As organizations increase their reliance on, possibly distributed, information systems for daily business, they become more vulnerable to security breaches even as they gain productivity and ...efficiency advantages. Though a number of techniques, such as encryption and electronic signatures, are currently available to protect data when transmitted across sites, a truly comprehensive approach for data protection must also include mechanisms for enforcing access control policies based on data contents, subject qualifications and characteristics, and other relevant contextual information, such as time. It is well understood today that the semantics of data must be taken into account in order to specify effective access control policies. Also, techniques for data integrity and availability specifically tailored to database systems must be adopted. In this respect, over the years, the database security community has developed a number of different techniques and approaches to assure data confidentiality, integrity, and availability. However, despite such advances, the database security area faces several new challenges. Factors such as the evolution of security concerns, the "disintermediation" of access to data, new computing paradigms and applications, such as grid-based computing and on-demand business, have introduced both new security requirements and new contexts in which to apply and possibly extend current approaches. In this paper, we first survey the most relevant concepts underlying the notion of database security and summarize the most well-known techniques. We focus on access control systems, on which a large body of research has been devoted, and describe the key access control models, namely, the discretionary and mandatory access control models, and the role-based access control (RBAC) model. We also discuss security for advanced data management systems, and cover topics such as access control for XML. We then discuss current challenges for database security and some preliminary approaches that address some of these challenges.
A generalized temporal role-based access control model Joshi, J.B.D.; Bertino, E.; Latif, U. ...
IEEE transactions on knowledge and data engineering,
2005-Jan., 2005, 2005-01-00, 20050101, Letnik:
17, Številka:
1
Journal Article
Recenzirano
Role-based access control (RBAC) models have generated a great interest in the security community as a powerful and generalized approach to security management. In many practical scenarios, users may ...be restricted to assume roles only at predefined time periods. Furthermore, roles may only be invoked on prespecified intervals of time depending upon when certain actions are permitted. To capture such dynamic aspects of a role, a temporal RBAC (TRBAC) model has been recently proposed. However, the TRBAC model addresses the role enabling constraints only. In This work, we propose a generalized temporal role-based access control (GTRBAC) model capable of expressing a wider range of temporal constraints. In particular, the model allows expressing periodic as well as duration constraints on roles, user-role assignments, and role-permission assignments. In an interval, activation of a role can further be restricted as a result of numerous activation constraints including cardinality constraints and maximum active duration constraints. The GTRBAC model extends the syntactic structure of the TRBAC model and its event and trigger expressions subsume those of TRBAC. Furthermore, GTRBAC allows expressing role hierarchies and separation of duty (SoD) constraints for specifying fine-grained temporal semantics.
Proving ownership rights on outsourced relational databases is a crucial issue in today's internet-based application environments and in many content distribution applications. In this paper, we ...present a mechanism for proof of ownership based on the secure embedding of a robust imperceptible watermark in relational data. We formulate the watermarking of relational databases as a constrained optimization problem and discuss efficient techniques to solve the optimization problem and to handle the constraints. Our watermarking technique is resilient to watermark synchronization errors because it uses a partitioning approach that does not require marker tuples. Our approach overcomes a major weakness in previously proposed watermarking techniques. Watermark decoding is based on a threshold-based technique characterized by an optimal threshold that minimizes the probability of decoding errors. We implemented a proof of concept implementation of our watermarking technique and showed by experimental results that our technique is resilient to tuple deletion, alteration, and insertion attacks.
Please cite this paper as: Villar J, Altman D, Purwar M, Noble J, Knight H, Ruyan P, Cheikh Ismail L, Barros F, Lambert A, Papageorghiou A, Carvalho M, Jaffer Y, Bertino E, Gravett M, Bhutta Z, ...Kennedy S, for the International Fetal and Newborn Growth Consortium for the 21st Century (INTERGROWTH‐21st). The objectives, design and implementation of the INTERGROWTH‐21st Project. BJOG 2013; 120 (Suppl. 2): 9–26.
