI(I) represents the HI of I (Initiator), IP(R)
represents the IP address of R, “→”represents the
corresponding relation, (HI,UI) represents the binding
relation, when the client wants to access the Webdatabase, the Responder must register its Host Identity
and created HI(R)→IP(R) records in the RVS, and
registers its domain namespace and creates
FQDN→IP(RVS) and FQDN→HI(R) records in theDNSsec Server in advance. The Initiator must register itstwo Identities (HI,UI) and creates HI(I)→IP(I) and
binding--UI(I)→HI(I) records in the RVS, and
registers its domain namespace and createdFQDN→HI(I) and FQDN→IP(I) records in the DNSsec
Server in advance. If the IP address of the host is changed
for various reasons that include mobility of user or host,
the host (I or R) must re-register the above records. Firstly,the client (Initiator) sends packet I1 to the RVS starting the
extended HIP authentication. After validating it, the RVS
forwards I1 to the Responder (in the Web server). Later on,
the extended HIP with UI operating directly between the
Initiator (the client) and the Responder (in the Web server).Finally, the authentication finishes and begins to access the
real database.In the model, we combine the HIP Responder with the
Web Server. This allows the Web server to work under the
control of the HIP Responder. If the client wants to access
the Web server and database, the HIP Responder must
authenticate it. However, the HIP Responder can also beseparated from the Web server and be located in front of it.
Given that the function of database server may not be a
good match to the likely applications of the clients, theapplication server may be used to provide additional
information processing or application-specific responses.
The Encryption server is for encrypting the sensitive datain the database and is responsible for security of the
database source itself. Neither one participates in the HIP
authentication. The DNSsec Server and RVS serve the HIP
authentication, and they can be located anywhere on theInternet. In general, the DNSsec Server and RVS should
belong to the owner of the database. Besides, they may
also belong to an authentication organization of the
network or an ISP.
4. Analysis of Security of the Model
The Web database security depends on limiting actual
access to the Web server and database itself. In the abovemodel, we have limited the access to the Web server and
database to the greatest extent. Its database server onlyexchanges information with the Web server, and only
allows connections from the Web server. Anyone
accessing the database via the Web server must be
authenticated by the extended HIP with UI. Anyone who is permitted to access the Web server is a real and legitimate
client. If an attacker attempts to directly connect tothe Web server and access the database bypassing the
HIP Responder, then his request will be dropped
silently by the Web server, because he or she is not in theHUT and does not have the HIPA. If an attacker wants
to connect to the Web server via the HIP Responder, he or
she will not be authenticated. Because he or she has notregistered the HI, UI in the RVS, and does not have a
UI→HI binding flag in the packet I1, and he or she
904904904
8/13/2019 04756906
http://slidepdf.com/reader/full/04756906 4/4
also cannot answer the correct solution to the puzzle
challenge. In general, the RVS will drop all messages
except I1, the Responder will drop all request messages
except I1 coming from its RVS. The application server is
optional for applying functions and is not involved insecurity authentication. The encryption server is for
guaranteeing that sensitive data in the database will not be
exposed on the Internet and for the security of the databaseitself.
5. Conclusions
Through above analysis, we can know the security of
the Web database is quite potent due to authentication of
extended HIP with UI. It also has good feasibility, andhigh availability for most demanding environments.
References
[1] Wu Chunming, Zheng Zhiqiang. Study on Encryption ofWeb-based Database. Journal of Southwest Agricultural
University (Natural Science), Vol 26, No.2, pp220-222, April2004.
[2] Zhu Lianjun, Cui Qinghua. On the Running Tactics and theRelative Technology about the Web Database. Journal ofHenan Institute of Education (Natural Science),Vol 15, No.1,
pp64-65, March 2006.
[3] Yu Shuyao, Zhang Youkun. A Study on Host Identity Protocol
(HIP).Computer Application and Study, pp219-221, 2005.[4] Fayez Al-Shraideh. Host Identity Protocol. Proceeding of theInternational Conference on Networking, International
Conference on Systems and International Conference onMobile Communications and Learning Technologies(ICNICONSMCL’06), pp1628448, April 23-29, 2006.
[5] R. Moskowitz, P. Nikander, P. Jokela, T. Henderson. Host
Identity Protocol (draft-09), October 2007.[6] Hu Xueyong, J. William Atwood. A Web Database Security
Model Using the Host Identity Protocol. 11 th International
Database Engineering and ApplicationsSymposium(IDEAS’07),2007.
[7] J. Laganier, L. Eggert. Host Identity Protocol (HIP)
Rendezvous Extension. (draft-05), November 2006.[8] T. Henderson. End-Host Mobility and Multihoming with the
Host Identity Protocol. (draft-05), March 2007.
905905905