Your search keyword '"*DATABASE security"' showing total 49 results

1. Data security and data transmission delay trade-offs inhealthcare blockchain techniques.

Author

Sodhi, Navdeep Singh and Singla, Sofia

Subjects

*DATA security, *DATA transmission systems, *BLOCKCHAINS, *DATABASE security, *SECURITY systems, *SECONDARY research, *EVIDENCE gaps, *EMAIL security

Abstract

With the advancement of technology, data security has become a great issue across the entire world. Every day new vulnerabilities and security breaches are introduced over the communication channel, despite better data security policies. It has been noticed that data security issue is more drastically faced by the healthcare sector only. In regard to major issues related to data security, blockchain technology has acquired great attention. Blockchain technology is a technique for the secure processing of transactions using a decentralized network. In this study, multiple data security techniques based on blockchain technology implemented on healthcare records are analyzed. Among all these existing techniques, some of the techniques are graphically compared and analyzed to figure out the tradeoff between data security and data transmission delay. A theoretical research methodology is used to present an analysis and consider a valid research gap. It shows that how study has come to a conclusion after performing a graphical analysis using secondary research method. It is concluded that considered methodology is completely able to achieve respective goals of study. Finally, graphical result analysis shows that the Diabetes blockchain consortium framework has relatable data transmission delay even though after considering highly advanced blockchain-based data security systems over healthcare records. [ABSTRACT FROM AUTHOR]

Published

2024

2. Design and implementation of vehicle security module using touch key and RFID.

Author

Maryati, Rusmini Sri, Raihan, Saberani, and Jauhari, Muhammad Firdaus

Subjects

*RADIO frequency identification systems, *POSITION sensors, *DATABASE security, *SENSOR placement, *SECURITY systems, *AUTOMOBILE theft

Abstract

The design of this vehicle security module serves to prevent vehicle theft crimes. The module is implemented on a motorbike and experimental methods are used to answer the design and implementation problems of security devices using this touch key and RFID system. When the engine is off, the security module will automatically deactivate the crankshaft position sensor signal and the motorcycle starting system. To turn on the motorcycle, the driver needs to reactivate the two systems that have been disconnected earlier, using the touch key method and ID tag recognition on the RFID. The test results of the security module can work according to the specified design. The touch button can activate the engine speed signal as the main engine control module data, and for identification of the position of the ID tag that is given a barrier, the module can still read well up to a distance of 10 cm. The starter system will only start the engine if the ID tag has been inputted in the vehicle security system database. [ABSTRACT FROM AUTHOR]

Published

2023

3. An ontology-based secure design framework for graph-based databases.

Author

Paneque, Manuel, Roldán-García, María del Mar, Blanco, Carlos, Maté, Alejandro, Rosado, David G., and Trujillo, Juan

Subjects

*NONRELATIONAL databases, *DATABASE security, *DATABASES, *DATA security, *ONTOLOGIES (Information retrieval), *SECURITY systems, *ACCESS control

Abstract

Graph-based databases are concerned with performance and flexibility. Most of the existing approaches used to design secure NoSQL databases are limited to the final implementation stage, and do not involve the design of security and access control issues at higher abstraction levels. Ensuring security and access control for Graph-based databases is difficult, as each approach differs significantly depending on the technology employed. In this paper, we propose the first technology-ascetic framework with which to design secure Graph-based databases. Our proposal raises the abstraction level by using ontologies to simultaneously model database and security requirements together. This is supported by the TITAN framework, which facilitates the way in which both aspects are dealt with. The great advantages of our approach are, therefore, that it: allows database designers to focus on the simultaneous protection of security and data while ignoring the implementation details; facilitates the secure design and rapid migration of security rules by deriving specific security measures for each underlying technology, and enables database designers to employ ontology reasoning in order to verify whether the security rules are consistent. We show the applicability of our proposal by applying it to a case study based on a hospital data access control. • Database designers can focus on data to be protected, ignoring the implementation. • Facilitates quick migration of security rules to each underlying database technology. • Enable checking whether the security rules are consistent through ontology reasoning. [ABSTRACT FROM AUTHOR]

