HEURISTIC ALGORITHM FOR FRAGMENTATION AND ALLOCATION IN DISTRIBUTED OBJECT ORIENTED DATABASE

Class fragmentation and allocation is an important technique to improve the performance of a distributed object oriented database system. The class fragmentation is to split a class into smaller pieces in distributed databases aims to reduce the access to unnecessary data, the allocation is to locate fragmented classes into the sites in the connected network properly to reduce the cost of data transmission. Classes in object databases include attributes describing the characteristics of the object, methods describing the behavior, and relationships with objects with other classes, including relations inheritance. With such characteristics, class fragmentation and allocation in the distributed object oriented database system is more complex than fragmentation technique and design of relational databases. Fragmentation techniques applied in the design of distributed object-oriented database today often do not use cost between the sites, fragments are allocated to the site after getting a fragmentation method of data objects. This paper proposes an algorithm of fragmentation and allocation simultaneously, including the cost of data communication between the sites used for fragmentation to reduce communication costs when processing and querying distributed data

An Investigation into Possible Attacks on HTML5 IndexedDB and their Prevention

This thesis presents an analysis of, and enhanced security model for IndexedDB, the persistent HTML5 browser-based data store. In versions of HTML prior to HTML5, web sites used cookies to track user preferences locally. Cookies are however limited both in file size and number, and must also be added to every HTTP request, which increases web traffic unnecessarily. Web functionality has however increased significantly since cookies were introduced by Netscape in 1994. Consequently, web developers require additional capabilities to keep up with the evolution of the World Wide Web and growth in eCommerce. The response to this requirement was the IndexedDB API, which became an official W3C recommendation in January 2015. The IndexedDB API includes an Object Store, indices, and cursors and so gives HTML5 - compliant browsers a transactional database capability. Furthermore, once downloaded, IndexedDB data stores do not require network connectivity. This permits mobile web- based applications to work without a data connection. Such IndexedDB data stores will be used to store customer data, they will inevitably become targets for attackers. This thesis firstly argues that the design of IndexedDB makes it unavoidably insecure. That is, every implementation is vulnerable to attacks such as Cross Site Scripting, and even data that has been deleted from databases may be stolen using appropriate software tools. This is demonstrated experimentally on both mobile and desktop browsers. IndexedDB is however capable of high performance even when compared to servers running optimized local databases. This is demonstrated through the development of a formal performance model. The performance predictions for IndexedDB were tested experimentally, and the results showed high conformance over a range of usage scenarios. This implies that IndexedDB is potentially a useful HTML5 API if the security issues can be addressed. In the final component of this thesis, we propose and implement enhancements that correct the security weaknesses identified in IndexedDB. The enhancements use multifactor authentication, and so are resistant to Cross Site Scripting attacks. This enhancement is then demonstrated experimentally, showing that HTML5 IndexedDB may be used securely both online and offline. This implies that secure, standards compliant browser based applications with persistent local data stores may both feasible and efficient