Database security - concepts, approaches, and challenges Bertino, E.; Sandhu, R.
IEEE Transactions on Dependable and Secure Computing/IEEE transactions on dependable and secure computing,
2005-Jan.-March, 2005-01-00, 20050101, Letnik:
2, Številka:
1
Journal Article
Odprti dostop
As organizations increase their reliance on, possibly distributed, information systems for daily business, they become more vulnerable to security breaches even as they gain productivity and ...efficiency advantages. Though a number of techniques, such as encryption and electronic signatures, are currently available to protect data when transmitted across sites, a truly comprehensive approach for data protection must also include mechanisms for enforcing access control policies based on data contents, subject qualifications and characteristics, and other relevant contextual information, such as time. It is well understood today that the semantics of data must be taken into account in order to specify effective access control policies. Also, techniques for data integrity and availability specifically tailored to database systems must be adopted. In this respect, over the years, the database security community has developed a number of different techniques and approaches to assure data confidentiality, integrity, and availability. However, despite such advances, the database security area faces several new challenges. Factors such as the evolution of security concerns, the "disintermediation" of access to data, new computing paradigms and applications, such as grid-based computing and on-demand business, have introduced both new security requirements and new contexts in which to apply and possibly extend current approaches. In this paper, we first survey the most relevant concepts underlying the notion of database security and summarize the most well-known techniques. We focus on access control systems, on which a large body of research has been devoted, and describe the key access control models, namely, the discretionary and mandatory access control models, and the role-based access control (RBAC) model. We also discuss security for advanced data management systems, and cover topics such as access control for XML. We then discuss current challenges for database security and some preliminary approaches that address some of these challenges.
A generalized temporal role-based access control model Joshi, J.B.D.; Bertino, E.; Latif, U. ...
IEEE transactions on knowledge and data engineering,
2005-Jan., 2005, 2005-01-00, 20050101, Letnik:
17, Številka:
1
Journal Article
Recenzirano
Role-based access control (RBAC) models have generated a great interest in the security community as a powerful and generalized approach to security management. In many practical scenarios, users may ...be restricted to assume roles only at predefined time periods. Furthermore, roles may only be invoked on prespecified intervals of time depending upon when certain actions are permitted. To capture such dynamic aspects of a role, a temporal RBAC (TRBAC) model has been recently proposed. However, the TRBAC model addresses the role enabling constraints only. In This work, we propose a generalized temporal role-based access control (GTRBAC) model capable of expressing a wider range of temporal constraints. In particular, the model allows expressing periodic as well as duration constraints on roles, user-role assignments, and role-permission assignments. In an interval, activation of a role can further be restricted as a result of numerous activation constraints including cardinality constraints and maximum active duration constraints. The GTRBAC model extends the syntactic structure of the TRBAC model and its event and trigger expressions subsume those of TRBAC. Furthermore, GTRBAC allows expressing role hierarchies and separation of duty (SoD) constraints for specifying fine-grained temporal semantics.
Please cite this paper as: Villar J, Altman D, Purwar M, Noble J, Knight H, Ruyan P, Cheikh Ismail L, Barros F, Lambert A, Papageorghiou A, Carvalho M, Jaffer Y, Bertino E, Gravett M, Bhutta Z, ...Kennedy S, for the International Fetal and Newborn Growth Consortium for the 21st Century (INTERGROWTH‐21st). The objectives, design and implementation of the INTERGROWTH‐21st Project. BJOG 2013; 120 (Suppl. 2): 9–26.
INTERGROWTH‐21st is a multicentre, multiethnic, population‐based project, being conducted in eight geographical areas (Brazil, China, India, Italy, Kenya, Oman, UK and USA), with technical support from four global specialised units, to study growth, health and nutrition from early pregnancy to infancy. It aims to produce prescriptive growth standards, which conceptually extend the World Health Organization (WHO) Multicentre Growth Reference Study (MGRS) to cover fetal and newborn life. The new international standards will describe: (1) fetal growth assessed by clinical and ultrasound measures; (2) postnatal growth of term and preterm infants up to 2 years of age; and (3) the relationship between birthweight, length and head circumference, gestational age and perinatal outcomes. As the project has selected healthy cohorts with no obvious risk factors for intrauterine growth restriction, these standards will describe how all fetuses and newborns should grow, as opposed to traditional charts that describe how some have grown at a given place and time. These growth patterns will be related to morbidity and mortality to identify levels of perinatal risk. Additional aims include phenotypic characterisation of the preterm and impaired fetal growth syndromes and development of a prediction model, based on multiple ultrasound measurements, to estimate gestational age for use in pregnant women without access to early/frequent antenatal care.