Published

2024

4. Browser Security: Appearances Can Be Deceiving.

Subjects

*DATA security, *DATA protection, *DATABASE management, *DATABASE security, *COMPUTER security, *SECURITY systems

Abstract

An interview is presented on the subject of data management and security with computer science and engineering professionals Jeremiah Grossman of the Internet security services provider WhiteHat Security, Ben Livshits of the computer software company Microsoft Research, network security technology expert Rebecca Gurley Bace of the network security consultancy Infidel, and software engineer George Neville-Neil.

Published

2013

5. Data Services.

Subjects

*DATA protection, *ACCESS control, *SECURITY systems, *METADATA, *COMPUTER network security, *DATABASE security

Abstract

The article focuses on data services for business owners looking for access control of enterprise data. Topics include the specialization of Web services, the enabling of advanced querying functionality, and service-oriented architectures (SOA). Information is provided on integrated data services, cloud data services, and advanced technical issues in associated data service technologies. Several graphs are presented on service-enabling in relational data stores, an entity data model, and an OData service metadata document. INSETS: Service-Enabling Data Sources;Integrated Data Services.

Published

2012

6. INFORMATION SECURITY AND RISK MANAGEMENT.

Author

BODIN, LAWRENCE D., GORDON, LAWRENCE A., and LOEB, MARTIN P.

Subjects

*RISK management in business, *INFORMATION services security measures, *COMPUTER security, *DATA protection, *SECURITY systems, *ACCESS to information, *DATA security, *DATABASE security, *DATABASE management

Abstract

The article focuses on information security and risk management. The perceived composite risk (PCR) is a composite metric that focuses on the aspects of information security risk including expected loss, expected severe loss, and standard deviation of the loss. Moreover, it provides the user powerful tools for examining proposals for enhancement of an organization's information security system. Meanwhile, it is recommended to use Analytic Hierarchy Process (AHP) in determining the weights in the PCR.

Published

2008

7. Better-Than-Nothing Security Practices.

Author

Berghel, Hal

Subjects

*COMPUTER security, *DATABASE security, *COMPUTER network security, *ACCESS control, *ELECTRONIC information resources, *SECURITY systems, *DATA protection

Abstract

The article focuses on digital security models available for general information security. There are several kinds recommended by professionals including time-based security, principal of least privilege, defense-in-depth, baseline security, perimeter hardening, intrusion detection and intrusion prevention. Time-based security uses time as the measure of risk. The principle of least privilege depends on the degree of control a user has. The "Better-Than-Nothing" Security Practices (BTNSP) model is given as an example of a security prototype. Information is given for BTNSP online.

Published

2007

8. Saving Big Data from Itself.

Author

Pentland, Alex "Sandy"

Subjects

*BIG data, *DATA mining -- Social aspects, *DATABASE security, *ELECTRONIC data processing -- Law & legislation, *COMPUTER security, *DATA encryption, *DATA privacy, *SECURITY systems

Abstract

The article discusses the collection and analysis of big data records on human behavior, focusing on ways to prevent the abuse of the information by industries or governments. Topics include the role of big data in business and government functions and the dangers of data hoarding, the suggestion that organizations such as the U.S. National Security Agency (NSA) separate big data resources and that all personal data be encrypted, and experimentation with policies and procedures.

