International Journal of Engineering Inventions ISSN: 2278-7461, www.ijeijournal.com Volume 1, Issue 4 (September 2012) PP: 10-14 10 Security Management for Distributed Environment Ms. Smita Chaudhari 1 , Mrs. Seema Kolkur 2 1 Assi. Prof. Of S. S. Jondhale College Of Engineering,Dombivli,Mumbai University, INDIA 2 Asso. Prof. Of Thadomal Shahani College Of Engineering, Mumbai University, INDIA Abstract––A mobile database is a database that can be connected to by a mobile computing device over a mobile network. Mobile processed information in database systems is distributed, heterogeneous, and replicated. They are endangered by various threats based on user’s mobility and restricted mobile resources of portable devices and wireless links. Since mobile circumstances can be very dynamic, standard protection mechanisms do not work very well in such environments. So our proposed model enhances the security in mobile database system. In this paper we develop a security model for transaction management framework for peer-to-peer environments. If any attack still occurs on a database system, evaluation of damage must be performed as soon the attack is identified. The attack recovery problem has two aspects: damage assessment and damage repair. The complexity of attack recovery is mainly caused by a phenomenon called damage spreading. This paper focuses on damage assessment and recovery procedure for distributed database systems. Keywords––Mobile Database, Transaction Management, Security I. INTRODUCTION In mobile environment, several mobile computers collectively form the entire distributed system of interest. These mobile computers may communicate together in an ad hoc manner by communicating through networks that are formed on demand. Such communication may occur through wired (fixed) or wireless (ad hoc) networks. Distributed database systems are made up of mobile nodes and peer-to-peer connection. These nodes are peers and may be replicated both for fault- tolerance, dependability, and to compensate for nodes which are currently disconnected. Several sites from this system must participate in the synchronization of transaction. There are different transaction models [5] available for mobile computing environment, but data transmission between the base station (BS) and the mobile station (MH (S)) is not secure which leads to data inconsistency as well as large number of rejected transactions. Typical operating system security features such as memory and file protection, resource access control and user authentication are not useful for distributed environment. A key requirement in such an environment is to support and secure the communication of mobile database. This paper focuses on security management processing for MCTO (Multi-Check-out Timestamp Order) [2] model by using symmetric encryption and decryption [1] between the Base station BS and the mobile host MH with the aim at achieving secure data management at the mobile host. If any attack occurs on a database system, evaluation of damage must be performed as soon the attack is identified. If the evaluation of damage not performed soon after attack, the initial damage will spread to other parts of the database via valid transactions, consequently resulting in denial-of-service. As more and more data items become affected, the spread of damage becomes even faster. Damage assessment is a complicated task due to intricate transaction relationships among distributed sites. For the assessment, the logs need to be checked thoroughly for the effect of the attack. Damage recovery [6] can be “Coldstart” or “Warmstart”. This paper focuses system that uses the “Coldstart” method for damage assessment and recovery. The proposed system uses DAA (Damage Assessment Algorithm) [3] to detect the spread of malicious transaction in distributed replicated database system. After detection of affected transactions, these are recovered using the recovery procedure. II. THE PROPOSED MODEL The architecture of the proposed system is as shown in fig.1. The mobile host in mobile network first gives the encrypted request to fixed proxy server. The fixed proxy server updates the data and the result is given back to the mobile network.