Browse > Article
http://dx.doi.org/10.21219/jitam.2018.25.2.147

A Non-Agent based Identification Scheme for Identifying Database Users in 3-tier System Environments  

Han, Jung Sang (Dept. of Industrial Convergence Security, Graduate School of Chung-Ang University)
Shin, Dong Cheon (Dept. of Industrial Security, Chung-Ang University)
Publication Information
Journal of Information Technology Applications and Management / v.25, no.2, 2018 , pp. 147-159 More about this Journal
Abstract
The changes of internet environment have made services through web application server (WAS) popular. Accordingly, technical difficulties in identifying users who access databases through WAS were incurred. In order to solve these problems, many companies adopt an agent-based approach for identifying users by installing additional software on WAS. However, this approach must submit to some disadvantages in terms of cost, maintenance, and development process. In this paper, we devise an non-agent based approach for identifying database users in 3-tier environments.
Keywords
User Identification; Web Application Server; 3-tier; Non-Agent Approach;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Baek, J. and Park, D., "A Study on Traceback by WAS Bypass Access Query Information of DataBase", Journal of Korea society of Computer and Information, Vol. 14, No. 12, 2009, pp. 181-190.
2 Daniel Joseph Barry, Understanding Packet Loss in Network Monitoring and Analysis Appliances, Retrived from https://esj.com/Articles/2012/12/13/Understanding-Packet-Loss.aspx?Page=2.
3 Eckerson, W. W., "Three tier client/server architectures : achieving scalability, performance, and efficiency in client/server applications", Open Information Systems, Vol. 3, 1995, pp. 46-50.
4 Kim, H., "WhiteList SQL based database access control on web application server", Korea University, 2014.
5 Korea Data Agency, Data Industry White Paper. 2016.
6 Korea Financial Telecommunications and Clearins Institute, An analysis of DB security tecknology and status, 2007.
7 Mark Lillywhite, Agent vs Aentless : WHAT TO USE AND WHEN, Retrived from https://www.snowsoftware.com/int/blog/2017/03/23/agents-vs-agentless-what-use-and-when.
8 Song, U., and Park, K., "Homomorphic Encryption for database outsourcing", Journal of the Korea Institute of Inform, Vol. 19, No. 3, 2009, pp. 80-89.
9 Stephen, J. B., How to choose the right server performance monitoring tools, Retrieved from, http://searchitoperations.techtar. get.com/tip/How-to-choose-the-right-server-performance-monitoring-tools.
10 UpGuard, Agent vs Agentless and Why We Chose Agentless. Retrived from https://www.upguard.com/blog/agent-vs-agentless-and-why-we-chose-agentless.