70,932 research outputs found
Managing Dynamic User Communities in a Grid of Autonomous Resources
One of the fundamental concepts in Grid computing is the creation of Virtual
Organizations (VO's): a set of resource consumers and providers that join
forces to solve a common problem. Typical examples of Virtual Organizations
include collaborations formed around the Large Hadron Collider (LHC)
experiments. To date, Grid computing has been applied on a relatively small
scale, linking dozens of users to a dozen resources, and management of these
VO's was a largely manual operation. With the advance of large collaboration,
linking more than 10000 users with a 1000 sites in 150 counties, a
comprehensive, automated management system is required. It should be simple
enough not to deter users, while at the same time ensuring local site autonomy.
The VO Management Service (VOMS), developed by the EU DataGrid and DataTAG
projects[1, 2], is a secured system for managing authorization for users and
resources in virtual organizations. It extends the existing Grid Security
Infrastructure[3] architecture with embedded VO affiliation assertions that can
be independently verified by all VO members and resource providers. Within the
EU DataGrid project, Grid services for job submission, file- and database
access are being equipped with fine- grained authorization systems that take VO
membership into account. These also give resource owners the ability to ensure
site security and enforce local access policies. This paper will describe the
EU DataGrid security architecture, the VO membership service and the local site
enforcement mechanisms Local Centre Authorization Service (LCAS), Local
Credential Mapping Service(LCMAPS) and the Java Trust and Authorization
Manager.Comment: Talk from the 2003 Computing in High Energy and Nuclear Physics
(CHEP03), La Jolla, Ca, USA, March 2003, 7 pages, LaTeX, 5 eps figures. PSN
TUBT00
‘Enhanced Encryption and Fine-Grained Authorization for Database Systems
The aim of this research is to enhance fine-grained authorization and encryption
so that database systems are equipped with the controls necessary to help
enterprises adhere to zero-trust security more effectively. For fine-grained
authorization, this thesis has extended database systems with three new
concepts: Row permissions, column masks and trusted contexts. Row
permissions and column masks provide data-centric security so the security
policy cannot be bypassed as with database views, for example. They also
coexist in harmony with the rest of the database core tenets so that enterprises
are not forced to compromise neither security nor database functionality. Trusted
contexts provide applications in multitiered environments with a secure and
controlled manner to propagate user identities to the database and therefore
enable such applications to delegate the security policy to the database system
where it is enforced more effectively. Trusted contexts also protect against
application bypass so the application credentials cannot be abused to make
database changes outside the scope of the application’s business logic. For
encryption, this thesis has introduced a holistic database encryption solution to
address the limitations of traditional database encryption methods. It too coexists
in harmony with the rest of the database core tenets so that enterprises are not
forced to choose between security and performance as with column encryption,
for example. Lastly, row permissions, column masks, trusted contexts and holistic
database encryption have all been implemented IBM DB2, where they are relied
upon by thousands of organizations from around the world to protect critical data
and adhere to zero-trust security more effectively
Design and Implementation of Multilevel Secure Database in Website
Multi-tier web server systems are used in many importantcontexts and their security is a major cause of concern.Such systems can exploit strategies. In this paper, a model was present based onthree-tier architecture (Client tier, Server tier and Database tier) and applying multilevel security on it. The database server tier consists of the DBMS or the database management system and the database and we built it off-line to reduce unauthorized access to sensitive data. The Client tier, which is usually a web browser, processes and displays HTML resources, issues HTML requests and processes the responses. These web browsers are HTTP clients that interact with the Web servers using standard protocols. The Middle or application server tier consists most of the application logic. Inputs receives from the clients and interacts with the database but only the results sent to application server then to client. This achieved by using multilevel of security to protect database, using Authorization, Password Encryption. The process of authorization done by allowing the access to proposed system pages depending on authorized level; Password encrypted using bcrypt with fallbacks on sha-256/512 with key stretching to protect it from cracking by any types of attack. Client-to-Application Server Protocol (CAP) uses the RC4A algorithm to provide data confidentiality to secure transmitted information from application server to client. Keywords: Authentication, Multi-tier model, Multi-Tier Security, Security, Data protection, Internet security
Middleware non-repudiation service for the data warehouse
Nowadays, storing the information is fundamental for the correct functioning of any organization. The critical factor is to guarantee the security of the stored data. In the traditional database systems the security requirements are limited to confidentiality, integrity, availability of the data and user authorization. The criticality of the database system and data repositories for modern business with the new requirements of law and governments, makes the development of new system architecture necessary which ensures sophisticated set of security services. In this paper we propose the database architecture that ensures the non-repudiation of the user queries and data warehouse actions. These security services are accomplished by means of the middleware layer in the data warehouse architecture
Comparison of ASP.NET Core and Spring Boot ecosystems
The article describes a comparative analysis of the ASP.NET Core and Spring Boot framework ecosystems. The research was carried out on the basis of implemented two applications with identical functionality, which use the PostgreSQL database engine. In the implementation of the application, appropriate ORM tools were used to perform database operations, ie Spring Data and Entity Framework Core, technologies enabling the implementation of authentication and authorization (Spring Security and ASP.NET Core Identity) and several additional libraries that simplify the entire process of building the application. The criteria of comparison were the ease and intuitiveness of a given tool in the implementation of the application, the offered possibilities of the tools implementing authentication and authorization mechanisms, the efficiency of database operations, the general structure of the application and basic code metrics. Based on the research, it was found that Spring Data technology is a faster tool than Entity Framework Core, while Spring Security, unlike Asp.Net Core Identity, is less integrated into the framework ecosystem
Protecting Scattered Database by Enforcing Data Preservation Using Data Protection Facilitator
In this paper we are incorporating data preservation in scattered database structure i.e. method of preserving data in scattered database structure and having secure access over it. In this paper data preservation is examined and solution is provided on the aforesaid condition. This paper is a summarized concept of documentation, authorization, access control and encryption that are main points to be taken in consideration in data preservation in scattered database structure. We propose a new method for secure access based on service provider comprising security application. This model set out for safe search on server and user relation. In this paper we used heuristic approach for preservation for scattered database system regarding security, as the importance of secure access is increasing in scattered domains on different issues, in this way we enhanced the database security in Scattered database environment
Security of Database Systems: Authorization Features and Mechanisms
Database security has become an essential issue in assuring the integrity, protection, and reliability of the data stored in a database management system (DBMS). The authorization mechanism is the component of the database security system which has the primary responsibility of safeguarding the previously defined data and access rules needed for database access control. The data and rules for authorization control assist in the enforcement of access controls regarding the list of authorized users, the data objects which the authorized users are allowed to manipulate, and the operations that these users can perform on these objects. As part of its tasks the authorization mechanism can grant or deny access to any user or group of users as appropriate
Cost Effective RADIUS Authentication for Wireless Clients
Network administrators need to keep administrative user information for each network device, but network devices usually support only limited functions for user management. WLAN security is a modern problem that needs to be solved and it requires a lot of overhead especially when applied to corporate wireless networks. Administrators can set up a RADIUS server that uses an external database server to handle authentication, authorization, and accounting for network security issues
- …