Published

2014

9. A Novel Minutiae Triangulation Technique for Non-invertible Fingerprint Template Generation.

Author

Trivedi, Amit Kumar, Thounaojam, Dalton Meitei, and Pal, Shyamosree

Subjects

*DATABASE security, *ERROR rates, *TRIANGULATION, *SECURITY systems

Abstract

The fingerprint is the readily available and most widely used biometrics for the security of a system. In order to impart the security of the template database, it is important to make the fingerprint template robust to fingerprint reconstruction, i.e., invertibility. In this paper, a fingerprint template is proposed using a novel minutiae triangulation technique. In this triangulation technique, the set of minutiae of a template is taken to generate a set of minutiae triplets each forming a triangle. After this, a minutiae transformation is applied to obtain a set of triplets of internal angles of the triangle which also removes the minutiae location and orientation information. In the absence of this information, the orientation map of the fingerprint cannot be estimated. This set of triplets together with some other information is used as a proposed fingerprint template. The proposed system is experimented using standard FVC2000, FVC2004 and FVC2006 databases and yields better results in terms of EER (Equal Error Rate) as compared with the state-of-art techniques. • A novel minutiae triangulation technique for generating a robust fingerprint template is proposed. • The proposed threshold for minutiae triplet validation is adaptive. • The proposed fingerprint template is robust against fingerprint deformation. [ABSTRACT FROM AUTHOR]

Published

2021

10. A QUANTUM CRYPTOGRAPHIC SOLUTION TO THE PROBLEM OF ACCESS CONTROL IN A HIERARCHY.

Author

NAGY, NAYA and AKL, SELIM G.

Subjects

*DATA encryption, *SECURITY systems, *COMPUTER security, *CRYPTOGRAMS, *CIPHERS

Abstract

Access control in a hierarchy refers to a selective access to a database. A large number of users work with the same database. These users are organized in a hierarchical structure and therefore have different access rights to the data. This paper offers a solution to the problem of access control in a hierarchy based on quantum cryptography. Each user has two keys: a classical key and a quantum key. Our scheme offers several security advantages over the classical schemes to date. It protects users from identity theft and prevents collusion attacks. Most importantly though, our scheme adapts to dynamic changes of the user hierarchy: users may join, leave, or change position in the hierarchy, without affecting the rest of the user structure. [ABSTRACT FROM AUTHOR]

Published

2010

11. Theoretical aspects of information security.

Author

Vydrin, A. S.

Subjects

*SECURITY systems, *MATHEMATICAL models, *DATABASE security, *DATA security, *INFORMATION technology security

Abstract

We construct a formal model of a security control system for an automated system and analyze errors in making decisions concerning the system’s security level under conditions of partial information availability. [ABSTRACT FROM AUTHOR]

Published

2009

12. DiSC: Benchmarking Secure Chip DBMS.

Author

Anciaux, Nicolas, Bouganim, Luc, Pucheral, Philippe, and Valduriez, Patrick

Subjects

*INTEGRATED circuits, *SMART cards, *DATABASE management, *DATABASE design, *INFORMATION technology security, *DATABASE security, *DATA libraries, *ELECTRONIC locking devices, *ELECTRONIC data processing, *SECURITY systems

Abstract

Secure chips, e.g., present in smart cards, USB dongles, i-buttons, are now ubiquitous in applications with strong security requirements. Moreover, they require embedded data management techniques. However, secure chips have severe hardware constraints, which make traditional database techniques irrelevant. The main problem faced by secure chip DBMS designers is to be able to assess various design choices and trade-offs for different applications. Our solution is to use a benchmark for secure chip DBMS in order to 1) compare different database techniques, 2) predict the limits of on-chip applications, and 3) provide codesign hints. In this paper, we propose Data management in Secure Chip (DISC), a benchmark that reaches these three objectives. This work benefits from our long experience in developing and tuning data management techniques for the smart card. To validate DiSC, we compare the behavior of candidate data management techniques using a cycle-accurate smart-card simulator. Furthermore, we show the applicability of DiSC to future designs involving new hardware platforms and new database techniques. [ABSTRACT FROM AUTHOR]

Published

2008

13. Privacy-Preserving String Comparisons in Record Linkage Systems: A Review.

Author

Trepetin, Stanley

Subjects

*DATA protection, *COMPUTER network security, *ANONYMITY, *INFORMATION sharing, *INFORMATION resources, *PRIVACY, *DATABASE security, *DATA security, *INFORMATION technology security, *SECURITY systems

