Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Protecting sensitive corporate, medical, and government databases–filled as they are with everything from credit-card numbers to personal health histories–has traditionally been a matter of granting passwords to employees, and allowing varying levels of access depending on users’ job duties. But such measures haven’t always stopped sophisticated hackers or insiders who stray from their assigned areas.

The latest generation of software goes further: it learns about appropriate database usage patterns, and sounds an alarm if something anomalous happens.

Now Symantec, a leading maker of anti-virus software, is releasing its own learning-based database security product, after a year-long pilot project. The company says the software can protect against insiders, as well as outsiders who find their way past security features and help themselves to sensitive information.

“It learns the behavior of who is accessing what. You put it into ‘learn’ mode and it figures out who should be asking for what data. If there is an odd request–say, a large list of students’ social-security numbers, anything that’s not a normal procedure–administrators are notified,” says Carey Nachenberg, chief architect at Symantec Research Labs in Santa Monica, CA.

The technology can also be customized to alert administrators when a specific kind of request is made, such as one for multiple credit-card numbers.

Taken together, this approach could have advantages over traditional methods of database security, known as role-based access control. “Organizations have traditionally relied on access controls to meet confidentiality needs,” says Sushil Jajodia, director of the center for secure information systems at George Mason University. “Security products typically focus on outsider attacks…but do not protect an organization from malicious insiders. This is one of the first products to address the insider threat.”

Symantec says the new technology, announced this week, can detect clever attacks from outsiders, too. For example, most online shopping sites have fields that allow users to search for products. But if just the right queries and characters–such as quotes or asterisks–are put in the right places in a search field, a harmless search for books or videos can become a successful theft of credit-card numbers in the company’s database. “This is a common attack, and many websites are vulnerable,” says Nachenberg. “In order to catch such a thing, I need to identify that a different query is being sent than what is normal.”

0 comments about this story. Start the discussion »

Tagged: Computing

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me