International Journal of

ADVANCED AND APPLIED SCIENCES

EISSN: 2313-3724, Print ISSN: 2313-626X

Frequency: 12
line decor
  
line decor

 Volume 11, Issue 2 (February 2024), Pages: 180-194

----------------------------------------------

 Original Research Paper

Structuring and organizing database security domain from big data perspective using meta-modeling approach

 Author(s): 

 Ahmad Alshammari *

 Affiliation(s):

 Department of Computer Sciences, Faculty of Computing and Information Technology, Northern Border University, Rafha, Saudi Arabia

 Full text

  Full Text - PDF

 * Corresponding Author. 

  Corresponding author's ORCID profile: https://orcid.org/0009-0000-2051-2757

 Digital Object Identifier (DOI)

 https://doi.org/10.21833/ijaas.2024.02.019

 Abstract

Database security is an area focused on safeguarding databases against harmful access. It involves ensuring data accuracy, blocking unauthorized entry, and preventing harmful code within the database. Although various security models and methods exist, they often don't comprehensively cover all aspects of database security. This leads to a diverse and unclear understanding of database security among experts. This study proposes a unified framework, the Database Security Meta-model (DBSM), which acts as a standard language in this field. The DBSM, comprising twelve main elements, is thoroughly vetted to align with security needs and offers guidelines for practitioners to create specific security solutions.

 © 2024 The Authors. Published by IASE.

 This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).

 Keywords

 Database security, Meta-modeling, Data protection, Access control, Big data security

 Article history

 Received 27 September 2023, Received in revised form 16 January 2024, Accepted 31 January 2024

 Acknowledgment 

No Acknowledgment.

 Compliance with ethical standards

 Conflict of interest: The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

 Citation:

 Alshammari A (2024). Structuring and organizing database security domain from big data perspective using meta-modeling approach. International Journal of Advanced and Applied Sciences, 11(2): 180-194

 Permanent Link to this page

 Figures

 Fig. 1 Fig. 2 Fig. 3 Fig. 4 Fig. 5 Fig. 6 Fig. 7 

 Tables

 Table 1 Table 2 Table 3 Table 4 Table 5

----------------------------------------------   

 References (46)