Abstract

We face a growing need to be able to perform linkage among data set records to connect data about the same individual, organization or event so that further analysis becomes possible. At the same time, we also need to do a better job of protecting the privacy of the individuals identified by data set records. Therefore, it would be ideal if linkage could be effectively performed based not on the actual data but on some anonymous form of the data without diminishing the ability to link records whose identifiers are only “close” to each other, not equal, because of typical recording errors. This paper reviews existing proposals for how such anonymized string comparisons might be accomplished, but demonstrates that existing methods have various operational deficiencies. It therefore argues that new, more capable methods are needed. [ABSTRACT FROM AUTHOR]

Published

2008

14. Corporate Expectations of the IT Department in an Age of Terrorism: Ensuring “Battle Readiness”.

Author

Fleming, RobertS.

Subjects

*TERRORISM & business, *ECONOMIC impact, *TERRORISM, *BUSINESS databases, *DATABASE security, *INFORMATION technology security, *DATA protection, *INFORMATION resources management, *INFORMATION resources, *SECURITY systems

Abstract

Contemporary businesses face many new and unprecedented challenges including the threat of terrorism. The impact of a terrorist attack can undermine an organization's success and survival. A significant area of organizational vulnerability to acts of terrorism involves the information systems infrastructure of the organization. This article discusses the mission-critical expectations that corporate executives have for their information technology departments with respect to securing and protecting these essential resources. [ABSTRACT FROM AUTHOR]

Published

2008

15. Biometric Authentication for Border Control Applications.

Author

Taekyoung Kwon and Hyeonjoon Moon

Subjects

*BIOMETRIC identification, *IDENTIFICATION, *SECURITY systems, *HUMAN fingerprints, *ANTHROPOMETRY, *DATABASE security, *COMPUTER networks, *INFORMATION technology, *COMPUTER science

Abstract

We propose an authentication methodology that combines multimodal biometrics and cryptographic mechanisms for border control applications. We accommodate faces and fingerprints without a mandatory requirement of (tamper-resistant) smart-card-level devices on e-passports for easier deployment, It is even allowable to imprint (publicly readable) bar codes on the passports. Additionally, we present a solution based on the certification and key management method to control the validity of passports within the current Public-Key Infrastructure (PKI) technology paradigm. [ABSTRACT FROM AUTHOR]

Published

2008

16. A Thin-Plate Spline Calibration Model for Fingerprint Sensor Interoperability.

Author

Ross, Arun and Nadgir, Rohan

Subjects

*BIOMETRIC identification, *IDENTIFICATION, *SECURITY systems, *DETECTORS, *HUMAN fingerprints, *ANTHROPOMETRY, *DATABASE security, *INFORMATION technology, *COMPUTER science

Abstract

Biometric sensor interoperability refers to the ability of a system to compensate for the variability introduced in the biometric data of an individual due to the deployment of different sensors. Poor intersensor performance has been reported in different biometric domains including fingerprint, face, iris, and speech. In the context of fingerprint technology, variations are observed in the acquired images of a fingerprint due to differences in sensor resolution, scanning area, sensing technology, etc., which subsequently impact the feature set extracted from these images. The inability of a fingerprint matcher to compensate for these variations introduced by different sensors results in inferior intersensor matching performance. In this work, a nonlinear calibration scheme based on the Thin- Plate Spline (TPS) model is used to register a pair of fingerprint sensors. The proposed calibration technique relies on the evidence of a few image pairs acquired using the two sensors to generate an average deformation model that defines the spatial relationship between the two sensors. This assists in the systematic perturbation of images/features pertaining to one sensor in order to make them compatible with images/features originating from the other sensor. Experimental results using multiple fingerprint data sets confirm the efficacy of the proposed method in addressing intersensor geometric variations. [ABSTRACT FROM AUTHOR]

