The use of honey tokens in database security

Penny Ross

Research output: Book/ReportBook

61 Downloads (Pure)

Abstract

Information security is a growing concern for organizations. Data and Information stored in companies’ databases are often considered as one of their most valuable assets; and as a result, ensuring their security is of significant importance. Changes to the IT landscape including remote access for employees, virtualisation, cloud provisioning, mobile devices and the growing interest in Bring Your Own Device (BYOD) are bringing new challenges. Despite huge investments in database security the global statistics for data security indicate that breaches have been on the increase. Also of concern is the fact that when these leaks occur, it can take system administrators weeks and in many cases months before they are aware that a security breach has happened. In this time the damage inflicted by its perpetrators may have reached sizable proportions. Mechanisms such as authentication, privilege management, views, firewalls, intrusion detection tools auditing and logging have become standard database security tools. However, as Maheswari, Sankaranarayanan, (2007) state as the methods of attack increase in number and sophistication, interest in more aggressive forms of defence to supplement existing methods needs to be developed. This paper discusses the use of Honeytokens in database security specifically in addressing the insider threat. A Honeytoken is a digital or information system resource whose value lies in the unauthorized use of that resource. The key to a Honeytoken is that it is enticing, something a hacker views as valuable. It is then integrated into the system and no one should interact with it. Any interaction with a Honeytoken most likely represents unauthorized or malicious activity.
Original languageEnglish
Place of PublicationAthens
PublisherAtiner
Number of pages10
Publication statusPublished - 2013

Publication series

NameATINER conference paper series
PublisherATINER
No.COM2013-0428
ISSN (Print)2241-2891

Keywords

  • Databases,
  • Security,
  • Honey Tokens,
  • Insider threats

Fingerprint

Dive into the research topics of 'The use of honey tokens in database security'. Together they form a unique fingerprint.

Cite this