5 research outputs found
Recommended from our members
Security Versus Integrity in Information Systems
Security and integrity are frequently competing characteristics in an information system. Sectirity implies that a user can only access a specific subset of the information in the system, namely that information which the user has permission to access. Integrity implies that the information is correct , i.e., that it satisfies the constraints, rules and conditions contained in the information system. A problem arises when a user who is unable to access certain information because of security restrictions, is left with an incorrect or inconsistent view of the information system. In this paper we define an information organizational structure and policy which permits security and integrity to co-exist. Our approach, called the xKB approach, specifies an area of the information system for those objects which meet the integrity requirements for a particular user but not the integrity constraints of the information system as a whole. Earlier versions and components of our approach are described in [Steinke, 1991]. Section 2 provides an example of the problem of providing security and maintaining integrity. Section 3 reviews past approaches to the problem and section 4 describes the xKB approach to solving the conflict between security and integrity. Section 5 provides a summary. Comments on the implementation of the xKB approach are found in section 6
Content sensitivity based access control model for big data
Big data technologies have seen tremendous growth in recent years. They are being widely used in both industry and academia. In spite of such exponential growth, these technologies lack adequate measures to protect the data from misuse or abuse. Corporations that collect data from multiple sources are at risk of liabilities due to exposure of sensitive information. In the current implementation of Hadoop, only file level access control is feasible. Providing users, the ability to access data based on attributes in a dataset or based on their role is complicated due to the sheer volume and multiple formats (structured, unstructured and semi-structured) of data. In this dissertation an access control framework, which enforces access control policies dynamically based on the sensitivity of the data is proposed. This framework enforces access control policies by harnessing the data context, usage patterns and information sensitivity. Information sensitivity changes over time with the addition and removal of datasets, which can lead to modifications in the access control decisions and the proposed framework accommodates these changes. The proposed framework is automated to a large extent and requires minimal user intervention. The experimental results show that the proposed framework is capable of enforcing access control policies on non-multimedia datasets with minimal overhea
Diskresionêre sekerheid in objek georiënteerde omgewings
M.Sc (Computer Science)Please refer to full text to view abstrac
Diskresionêre sekerheid in objek georiënteerde omgewings
M.Sc (Computer Science)Please refer to full text to view abstrac
Secure object-oriented databases
D.Phil. (Computer Science)The need for security in a database is obvious. Object-orientation enables databases to be used in applications where other database models are not adequate. It is thus clear that security of object-oriented databases must be investigated..