Published

2008

17. Engineering a Policy-Based System for Federated Healthcare Databases.

Author

Bhatti, Rafae, Samuel, Arjmand, Eltabakh, Mohamed Y., Amjad, Haseeb, and Ghafoor, Arif

Subjects

*INFORMATION storage & retrieval systems, *MEDICAL databases, *INFORMATION resources management, *COMPUTER security, *SECURITY systems, *DATABASES, *CLASSIFICATION, *COMPUTER storage devices, *INFORMATION organization, *INFORMATION processing

Abstract

Policy-based management for federated healthcare systems has recently gained increasing attention due to strict privacy and disclosure rules. Although the work on privacy languages and enforcement mechanisms, such as Hippocratic databases, has advanced our understanding of designing privacy-preserving policies for healthcare databases, the need to integrate these policies in a practical healthcare framework is becoming acute. Additionally, although most work in this area has been organization oriented, dealing with the exchange of information between healthcare organizations (such as referrals), the requirements for the emerging area of personal healthcare information management have so far not been adequately addressed. These shortcomings arise from the lack of a sophisticated policy specification language and enforcement architecture that can capture the requirement for 1) the integration of privacy and disclosure policies with well-known healthcare standards used in the industry in order to specify the precise requirements of a practical healthcare system and 2) the provision of ubiquitous healthcare services to patients using the same infrastructure that enables federated healthcare management for organizations. In this paper, we have designed a policy-based system to mitigate these concerns. First, we have designed our disclosure and privacy policies by using a requiremEnts specification based on a set of use cases for the Clinical Document Architecture (CDA) standard proposed by the community. Second, we present a context-aware policy specification language, which allows encoding of CDA-based requirements use cases into privacy and disclosure policy rules. We have shown that our policy specification language is effective in terms of handling a variety of expressive constraints on CDA-encoded document contents. Our language enables specification of privacy-aware access control for federated healthcare information across organizational boundaries, whereas the use of contextual constraints allows the incorporation of user and environment context in the access control mechanism for personal healthcare information management. Moreover, the declarative syntax of the policy rules makes the policy adaptable to changes in privacy regulations or patient preferences. We also present an enforcement architecture for the federated healthcare framework proposed in this paper. [ABSTRACT FROM AUTHOR]

Published

2007

18. ‘Code’: Privacy's death or saviour?

Author

Leenes, Ronald and Koops, Bert-Jaap

Subjects

*COPYRIGHT, *TECHNOLOGY, *RIGHT of privacy, *COMPUTER security, *DATA protection laws, *DATA protection, *SECURITY systems, *DATABASE security

Abstract

Software code regulates behaviour and maybe even more so than legal code. For instance, digital rights management systems can prevent users from breaching copyrights more effectively than copyright law itself can. The relationship between ‘code’ and privacy is more complex than is the case with copyright. Where technology in general seems to have a negative impact on privacy, technology could equally be used for enhancing privacy. This article discusses the nature of ‘software code’ in relation to privacy. It argues that, often, privacy threats are not implemented in code on purpose, but that privacy erosion is nevertheless an inexorable side effect of technology. The paradigmatic reflex of data maximization, due to a lack of awareness on the part of developers – and users, is a major factor that leads to the erosion of privacy by technology. [ABSTRACT FROM AUTHOR]

Published

2005

19. Data Element Security and Its Effects on File Segmentation.

Author

Babad, Yair M. and Hoffer, Jeffrey A.

Subjects

*DATABASES, *DATABASE design, *DATABASE management, *COMPUTER security, *SECURITY systems, *SOFTWARE engineering

Abstract

The literature on physical database design in general, and on rile segmentation in particular, typically ignores any consideration of data security and the cost to enforce it. If records can be physically designed so that all data elements in a given record type have identical security restrictions for a given user, then data element level security enforcement can he transformed into the less costly rile level security enforcement for that user and file. Similarly, If all record types have identical security restrictions, file based security might be sufficient. This paper extends an earlier model for file segmentation to include security considerations. The extended model embeds the security measures into the logical file structure and exploits a four category taxonomy of security restriction types. The model is used to generalize the interaction between element level selective security and physical data- base design. [ABSTRACT FROM AUTHOR]

Published

1980

20. DATABASE SECURITY.

Author

Fulkerson, Cheryl L., Gonsoulin, Mark A., and Walz, Diane B.