  1. Adedayo OM and Olivier M (2014). Schema reconstruction in database forensics. In: Peterson G and Shenoi S (Eds.), Advances in digital forensics X: DigitalForensics 2014: IFIP Advances in information and communication technology: 101-116. Springer, Berlin, Germany.   [Google Scholar]
  2. Albalawi U (2018). Countermeasure of statistical inference in database security. In the IEEE International Conference on Big Data, IEEE, Seattle, USA: 2044-2047. https://doi.org/10.1109/BigData.2018.8622241   [Google Scholar]
  3. Al-Dhaqm A, Abd Razak S, Dampier DA, Choo KKR, Siddique K, Ikuesan RA, and Kebande VR (2020b). Categorization and organization of database forensic investigation processes. IEEE Access, 8: 112846-112858. https://doi.org/10.1109/ACCESS.2020.3000747   [Google Scholar]
  4. Al-Dhaqm A, Abd Razak S, Ikuesan RA, Kebande VR, and Siddique K (2020a). A review of mobile forensic investigation process models. IEEE Access, 8: 173359-173375. https://doi.org/10.1109/ACCESS.2020.3014615   [Google Scholar]
  5. Al-Dhaqm A, Abd Razak S, Siddique K, Ikuesan RA, and Kebande VR (2020c). Towards the development of an integrated incident response model for database forensic investigation field. IEEE Access, 8: 145018-145032. https://doi.org/10.1109/ACCESS.2020.3008696   [Google Scholar]
  6. Al-Dhaqm A, Othman SH, Yafooz WMS, and Ali A (2023a). Review of information security management frameworks. In: Yafooz WMS, Al-Aqrabi H, Al-Dhaqm A, and Emara A (Eds.), Kids cybersecurity using computational intelligence techniques: 69-80. Springer, Cham, Switzerland. https://doi.org/10.1007/978-3-031-21199-7_5   [Google Scholar]
  7. Al-Dhaqm A, Razak S, Ikuesan RA, Keband RV, and Hajar Othman S (2021). Face validation of database forensic investigation metamodel. Infrastructures, 6(2): 13. https://doi.org/10.3390/infrastructures6020013   [Google Scholar]
  8. Al-Dhaqm A, Yafooz WM, Othman SH, and Ali A (2023b). Database forensics field and children crimes. In: Yafooz WMS, Al-Aqrabi H, Al-Dhaqm A, and Emara A (Eds.), Kids cybersecurity using computational intelligence techniques: 81-92. Springer, Cham, Switzerland. https://doi.org/10.1007/978-3-031-21199-7_6   [Google Scholar]
  9. Al-Dwairi RM, Al-Tweit N, and Zyout K (2018). Factors influencing cloud-computing adoption in small and medium e-commerce enterprises in Jordan. In the 2018 1st International Conference on Internet and e-Business, Association for Computing Machinery, Singapore, Singapore: 73-78. https://doi.org/10.1145/3230348.3230370   [Google Scholar]
  10. Alhazmi HE, Eassa FE, and Sandokji SM (2022). Towards big data security framework by leveraging fragmentation and blockchain technology. IEEE Access, 10: 10768-10782. https://doi.org/10.1109/ACCESS.2022.3144632   [Google Scholar]
  11. Alhussan AA, Al-Dhaqm A, Yafooz WM, Emara AHM, Bin Abd Razak S, and Khafaga DS (2022a). A unified forensic model applicable to the database forensics field. Electronics, 11(9): 1347. https://doi.org/10.3390/electronics11091347   [Google Scholar]
  12. Alhussan AA, Al-Dhaqm A, Yafooz WM, Razak SBA, Emara AHM, and Khafaga DS (2022b). Towards development of a high abstract model for drone forensic domain. Electronics, 11(8): 1168. https://doi.org/10.3390/electronics11081168   [Google Scholar]
  13. Ali A, Razak SA, Othman SH, and Mohammed A (2015). Towards adapting metamodeling approach for the mobile forensics investigation domain. In the International Conference on Innovation in Science and Technology, Kuala Lumpur, Malaysia: 364-368.   [Google Scholar]
  14. Ali A, Razak SA, Othman SH, and Mohammed A (2018). Extraction of common concepts for the mobile forensics domain. In: Saeed F, Gazem N, Patnaik S, Saed Balaid A, and Mohammed F (Eds.), Recent trends in information and communication technology: Proceedings of the 2nd international conference of reliable information and communication technology: 141-154. Springer, Cham, Switzerland.   [Google Scholar]
  15. Alshammari A (2023a). A novel security framework to mitigate and avoid unexpected security threats in Saudi Arabia. Engineering, Technology and Applied Science Research, 13(4): 11445-11450. https://doi.org/10.48084/etasr.6091   [Google Scholar]
