A Concurrency Control Method Based on Commitment Ordering in Mobile Databases

Disconnection of mobile clients from server, in an unclear time and for an unknown duration, due to mobility of mobile clients, is the most important challenges for concurrency control in mobile database with client-server model. Applying pessimistic common classic methods of concurrency control (like 2pl) in mobile database leads to long duration blocking and increasing waiting time of transactions. Because of high rate of aborting transactions, optimistic methods aren`t appropriate in mobile database. In this article, OPCOT concurrency control algorithm is introduced based on optimistic concurrency control method. Reducing communications between mobile client and server, decreasing blocking rate and deadlock of transactions, and increasing concurrency degree are the most important motivation of using optimistic method as the basis method of OPCOT algorithm. To reduce abortion rate of transactions, in execution time of transactions` operators a timestamp is assigned to them. In other to checking commitment ordering property of scheduler, the assigned timestamp is used in server on time of commitment. In this article, serializability of OPCOT algorithm scheduler has been proved by using serializability graph. Results of evaluating simulation show that OPCOT algorithm decreases abortion rate and waiting time of transactions in compare to 2pl and optimistic algorithms.Comment: 15 pages, 13 figures, Journal: International Journal of Database Management Systems (IJDMS

A Human-Centric Approach to Group-Based Context-Awareness

The emerging need for qualitative approaches in context-aware information processing calls for proper modeling of context information and efficient handling of its inherent uncertainty resulted from human interpretation and usage. Many of the current approaches to context-awareness either lack a solid theoretical basis for modeling or ignore important requirements such as modularity, high-order uncertainty management and group-based context-awareness. Therefore, their real-world application and extendability remains limited. In this paper, we present f-Context as a service-based context-awareness framework, based on language-action perspective (LAP) theory for modeling. Then we identify some of the complex, informational parts of context which contain high-order uncertainties due to differences between members of the group in defining them. An agent-based perceptual computer architecture is proposed for implementing f-Context that uses computing with words (CWW) for handling uncertainty. The feasibility of f-Context is analyzed using a realistic scenario involving a group of mobile users. We believe that the proposed approach can open the door to future research on context-awareness by offering a theoretical foundation based on human communication, and a service-based layered architecture which exploits CWW for context-aware, group-based and platform-independent access to information systems

Access control in object-oriented databases

In a multi-user environment with a large shared database, it is necessary that the security of data in the database is considered. To enforce security of data in a database, we start with an access control model. The model defines which users have what privileges to which information. There are three different types of access control policies: discretionary access control (DAC), mandatory access control (MAC), and role-based access control (RBAC). A discretionary access control specifies users\u27 privileges to different system resources, including their ability to transfer their privileges to other users. In a mandatory access control, the access of data by users is based on authorized security clearance levels. MAC policies are of concern in multi-level databases, which are databases that contain information of different security levels. A role-based access control manages access to data based on a user\u27s responsibility within an organization. Each role has an associated collection of privileges. This collection is automatically transferred to a subject who plays the role. Most of the current access control models in database systems are developed for relational databases. Since the object-oriented database (OODB) model differs substantially from the relational model, results obtained for relational databases as well as models proposed for relational databases are not necessarily applicable to OODB systems. Amongst other issues, inheritance and the encapsulation of methods in the database information pose challenges in designing new authorization models for OODB systems. It is therefore necessary to extend the research on secure databases to include the O-O model. This thesis presents a study of security in OODB systems. Access control protection forms a substantial component of this work. Principles from the O-O model are used to express rules for computing implicit privileges from explicit ones. It requires an efficient mechanism which evaluates implicit rights each time an access IS requested. A cryptographic mechanism which is based on unique and secure access keys for each entity (object or class) is proposed. The proposal ensures that access keys for implicit authorizations were derived from related entities by applying pseudo-random and SIFF functions during query processing. The security of the system is based on the difficulty of predicting the output of pseudo-random functions and finding extra collisions for SIFF functions. Both are known to be computationally difficult. Another major requirement for the access control model is the implementation of content-dependent authorization. The content-dependent authorization incorporates the value of attributes in the access control model. The accessible data are determined by checking the requested attributes. A content-dependent access control model based on views is proposed. Rules for computing an implicit authorization from the explicit ones are also formulated. Finally, a new design approach for a secure multi-level OODB system based on views is proposed. The central idea is to provide the user with a multi-level view derived from a single-level secure OODB system. Hence the database operations performed on the multi-level views are decomposed into a set of operations on the single-level objects. They can then be implemented on any conventional mandatory security kernel

Security In Databases: A Survey Study

In this paper, we survey the security of coventional databases and object-oriented databases that have been reported in the current literature. This is an area of substantial interest in databases because (1) the use of databases is becoming very important in today's enterprises, (2) databases contain information that is a major enterprise asset. Security concerns, requirements, and problems that arise in the pursuit of meeting these requirements for security in databases are illustrated. We discuss access control issues in databases, and futher identify some promising research directions. 1 Introduction Information is a critical resource in today's enterprises, whether they are military, industrial, commercial, educational, medical, etc. These organizations are now automating not only their basic operational functions, such as invoicing, payroll, and stock control, but also managementsupport functions such as sales forecasting, budgeting, and financial control. In order to support th..

A Security Model for Multi-level Object-Oriented Databases Based on Views

In this paper, we employ the view model given by Bertino to propose a new design approach for a secure multi-level object-oriented database system. The central idea is to provide the user with a multi-level view derived from a single-level secure object-oriented database. Hence the database operations performed on the multi-level views are decomposed into a set of operations on the single-level objects which can be implemented on any conventional mandatory security kernel. We show that this approach allows us to overcome the difficulties of handling content and context dependent classification, dynamic classification, and aggregation and inference problems in multi-level object-oriented databases. Keywords: Object-oriented databases, View mechanism, Multi-level view model, Multilevel secure databases, Security models 1 Introduction For many years, many database security researches have been done to extend the classical relational model to obtain multilevel relations (see for example ..

A Review Study on Electronic Election

In a democratic society, there is a need for a system that citizen practise their democratic rights and vote with accuracy, privacy, and security. Any such system must provide citizen's rights including equal access to the voting process by all individuals, the ability to verify the registration, and the ability to vote in privacy without intimidation. Therefore, the problem of designing such a system has been the subject of interest among researchers for a number of years. This paper reviews known solutions on electronic election, describes what are currently thought, and points out the main features and characteristics of secure voting systems. 1 Introduction. Modern societies more and more rely on computer systems and networks. The development of cryptographic techniques allows us to "computerize" some of the new untouched area of human activity. Task such as voting is a simple human activity in democratic communities. In this review we are going to study electronic implementation ..

A Practical Electronic Voting Protocol Using Threshold Schemes

This paper presents a novel secret voting scheme which fully conforms to the requirements of large scale elections. The participants in the scheme are voters, candidates, an administrator, and a counter. The scheme uses threshold encryption to preserve the privacy and accuracy of the votes against dishonesty of voters, candidates, the administrator, and the counter. It also ensures verifiability, fairness, and soundness of the voting process and hence neither administrator nor candidates, or the counter is capable of producing false tally, affecting the voting result, or corrupting/disrupting the election. A Practical Electronic Voting Protocol Using Threshold Schemes 1 Introduction The development of cryptographic techniques allow us to "computerize" many areas of human activities. Voting is an important human activity in a democratic society. The problem of providing a secure system which ensures privacy of the voters and accuracy of the votes, and is suitable for application in l..