Subjects

*SECURITY management, *INFORMATION technology security, *DATABASE management, *DATABASE security, *DATA protection, *COMPUTER security, *ACCESS control of records, *COMPUTER access control, *INFORMATION resources, *DATA encryption, *ECONOMICS, *SECURITY systems

Abstract

This article discusses the importance of and presents tips on database security management. The author stresses the establishment of an overall security plan for companies that includes the protection of both physical and digital documents. Some of the key areas that are mentioned include access and authorization management, enforcing confidentiality and ensuring integrity of the database. The author also presents several examples of how to effectively secure a database.

Published

2002

21. Systolic inversion algorithms for building cryptographic systems based on security measurement in IoT-based advanced manufacturing.

Author

Yi, Haibo

Subjects

*DATABASE management, *DATABASE security, *CYBERTERRORISM, *SECURITY systems, *QUANTUM computers, *DATA management

Abstract

• Post-quantum security solution based on security measurement. • Systolic architecture of inversion for building post-quantum crypto-system. • Employing post-quantum crypto-system to IoT security measurement. Internet of Things (IoTs) have become one of the most popular techniques and widely used in advanced manufacturing and other engineering areas. As the applications of IoT-based advanced manufacturing rapidly increase, security measurement of data management has become one of the most crucial challenges in IoT-based advanced manufacturing. It is claimed that such systems are vulnerable to quantum computer attacks. Thus, it is very urgent to improve data management based on security measurement. In this paper, we improve multivariate cryptographic systems for IoT-based advanced manufacturing based on employing new inversion algorithms. Compared with related designs, the proposed design has better performance and meets the resource requirement of IoTs and the secure requirement of data management in advanced manufacturing, which is very suitable to build multivariate cryptographic systems for securing data management based on security measurement in IoT-based advanced manufacturing. [ABSTRACT FROM AUTHOR]

Published

2020

22. Under lock and key – keeping sensitive data where it belongs

Author

Ting, David

Subjects

*BIOMETRIC identification, *SECURITY systems, *SECURITY management, *DATA security, *DATABASE security, *ACCESS to information

Abstract

The growth in demand for biometrics as a factor of authentication stems from two main areas – hardened security for compliance and greater end-user convenience. As security threats grow and security regulations become more rigid, organisations are increasingly choosing to implement biometric authentication to protect data and comply with regulatory demands. [Copyright &y& Elsevier]

Published

2010

23. Recent progress in database privacy

Author

Domingo-Ferrer, Josep and Saygın, Yücel

Subjects

*DATABASE security, *PRIVACY, *CONFIDENTIAL communications, *INFORMATION resources management, *INFORMATION retrieval, *DATA mining, *COMPUTER security, *DATA security, *SECURITY systems

Abstract

Abstract: Database privacy can be conceptually described in terms of three dimensions, each of which refers to the privacy of a different subject and is pursued by a different discipline: respondent privacy, addressed by statistical disclosure control (SDC), owner privacy, addressed by privacy-preserving data mining (PPDM), and user privacy, pursued by private information retrieval (PIR). This special issue contains papers reporting recent advances in each of those three dimensions. [Copyright &y& Elsevier]

Published

2009

24. Analysis of China's energy security evaluation system: Based on the energy security data from 30 provinces from 2010 to 2016.

