Software system for prevention of internal data leaks

Статья рассматривает проблему утечек корпоративных данных. Функциональные возможности современных систем предотвращения утечек данных кратко анализируются и сравниваются. Необходимость защиты источника данных подтверждается анализом общедоступных статистических данных. Представлены архитектуры программных систем предотвращения внутренних утечек данных для клиент-серверных и многоуровневых корпоративных приложений. Описан способ предотвращения внутренних утечек данных путем анализа поведения пользователей информационных систем. The paper considers the issues of corporative data leaks. Features of modern DLP-systems are presented and compared briefly. The authors have considered the approaches to development of data breach prevention systems. Possible scenarios of internal data theft are discussed. The necessity of database protection against data leaks is proved by statistical information. The paper describes the architecture consisting of middleware database driver and asynchronous statistics handler. Dataflow, sequence and deployment diagrams are used for describing the architectures. The authors examined the alternative architecture for multi-layered application. The article introduces the data breach detection based on behavior analysis

Business intelligence’s self-service tools evaluation

The software selection process in the context of a big company is not an easy task. In the Business Intelligence area, this decision is critical, since the resources needed to implement the tool are huge and imply the participation of all organization actors. We propose to adopt the systemic quality model to perform a neutral comparison between four business intelligence self-service tools. To assess the quality, we consider eight characteristics and eighty-two metrics. We built a methodology to evaluate self-service BI tools, adapting the systemic quality model. As an example, we evaluated four tools that were selected from all business intelligence platforms, following a rigorous methodology. Through the assessment, we obtained two tools with the maximum quality level. To obtain the differences between them, we were more restrictive increasing the level of satisfaction. Finally, we got a unique tool with the maximum quality level, while the other one was rejected according to the rules established in the methodology. The methodology works well for this type of software, helping in the detailed analysis and neutral selection of the final software to be used for the implementation.Peer ReviewedPostprint (published version

Business intelligence’s Self-Service tools evaluation

This project proposes a comparison analysis between 4 different tools, called Self-Service tools, from the Business Intelligence area. The comparison is done adapting a Systemic Quality Model and using some datasets simulated with R. The project was developed in a company

Complex Protection System of Metadata-based Distributed Information Systems

A description of architecture and approaches to the implementation of a protection system of metadatabased adaptable information systems is suggested. Various protection means are examined. The system described is a multilevel complex based on a multiagent system combining IDS functional abilities with structure and logics protection means

Intranet of the future: functional study, comparison of products and practical implementation

Future intranet: functional study, comparison of products and practical implementation 1. Introduction The project has fulfilled three goals: 1) To perform a study of the functionalities which have to be covered in a modern intranet (web 2.0, unified communication, collaboration, etc) 2) To perform a comparison of tools of the market which can be used to implement intranets (commercial and open source products) 3) To test three of these tools (Oracle WebCenter, Liferay Portal and Microsoft SharePoint) and develop a prototype with Oracle WebCenter. In addition, it includes a research about the evolution of the Intranets among the time, as well as a work to discover the current state of this kind of platforms over the entire world. In this introductory research it is also convenient to include other topics which are not strictly technical involving the use of this Intranet. To be more concrete, there is an analysis of the importance of the human role and management of the Intranet, the process of deploying a new Intranet in an organization and methods to evaluate the performance of this new system.   2. Functional study The approach taken to fulfil this goal is to develop a theoretical model describing the relationship between the Intranet and its users, and a complete set of functionalities which could be covered in the Intranet of the future. These functionalities are categorized in groups. The project describes these groups and the functionalities included on them. 3. Comparison of products The project will describe and compare several technologies which can be used to develop an Intranet that we have previously modelled. The purpose here is to discover the strong points and weaknesses of each technology if it was used to develop the Intranet we desire. After having done such a review, the project focuses on three technologies and performs an extensive evaluation of them. Finally, an extensive comparison between these three technologies is done, highlighting where they offer better solutions and performance compared to the other possibilities. 4. Practical implementation The project focuses on three technologies: Oracle WebCenter, Liferay Portal and Microsoft SharePoint. Then, a prototype which covers a set of functionalities of the modelled Intranet has been built with Oracle WebCenter

Kerberos: Secure Single Sign-On Authentication Protocol Framework for Cloud Access Control

Cloud is a relatively new concept, so it is unsurprising that the security of information and data Protection concerns, network security and privacy still need to be addressed fully. The cloud allows clients to avoid hardware and software in Investments, gain flexibility, and cooperation with others, and to take advantage of sophisticated Services. However, security is a big problem for cloud clients especially access control; client profiles management and access services provided by public cloud environment. This article we are proposing an authentication model for cloud based on the Kerberos V5 protocol to provide single sign-on and to prevent against DDOS attacks in the access control system. This model could benefit by filtering against unauthorized access and to reduce the burden, computation and memory usage of cloud against authentication checks for each client. It acts as a trust third party between cloud servers and clients to allow secure access to cloud services. In this paper we will see some of the related work for cloud access control security issues and attacks. Then in next section we will discuss the proposed architecture

An assessment into the impact of using on-line social networking in enhancing learning at University of Malawi - Kamuzu College of Nursing

Quality Management is a critical success factor for organizations to grow their business. Though for a long time, quality management has always been attributed to industries that produce physical products which normally undergo quality inspection at the end of the line, there has been a shift in the trend in recent times where quality management strategies are being applied in service delivery industries as well. One of the service delivery industries is the education sector and especially higher learning institutions like UNIMA – KCN in particular. In the TQM model of quality management, one of its strategies namely Deming Theory says that; to implement quality management in service delivery there is a need to look at how the processes and systems of an organization work, understanding the changes taking place and its causal factors and understanding the human nature and how they are influenced (Knowles, 2011). At KCN one of the key processes for the success of the service delivery is the teaching and learning process which for a long time has used the traditional classroom style of delivery. However, there is a new trend of technology that has come into play in recent years and it is required that institution of higher learning should adopt these technology applications to enhance its processes of service delivery in order to improve quality. This study utilized a case study research strategy under qualitative research method to assess the impact of using online social networking in enhancing learning and teaching at KCN as part of quality management. Data was collected from students and lecturers using a questionnaire which assessed the current dominant learning and teaching styles at KCN, the perception of students and lecturers on use of social networks, challenges facing the adoption of social networks for learning and the proposed strategies that can assist in adopting the use of social networks for learning. The collected data was analyzed using qualitative analysis method with Survey Monkey tool and the results clearly show that social networks have a positive impact on learning and teaching process. The results further confirm that KCN is ready to adopt the use of social networks for learning as it possesses the required teaching and learning styles and it has positive perception towards social networks. The study recommends that a further research be conducted to ascertain the suggested social sites and the strategy of implementing the use of social networks for learning. This could be done with the use of a survey strategy and probability sampling to ensure all data is properly captured from students and lecturers