  16. Alshammari A (2023b). Detection and investigation model for the hard disk drive attacks using FTK imager. International Journal of Advanced Computer Science and Applications, 14(7): 767-774. https://doi.org/10.14569/IJACSA.2023.0140784   [Google Scholar]
  17. Awadallah R, Samsudin A, Teh JS, and Almazrooie M (2021). An integrated architecture for maintaining security in cloud computing based on blockchain. IEEE Access, 9: 69513-69526. https://doi.org/10.1109/ACCESS.2021.3077123   [Google Scholar]
  18. Chaudhary P, Gupta BB, Chang X, Nedjah N, and Chui KT (2021). Enhancing big data security through integrating XSS scanner into fog nodes for SMEs gain. Technological Forecasting and Social Change, 168: 120754. https://doi.org/10.1016/j.techfore.2021.120754   [Google Scholar]
  19. George G, Osinga EC, Lavie D, and Scott BA (2016). Big data and data science methods for management research. Academy of Management Journal, 59(5): 1493-1507. https://doi.org/10.5465/amj.2016.4005   [Google Scholar]
  20. Gruschka N, Mavroeidis V, Vishi K, and Jensen M (2018). Privacy issues and data protection in big data: A case study analysis under GDPR. In the IEEE International Conference on Big Data, IEEE, Seattle, USA: 5027-5033. https://doi.org/10.1109/BigData.2018.8622621   [Google Scholar]
  21. Henderson-Sellers B (2011). Bridging metamodels and ontologies in software engineering. Journal of Systems and Software, 84(2): 301-313. https://doi.org/10.1016/j.jss.2010.10.025   [Google Scholar]
  22. Kebande V and Venter H (2016). Requirements for achieving digital forensic readiness in the cloud environment using an NMB solution. In the 11th International Conference on Cyber Warfare and Security, Boston, USA: 399-406.   [Google Scholar]
  23. Kebande VR and Choo KKR (2022). Finite state machine for cloud forensic readiness as a service (CFRaaS) events. Security and Privacy, 5(1): e182. https://doi.org/10.1002/spy2.182   [Google Scholar]
  24. Kebande VR and Ray I (2016). A generic digital forensic investigation framework for Internet of Things (IoT). In the IEEE 4th International Conference on Future Internet of Things and Cloud, IEEE, Vienna, Austria: 356-362. https://doi.org/10.1109/FiCloud.2016.57   [Google Scholar]
  25. Kebande VR, Ikuesan RA, and Karie NM (2022). Review of blockchain forensics challenges. In: Baalamurugan K, Kumar SR, Kumar A, Kumar V, and Padmanaban S (Eds.), Blockchain security in cloud computing: 33-50. Springer, Cham, Switzerland. https://doi.org/10.1007/978-3-030-70501-5_3   [Google Scholar]
  26. Kebande VR, Ikuesan RA, Karie NM, Alawadi S, Choo KKR, and Al-Dhaqm A (2020). Quantifying the need for supervised machine learning in conducting live forensic analysis of emergent configurations (ECO) in IoT environments. Forensic Science International: Reports, 2: 100122. https://doi.org/10.1016/j.fsir.2020.100122   [Google Scholar]
  27. Khan MI, O’Sullivan B, and Foley SN (2018). Towards modelling insiders behaviour as rare behaviour to detect malicious RDBMS access. In the IEEE International Conference on Big Data, IEEE, Seattle, USA: 3094-3099. https://doi.org/10.1109/BigData.2018.8622047   [Google Scholar]
  28. Kulkarni S and Urolagin S (2012). Review of attacks on databases and database security techniques. International Journal of Emerging Technology and Advanced Engineering, 2(11): 253-263.   [Google Scholar]
  29. Kurtev I (2008). State of the art of QVT: A model transformation language standard. In: Schürr A, Nagl M, and Zündorf A (Eds.), Applications of graph transformations with industrial relevance: Lecture notes in computer science: 377-393. Springer, Berlin, Germany. https://doi.org/10.1007/978-3-540-89020-1_26   [Google Scholar]
  30. Lessambo FI (2023). The cybersecurity counteroffensive. In: Lessambo FI (Ed.), Anti-money laundering, counter financing terrorism and cybersecurity in the banking industry: A comparative study within the G-20: 11-32. Springer, Cham, Switzerland. https://doi.org/10.1007/978-3-031-23484-2_2   [Google Scholar]
  31. Liu Q, Peng Y, Pei S, Wu J, Peng T, and Wang G (2020). Prime inner product encoding for effective wildcard-based multi-keyword fuzzy search. IEEE Transactions on Services Computing, 15(4): 1799-1812. https://doi.org/10.1109/TSC.2020.3020688   [Google Scholar]