Author

Li, Jinchao, Wang, Lina, Lin, Xiaoshan, and Qu, Shen

Subjects

*DATABASE security, *ENERGY security, *SECURITY systems, *ENERGY consumption, *PROVINCES, *NATURAL resources

Abstract

Energy security is important for the economic and social development of a country, especially for China, because it has become one of the biggest energy consumers in the world and the energy security varies greatly in different regions. However, most existing studies evaluate China's energy security from the perspective of the whole country, while few studies from the perspective of different regions within the country. So this paper aims to evaluate China's provincial energy security from 2010 to 2016, not only identify the problems but also provide policy strategies. Firstly, a comprehensive evaluation system of energy security is established including availability and stability of energy supply dimension, sustainability and acceptability of energy use dimension, and external influences of policies and market dimension. Secondly, the combination method of the order relation and the entropy method is utilized to evaluate the provincial energy security in 30 provinces, which considers both subjective and objective information. Thirdly, according to the changes in the ranking of provincial energy security between the 30 provinces over the 7 years, this paper analyzes the reasons and put up corresponding suggestions. The results show that there is still a huge gap among different regions and some provinces changes greatly in the ranking. The most energy-secure provinces are mainly in the northwest and northeast provinces with abundant natural resources such as Shanxi, Shaanxi and Sichuan, the least energy-secure provinces are mainly in the resource-deficient regions such as Zhejiang, Guangxi and Jiangxi. And in order to beef up the provincial energy security, suggesting that some provinces should develop clean energy, optimize the structure of terminal energy consumption and improve energy efficiency according to the changes in the ranking. • We developed a provincial energy security evaluation system from 3 dimensions. • Analysis and policy recommendations in different provinces of China is conducted. • The most energy-secure provinces are mainly in the northwest and northeast provinces. • The least energy-secure provinces are mainly in the resource-deficient regions. • Some provinces changed greatly in energy security performance from 2010 to 2016. [ABSTRACT FROM AUTHOR]

Published

2020

25. Named-Entity-Recognition-Based Automated System for Diagnosing Cybersecurity Situations in IoT Networks.

Author

Georgescu, Tiberiu-Marian, Iancu, Bogdan, and Zurini, Madalina

Subjects

*INTERNET security, *DATA security, *DATABASE security, *NATURAL language processing, *SECURITY systems, *COMPUTER security vulnerabilities, *ONTOLOGIES (Information retrieval), *COMPUTER software security

Abstract

The aim of this paper was to enhance the process of diagnosing and detecting possible vulnerabilities within an Internet of Things (IoT) system by using a named entity recognition (NER)-based solution. In both research and practice, security system management experts rely on a large variety of heterogeneous security data sources, which are usually available in the form of natural language. This is challenging as the process is very time consuming and it is difficult to stay up to date with the constant findings in the areas of security threats, vulnerabilities, attacks, countermeasures, and risks. The proposed system is conceived as a semantic indexing solution of existing vulnerabilities and serves as an information tool for security management experts. By integrating the proposed system, the users can easily discover the potential vulnerabilities of their IoT devices. The proposed solution integrates ontologies and NER techniques in order to obtain a high rate of automation with the scope of reaching a self-maintained and up-to-date system in terms of vulnerabilities and common exposures knowledge. To achieve this, a total of 312 CVEs (common vulnerabilities and exposures) specific to the IoT field were identified. CVEs are arguably one of the most important cybersecurity resources nowadays, containing information about the latest discovered vulnerabilities. This set is further used as data corpus for an NER model designed to identify the main entities and relations that are relevant to IoT security. The goal is to automatically monitor cybersecurity information relevant to IoT, and filter and present it in an organized and structured framework based on users' needs. The taxonomies specific to IoT security are implemented via a domain ontology, which is later used to process natural language. Relevant tokens are marked as entities and the relations between them identified. The text analysis solution is connected to a gateway which scans the environment and identifies the main IoT devices and communication technologies. The strength of the approach proposed within this research is that the designed semantic gateway is using context-aware searches in the modeled IoT security database and can identify possible vulnerabilities before they can be exploited. [ABSTRACT FROM AUTHOR]

Published

2019

26. Database Security.

Author

Davida, George I., Linton, David J., Szelag, C. Russell, and Wells, David L.

