database security concepts

Database Security—Concepts, Approaches, and Challenges
Elisa Bertino, Fellow, IEEE, and Ravi Sandhu, Fellow, IEEE
Abstract—As organizations increase their reliance on, possibly distributed, information systems for daily business, they become more vulnerable to security breaches even as they gain productivity and efficiency advantages. Though a number of techniques, such as encryption and electronic signatures, are currently available to protect data when transmitted across sites, a truly comprehensive approach for data protection must also include mechanisms for enforcing access control policies based on data contents, subject qualifications and characteristics, and other relevant contextual information, such as time. It is well understood today that the semantics of data must be taken into account in order to specify effective access control policies. Also, techniques for On Five Definitions of Data Integrity .
free download

This paper compares ve de nitions of data integrity , and shows how they can be ordered in an increasingly restrictive sequence. The most general of these, due to Courtney and Ware 6], is based on the concept of expectation of data quality: data has integrity to the extent that

End-to-end Data Integrity for File Systems: A ZFS Case Study.
free download

We present a study of the effects of disk and memory corruption on file system data integrity . Our analysis focuses on Suns ZFS, a modern commercial offering with numerous reliability mechanisms. Through careful and thorough fault injection, we show that ZFS is robust to a

Fast integrity for large data
free download

We present a scheme that provides data integrity with extreme speed. The proposed scheme bases on a different design than those from hash functions. Like a hash function a deterministic algorithm outputs a small string called tag with a message on input, however

Efficient integrity checking technique for securing client data in cloud computing
free download

It has been widely observed that the concept of cloud computing is become one of major theory in the world of IT industry. It involves storing the users data to be able to use the applications and services that the clouds introduce. There is a significant numbers of risks

A system for ensuring data integrity in grid environments
free download

Data integrity has to become one of the central concerns of large-scale distributed computing systems such as the Grid, whose primary products are the results of computation. In order to maintain the integrity of this data , the system must be resilient to diverse attacks We discuss several disk read-write optimizations that are implemented in different transaction systems and disk hardware to improve performance. These include:(1) when multiple sectors are written to disk, the sectors may be written out of sequence (SCSI disk

Identifying data integrity in the cloud storage
free download

In cloud computing, data is moved to a remotely located cloud server. Cloud faithfully stores the data and return back to the owner whenever needed. But there is no guarantee that data stored in the cloud is secured and not altered by the cloud or Third Party Auditor (TPA). In This paper discusses the design and implementation of a high-availability clustering solution. This solution provides data integrity guarantees and a simple and effective way for making services highly available. The implementation of the system design in a Linux

Data integrity on 20nm SSDs
free download

Page 1. Data Integrity on 20nm SSDs Robert Frickey Intel Corporation Flash Memory Summit 2012 Santa Clara, CA 1 Page 2. Agenda Flash Memory Summit 2012 Santa Clara, CA 2 Overview of data integrity metrics Challenges as Nand scales to 20nm and below Nand-related

Security of Fully Distributed Power System State Estimation: Detection and Mitigation of Data Integrity Attacks.
free download

State estimation plays an essential role in the monitoring and supervision of power systems. In todays power systems state estimation is typically done in a centralized or in a hierarchical way, but as power systems will be increasingly interconnected in the future

A robust tamperproof watermarking for data integrity in relational databases
free download

Watermarking for Databases is one of the fastest growing areas of research dealing with security and authentication issues for digital contents when they are shared or distributed to others. One of the security aspects is to authenticate tamperproof receipt of the database This work presents a scheme to build data communication system that can effectively protect data integrity and confidentiality. Firstly, This work briefly introduces the situation of integrity and confidentiality protection. Then, This work brings forward a new cipher, which uses a

Ensuring Data Integrity in Cloud Computing
free download

Cloud computing provides convenient on-demand network access to a shared pool of configurable computing resources. The resources can be rapidly deployed with great efficiency and minimal management overhead. Cloud is an insecure computing platform

Modelling spatial data integrity rules at the metadata level
free download

Data quality in populated spatial databases has been of great concern over the last decade. Much work has gone into means of incorporating spatial business rules in GIS with the ultimate aim of reducing errors in data entry, or detecting them after they are made. This

Digital watermarking method for data integrity protection in wireless sensor networks
free download

Wireless sensor networks are self-organized and data -centric, which have been well applied in many practical areas. But in these applications, data integrity from sensors has not been verified. Thereby in this paper, we have proposed a novel data integrity protection strategy

Refreshing thoughts on DRAM: Power saving vs. data integrity
free download

To head-off the trend of increasing power consumption and throughput overheads due to refresh in DRAM, researchers are exploring ways to fine-tune refresh rate. Refresh management proposals range from temperature-aware refresh to partitioning data cells

Testing and data integrity in the administration of statewide student assessment programs
free download

Testing and data integrity on statewide assessments is defined as the establishment of a comprehensive set of policies and procedures for: a) the proper preparation of students, b) the management and administration of the test (s) that will lead to accurate and appropriate

Experiments on Formal Verification of Mobile Agent Data Integrity Properties.
free download

This paper explores the possibility of applying exist-ing verification techniques and tools to the cryptographic mechanisms specifically designed for the protection of mobile agents from their environment, with a particular emphasis on agent data integrity . In a previous paper we

Data integrity of cloud data storages (CDSs) in cloud
free download

The growing need of Information Technology in every field has lead to the evolution of cloud computing for highly efficient usage of IT resources. Cloud provides services through internet. The computing power to the cloud environment is provided through collection of

Data integrity and confidentiality in outsourced database
free download

An increasing number of enterprises outsource their IT functions or business processes to third-parties who offer these services with a lower cost due to the economy of scale. Quality of service has become a major concern in outsourcing. When database owners outsourced
and availability specifically tailored to database systems must be adopted. In this respect, over the years the database security community has developed a number of different techniques and approaches to assure data confidentiality, integrity, and availability. However, despite such advances, the database security area faces several new challenges. Factors such as the evolution of security concerns, the “disintermediation” of access to data, new computing paradigms and applications, such as grid-based computing and ondemand business, have introduced both new security requirements and new contexts in which to apply and possibly extend current approaches. In this paper, we first survey the most relevant concepts underlying the notion of database security and summarize the most well-known techniques. We focus on access control systems, on which a large body of research has been devoted, and describe the key access control models, namely, the discretionary and mandatory access control models, and the role-based access control (RBAC) model. We also discuss security for advanced data management systems, and cover topics such as access control for XML. We then discuss current challenges for database security and some preliminary approaches that address some of these challenges

Free download research paper