178 research outputs found
Performance study of a COTS Distributed DBMS adapted for multilevel security
Multilevel secure database management system (MLS/DBMS) products
no longer enjoy direct commercial-off-the-shelf (COTS) support.
Meanwhile, existing users of these MLS/DBMS products continue to
rely on them to satisfy their multilevel security requirements.
This calls for a new approach to developing MLS/DBMS systems, one
that relies on adapting the features of existing COTS database
products rather than depending on the traditional custom design
products to provide continuing MLS support.
We advocate fragmentation as a good basis for implementing
multilevel security in the new approach because it is well
supported in some current COTS database management systems. We
implemented a prototype that utilises the inherent advantages of
the distribution scheme in distributed databases for controlling
access to single-level fragments; this is achieved by augmenting
the distribution module of the host distributed DBMS with MLS code
such that the clearance of the user making a request is always
compared to the classification of the node containing the
fragments referenced; requests to unauthorised nodes are simply
dropped.
The prototype we implemented was used to instrument a series of
experiments to determine the relative performance of the tuple,
attribute, and element level fragmentation schemes. Our
experiments measured the impact on the front-end and the network
when various properties of each scheme, such as the number of
tuples, attributes, security levels, and the page size, were
varied for a Selection and Join query. We were particularly
interested in the relationship between performance degradation and
changes in the quantity of these properties. The performance of
each scheme was measured in terms of its response time.
The response times for the element level fragmentation scheme
increased as the numbers of tuples, attributes, security levels,
and the page size were increased, more significantly so than when
the number of tuples and attributes were increased. The response
times for the attribute level fragmentation scheme was the
fastest, suggesting that the performance of the attribute level
scheme is superior to the tuple and element level fragmentation
schemes. In the context of assurance, this research has also shown
that the distribution of fragments based on security level is a
more natural approach to implementing security in MLS/DBMS
systems, because a multilevel database is analogous to a
distributed database based on security level.
Overall, our study finds that the attribute level fragmentation
scheme demonstrates better performance than the tuple and element
level schemes. The response times (and hence the performance) of
the element level fragmentation scheme exhibited the worst
performance degradation compared to the tuple and attribute level
schemes
Text books untuk mata kuliah pemrograman web
.HTML.And.Web.Design.Tips.And.Techniques.Jan.2002.ISBN.0072228253.pd
Digital archives : comparative study and interoperability framework
Estágio realizado na ParadigmaXis e orientado pelo Eng.º Filipe CorreiaTese de mestrado integrado. Engenharia Informátca e Computação. Faculdade de Engenharia. Universidade do Porto. 200
Visualization for network forensic analyses: extending the Forensic Log Investigator (FLI)
In a network attack investigation, the mountain of information collected from varying sources can be daunting. Investigators face significant challenges in being able to correlate findings from these sources, given difficulties with time synchronization. In addition, it is difficult to obtain summary or overview information for one set of data, much less the entire case. This, in turn, makes it nearly impossible to accurately identify missing information.;Identifying these information gaps is one problem, yet another is filling them in. Investigators must rely on legal processes and requests to obtain the information they need. However, it is extremely important they are aware of cases or events that cross jurisdictional boundaries. Where tools exist to assist in evidence overview, they do not contain the necessary geographic information for investigators to quickly ascertain the location of those involved.;In addition to these difficulties, investigators need to perform several types of analysis on the evidence that has been collected. Several of these analyses cannot typically be performed on data from multiple log files, since they are based on timing data. Furthermore, it is difficult to understand results from these analyses without visual representation, and there are no tools to bring them together in a single frame.;This thesis details the design and implementation of an analysis and visualization extension for the Forensic Log Investigator, or FLI. FLI is a web-based analysis and visualization architecture built on advanced technologies and enterprise infrastructure. This extension assists investigators by providing the ability to correlate evidence and analysis across traditional log file and analysis method boundaries, identify information gaps, and perform analysis in accordance with published evidence handling guidelines
‘Enhanced Encryption and Fine-Grained Authorization for Database Systems
The aim of this research is to enhance fine-grained authorization and encryption
so that database systems are equipped with the controls necessary to help
enterprises adhere to zero-trust security more effectively. For fine-grained
authorization, this thesis has extended database systems with three new
concepts: Row permissions, column masks and trusted contexts. Row
permissions and column masks provide data-centric security so the security
policy cannot be bypassed as with database views, for example. They also
coexist in harmony with the rest of the database core tenets so that enterprises
are not forced to compromise neither security nor database functionality. Trusted
contexts provide applications in multitiered environments with a secure and
controlled manner to propagate user identities to the database and therefore
enable such applications to delegate the security policy to the database system
where it is enforced more effectively. Trusted contexts also protect against
application bypass so the application credentials cannot be abused to make
database changes outside the scope of the application’s business logic. For
encryption, this thesis has introduced a holistic database encryption solution to
address the limitations of traditional database encryption methods. It too coexists
in harmony with the rest of the database core tenets so that enterprises are not
forced to choose between security and performance as with column encryption,
for example. Lastly, row permissions, column masks, trusted contexts and holistic
database encryption have all been implemented IBM DB2, where they are relied
upon by thousands of organizations from around the world to protect critical data
and adhere to zero-trust security more effectively
Development of Online Course System and an Open Access Online Repository
This Project was divided in to two phases: the first phase comprising of development of an online course system for the institute with the help of moodle. Moodle( modular object oriented dynamic learning environment) is an open source software package for producing internet-based courses and web sites. It's an ongoing development project designed to support a social Constructionist framework of education. Moodle is provided freely as Open Source software (under the GNU Public License). Basically this means Moodle is copyrighted, but that we have additional freedoms of improvising the source code.