INTERGROWTH‐21st is a multicentre, multiethnic, population‐based project, being conducted in eight geographical areas (Brazil, China, India, Italy, Kenya, Oman, UK and USA), with technical support from four global specialised units, to study growth, health and nutrition from early pregnancy to infancy. It aims to produce prescriptive growth standards, which conceptually extend the World Health Organization (WHO) Multicentre Growth Reference Study (MGRS) to cover fetal and newborn life. The new international standards will describe: (1) fetal growth assessed by clinical and ultrasound measures; (2) postnatal growth of term and preterm infants up to 2 years of age; and (3) the relationship between birthweight, length and head circumference, gestational age and perinatal outcomes. As the project has selected healthy cohorts with no obvious risk factors for intrauterine growth restriction, these standards will describe how all fetuses and newborns should grow, as opposed to traditional charts that describe how some have grown at a given place and time. These growth patterns will be related to morbidity and mortality to identify levels of perinatal risk. Additional aims include phenotypic characterisation of the preterm and impaired fetal growth syndromes and development of a prediction model, based on multiple ultrasound measurements, to estimate gestational age for use in pregnant women without access to early/frequent antenatal care.
Multidomain application environments where distributed multiple organizations interoperate with each other are becoming a reality as witnessed by emerging Internet-based enterprise applications. ...Composition of a global coherent security policy that governs information and resource accesses in such environments is a challenging problem. In this paper, we propose a policy integration framework for merging heterogeneous role-based access control (RBAC) policies of multiple domains into a global access control policy. A key challenge in composition of this policy is the resolution of conflicts that may arise among the RBAC policies of individual domains. We propose an integer programming (IP)-based approach for optimal resolution of such conflicts. The optimality criterion is to maximize interdomain role accesses without exceeding the autonomy losses beyond the acceptable limit.
We present Trust-X; , a comprehensive XML-based framework for trust negotiations, specifically conceived for a peer-to-peer environment. Trust negotiation is a promising approach for establishing ...trust in open systems like the Internet, where sensitive interactions may often occur between entities at first contact, with no prior knowledge of each other. The framework we propose takes into account all aspects related to negotiations, from the specification of the profiles and policies of the involved parties to the selection of the best strategy to succeed in the negotiation. Trust-X; presents a number of innovative features, such as the support for protection of sensitive policies, the use of trust tickets to speed up the negotiation, and the support of different strategies to carry on a negotiation. In this paper, besides presenting the language to encode security information, we present the system architecture and algorithms according to which negotiations take place.
Users hesitate to submit negative feedback in reputation systems due to the fear of retaliation from the recipient user. A privacy preserving reputation protocol protects users by hiding their ...individual feedback and revealing only the reputation score. We present a privacy preserving reputation protocol for the malicious adversarial model. The malicious users in this model actively attempt to learn the private feedback values of honest users as well as to disrupt the protocol. Our protocol does not require centralized entities, trusted third parties, or specialized platforms, such as anonymous networks and trusted hardware. Moreover, our protocol is efficient. It requires an exchange of messages, where and are the number of users in the protocol and the environment, respectively.
Security Analysis of the SASI Protocol Tianjie Cao; Bertino, E.; Hong Lei
IEEE transactions on dependable and secure computing,
2009-Jan.-March, 2009-01-00, 20090101, Letnik:
6, Številka:
1
Journal Article
The ultralightweight RFID protocols only involve simple bit-wise operations (like XOR, AND, OR, etc.) on tags. In this paper, we show that the ultralightweight strong authentication and strong ...integrity (SASI) protocol has two security vulnerabilities, namely denial-of-service (DoS) and anonymity tracing based on a compromised tag. The former permanently disables the authentication capability of a RFID tag by destroying synchronization between the tag and the RFID reader. The latter links a compromised tag with past actions performed on this tag.
PDF