Multidomain application environments where distributed multiple organizations interoperate with each other are becoming a reality as witnessed by emerging Internet-based enterprise applications. ...Composition of a global coherent security policy that governs information and resource accesses in such environments is a challenging problem. In this paper, we propose a policy integration framework for merging heterogeneous role-based access control (RBAC) policies of multiple domains into a global access control policy. A key challenge in composition of this policy is the resolution of conflicts that may arise among the RBAC policies of individual domains. We propose an integer programming (IP)-based approach for optimal resolution of such conflicts. The optimality criterion is to maximize interdomain role accesses without exceeding the autonomy losses beyond the acceptable limit.
We present Trust-X; , a comprehensive XML-based framework for trust negotiations, specifically conceived for a peer-to-peer environment. Trust negotiation is a promising approach for establishing ...trust in open systems like the Internet, where sensitive interactions may often occur between entities at first contact, with no prior knowledge of each other. The framework we propose takes into account all aspects related to negotiations, from the specification of the profiles and policies of the involved parties to the selection of the best strategy to succeed in the negotiation. Trust-X; presents a number of innovative features, such as the support for protection of sensitive policies, the use of trust tickets to speed up the negotiation, and the support of different strategies to carry on a negotiation. In this paper, besides presenting the language to encode security information, we present the system architecture and algorithms according to which negotiations take place.
Users hesitate to submit negative feedback in reputation systems due to the fear of retaliation from the recipient user. A privacy preserving reputation protocol protects users by hiding their ...individual feedback and revealing only the reputation score. We present a privacy preserving reputation protocol for the malicious adversarial model. The malicious users in this model actively attempt to learn the private feedback values of honest users as well as to disrupt the protocol. Our protocol does not require centralized entities, trusted third parties, or specialized platforms, such as anonymous networks and trusted hardware. Moreover, our protocol is efficient. It requires an exchange of messages, where and are the number of users in the protocol and the environment, respectively.
Security Analysis of the SASI Protocol Tianjie Cao; Bertino, E.; Hong Lei
IEEE transactions on dependable and secure computing,
2009-Jan.-March, 2009-01-00, 20090101, Letnik:
6, Številka:
1
Journal Article
The ultralightweight RFID protocols only involve simple bit-wise operations (like XOR, AND, OR, etc.) on tags. In this paper, we show that the ultralightweight strong authentication and strong ...integrity (SASI) protocol has two security vulnerabilities, namely denial-of-service (DoS) and anonymity tracing based on a compromised tag. The former permanently disables the authentication capability of a RFID tag by destroying synchronization between the tag and the RFID reader. The latter links a compromised tag with past actions performed on this tag.
Background
Cardiorespiratory (CR) events (apnea, bradycardia, oxygen desaturation) and gastroesophageal reflux (GER) symptoms often coexist in infants admitted to Neonatal Intensive Care Unit, ...leading to over‐prescription of drugs and delayed discharge. We aimed to evaluate the relationships between CR and GER events.
Methods
The temporal associations between CR and GER events were analyzed in symptomatic infants who underwent synchronized CR and pH‐impedance monitoring. The symptom association probability (SAP) index was used to identify infants with a significant number of temporal associations. Gastroesophageal reflux characteristics and the chronological sequence of CR and GER events occurring within 30 seconds of each other were evaluated according to SAP index.
Key Results
Of the 66 infants enrolled, aged 29 (18‐45) days, 58 had CR events during monitoring. From these 58 patients, a total of 1331 CR events and 5239 GER (24% acidic) were detected. The SAP index was positive in seven (12%) infants. These infants had greater GER frequency, duration, and proximal extent (P < .05). The number of temporal associations was 10 times greater in the positive SAP group. Gastroesophageal reflux events preceded CR events in 83% of these associations. These GER events had a higher proximal extent (P = .004), but showed no differences in pH values.
Conclusions & Inferences
The simultaneous evaluation of CR and GER events could be useful to identify infants with severe GER and significant temporal associations between these events. Treatment of GER could be indicated in these infants, but as the GER events involved are mainly non‐acidic, empirical treatment with antacids is, often, inappropriate.
Through simultaneous synchronized cardiorespiratory and pH‐impedance monitoring this study clarifies the association between cardiorespiratory and gastroesophageal reflux events in a large number of symptomatic infants. Symptom association probability index was used to identify infants with a significant number of temporal associations between cardiorespiratory and reflux events. In these infants, cardiorespiratory events were preceded by reflux events in 83% of the associations. However, the fact that the refluxes involved were mainly non‐acidic suggest that empiric pharmacological treatment with antacids drugs is, in most cases, inappropriate.