The 2nd Phase of the project was that of deployment of an open access online repository system using E-prints. EPrints is an open source software package for building open access repositories that are compliant with the Open Archives Initiative Protocol for Metadata Harvesting. It shares many of the features commonly seen in Document Management systems, but is primarily used for institutional repositories and scientific journals. EPrints has been developed at the University of Southampton School of Electronics and Computer Science and released under a GPL license
Database Principles and Technologies – Based on Huawei GaussDB
This open access book contains eight chapters that deal with database technologies, including the development history of database, database fundamentals, introduction to SQL syntax, classification of SQL syntax, database security fundamentals, database development environment, database design fundamentals, and the application of Huawei’s cloud database product GaussDB database. This book can be used as a textbook for database courses in colleges and universities, and is also suitable as a reference book for the HCIA-GaussDB V1.5 certification examination. The Huawei GaussDB (for MySQL) used in the book is a Huawei cloud-based high-performance, highly applicable relational database that fully supports the syntax and functionality of the open source database MySQL. All the experiments in this book can be run on this database platform. As the world’s leading provider of ICT (information and communication technology) infrastructure and smart terminals, Huawei’s products range from digital data communication, cyber security, wireless technology, data storage, cloud computing, and smart computing to artificial intelligence
Decentralized information flow control for databases
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2012.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Cataloged from student-submitted PDF version of thesis.Includes bibliographical references (p. 177-194).Privacy and integrity concerns have been mounting in recent years as sensitive data such as medical records, social network records, and corporate and government secrets are increasingly being stored in online systems. The rate of high-profile breaches has illustrated that current techniques are inadequate for protecting sensitive information. Many of these breaches involve databases that handle information for a multitude of individuals, but databases don't provide practical tools to protect those individuals from each other, so that task is relegated to the application. This dissertation describes a system that improves security in a principled way by extending the database system and the application platform to support information flow control. Information flow control has been gaining traction as a practical way to protect information in the contexts of programming languages and operating systems. Recent research advocates the decentralized model for information flow control (DIFC), since it provides the necessary expressiveness to protect data for many individuals with varied security concerns.However, despite the fact that most applications implicated in breaches rely on relational databases, there have been no prior comprehensive attempts to extend DIFC to a database system. This dissertation introduces IFDB, which is a database management system that supports DIFC with minimal overhead. IFDB pioneers the Query by Label model, which provides applications with a simple way to delineate constraints on the confidentiality and integrity of the data they obtain from the database. This dissertation also defines new abstractions for managing information flows in a database and proposes new ways to address covert channels. Finally, the IFDB implementation and case studies with real applications demonstrate that database support for DIFC improves security, is easy for developers to use, and has good performance.by David Andrew Schultz.Ph.D
Database Principles and Technologies – Based on Huawei GaussDB
This open access book contains eight chapters that deal with database technologies, including the development history of database, database fundamentals, introduction to SQL syntax, classification of SQL syntax, database security fundamentals, database development environment, database design fundamentals, and the application of Huawei’s cloud database product GaussDB database. This book can be used as a textbook for database courses in colleges and universities, and is also suitable as a reference book for the HCIA-GaussDB V1.5 certification examination. The Huawei GaussDB (for MySQL) used in the book is a Huawei cloud-based high-performance, highly applicable relational database that fully supports the syntax and functionality of the open source database MySQL. All the experiments in this book can be run on this database platform. As the world’s leading provider of ICT (information and communication technology) infrastructure and smart terminals, Huawei’s products range from digital data communication, cyber security, wireless technology, data storage, cloud computing, and smart computing to artificial intelligence
Spartan Daily, September 19, 1997
Volume 109, Issue 15https://scholarworks.sjsu.edu/spartandaily/9162/thumbnail.jp
- …