  32. Makura S, Venter HS, Kebande VR, Karie NM, Ikuesan RA, and Alawadi S (2021). Digital forensic readiness in operational cloud leveraging ISO/IEC 27043 guidelines on security monitoring. Security and Privacy, 4(3): e149. https://doi.org/10.1002/spy2.149   [Google Scholar]
  33. Martínez-Salvador B, Marcos M, Palau P, and Mafé ED (2023). A model-driven transformation approach for the modelling of processes in clinical practice guidelines. Artificial Intelligence in Medicine, 137: 102495. https://doi.org/10.1016/j.artmed.2023.102495   [Google Scholar] PMid:36868689
  34. Ngadi M, Al-Dhaqm R, and Mohammed A (2012). Detection and prevention of malicious activities on RDBMS relational database management systems. International Journal of Scientific and Engineering Research, 3(9): 1-10.   [Google Scholar]
  35. Odirichukwu JC and Asagba PO (2017). Security concept in Web database development and administration: A review perspective. In the IEEE 3rd International Conference on Electro-Technology for National Development, IEEE, Owerri, Nigeria: 383-391. https://doi.org/10.1109/NIGERCON.2017.8281910   [Google Scholar]
  36. Ratner B (2003). Statistical modeling and analysis for database marketing: Effective techniques for mining big data. CRC Press, Boca Raton, USA.   [Google Scholar]
  37. Saleh M, Othman SH, Driss M, Al-dhaqm A, Ali A, Yafooz WM, and Emara AHM (2023). A metamodeling approach for IoT forensic investigation. Electronics, 12(3): 524. https://doi.org/10.3390/electronics12030524   [Google Scholar]
  38. Saleh MA, Othman SH, Al-Dhaqm A, and Al-Khasawneh MA (2021). Common investigation process model for Internet of Things forensics. In the 2nd International Conference on Smart Computing and Electronic Enterprise, IEEE, Cameron Highlands, Malaysia: 84-89. https://doi.org/10.1109/ICSCEE50312.2021.9498045   [Google Scholar] PMid:34022883 PMCid:PMC8140497
  39. Salem M, Othman SH, Al-Dhaqm A, and Ali A (2023). Development of metamodel for information security risk management. In: Yafooz WMS, Al-Aqrabi H, Al-Dhaqm A, and Emara A (Eds.), Kids cybersecurity using computational intelligence techniques: 243-253. Springer, Cham, Switzerland. https://doi.org/10.1007/978-3-031-21199-7_17   [Google Scholar]
  40. Tall AM and Zou CC (2023). A framework for attribute-based access control in processing big data with multiple sensitivities. Applied Sciences, 13(2): 1183. https://doi.org/10.3390/app13021183   [Google Scholar]
  41. Teimoor RA (2021). A review of database security concepts, risks, and problems. UHD Journal of Science and Technology, 5(2): 38-46. https://doi.org/10.21928/uhdjst.v5n2y2021.pp38-46   [Google Scholar]
  42. Ullah F, Pun CM, Kaiwartya O, Sadiq AS, Lloret J, and Ali M (2023). HIDE-Healthcare IoT data trust management: Attribute centric intelligent privacy approach. Future Generation Computer Systems, 148: 326-341. https://doi.org/10.1016/j.future.2023.05.008   [Google Scholar]
  43. WÄ…sowski A and Berger T (2023). Model and language variability. In: WÄ…sowski A and Berger T (Eds.), Domain-specific languages: Effective modeling, automation, and reuse: 459-486. Springer, Cham, Switzerland. https://doi.org/10.1007/978-3-031-23669-3_13   [Google Scholar]
  44. Yafooz WM, Bakar ZBA, Fahad SA, and Mithun MA (2020). Business intelligence through big data analytics, data mining and machine learning. In: Sharma N, Chakrabarti A, and Balas V (Eds.), Data management, analytics and innovation: proceedings of ICDMAI 2019: 217-230. Volume 2, Springer, Singapore, Singapore. https://doi.org/10.1007/978-981-13-9364-8_17   [Google Scholar]
  45. Yaseen Q, Jararweh Y, Panda B, and Althebyan Q (2017). An insider threat aware access control for cloud relational databases. Cluster Computing, 20: 2669-2685. https://doi.org/10.1007/s10586-017-0810-y   [Google Scholar]
  46. Zhang D (2018). Big data security and privacy protection. In the 8th International Conference on Management and Computer Science, Atlantis Press, Shenyang, China: 275-278. https://doi.org/10.2991/icmcs-18.2018.56   [Google Scholar]