Subjects

*DATABASE security, *INFORMATION storage & retrieval systems, *COMPUTER security, *DATABASES, *COMPUTER files, *ELECTRONIC information resources, *DATA protection, *SECURITY systems, *SOFTWARE engineering

Abstract

Databases may be compromised by asking a set of queries which return only statistical information and making inferences about a specific entry from the results of the set of queries. We present methods of constructing the set of queries to compromise a database where all the queries in the set return the maximum of a set of k elements, or all queries return the mean of a set of k elements. In the case of the mean query, all elements involved will be compromised. We also consider bounds on the number of queries required to compromise the database. [ABSTRACT FROM AUTHOR]

Published

1978

27. Implementing Information Lifecycle Security (ILS).

Author

Reed, Bill

Subjects

*INFORMATION resources, *INFORMATION resources management, *DATA security, *SECURITY systems, *COMPUTER security, *DATABASE security, *ACCESS to information, *INFORMATION services

Abstract

The article talks about the implementation of the Information Lifecycle Security (ILS), an information security system focused on managing sensitive data such as social security numbers, credit card numbers, and other confidential information. Jon Oltsik, a senior analyst at the Enterprise Strategy Group, provided nine elements that need to be addressed for full data security. These elements, which include information classification, information flow, information access, information risk management, and secure file systems, are discussed.

Published

2007

28. PENETRATION TESTING DIGS DEEPER.

Author

McElligott, Tim

Subjects

*COMMERCIAL product testing, *TESTING, *BUSINESS enterprises, *DATABASE security, *COMPUTER security, *SECURITY systems, *SECURITY management

Abstract

The article focuses on the impact of penetration testing concept of service provider on business enterprises. The penetration testing has provided check and balances for the assessment security of the company. Moreover, it allows the companies to see the vulnerability of database and its effect on them as far as the issue on intellectual property is concerned.

Published

2006

29. DNS: DEFENDING YOUR DOMAIN.

Author

Clark, Elizabeth

Subjects

*SECURITY systems, *DATABASE security, *DATA protection, *CONTRACTING out, *COMPUTER network security

Abstract

Discusses approaches to secure domain name service (DNS). DNS-related security threats; Approaches to DNS security; DNS appliances and their DNS-related security functions; Factors to consider in outsourcing DNS server management.

Published

2004

30. Application Security Inc.

Author

Murray, Andrew Conry

Subjects

*DATABASE security, *SECURITY systems, *ACCESS control, *DATA encryption, *COMPUTER files

Abstract

This article presents information on Application Security Inc. The company aims to strengthen basic database controls through a suite of products that can scan for vulnerabilities, monitor for attacks, and provide column-level encryption of data at rest. Application Security is the only vendor to combine vulnerability assessment, database monitoring, and database encryption. However, while the company's suite covers these three key areas, it must expand its coverage of database platforms and better integrate the encryption tool into its suite.

Published

2005

31. Pay heed to 802.11n security.

Author

Garcia, Andrew

Subjects

*COMPUTER security, *SECURITY systems, *WIRELESS Application Protocol (Computer network protocol), *WIRELESS communications, *COMPUTER network protocols, *DATA transmission systems, *MULTIPOINT distribution service, *DATABASE security, *INFORMATION technology security

Abstract

The article presents an analysis regarding the increasing trend for the used of 802.11n as well as its security risk. As most users agrees that their are no known vulnerabilities on the technology, an expert had specified the potential threat. According to Amit Sinha, chief technology officer of wireless intrusion prevention vendor AirDefense, 802.11n significantly complicate the media access control (MAC) layer with the inclusion of mechanisms such as block acknowledgements and spoofed duration fields that could be exploit candidates. It states that the product has still need to finalize the standards before it could be freed totally from the potential risks.

Published

2008

32. IBM 'SMashes' Web 2.0 security risks.

Author

Taft, Darryl K.

Subjects

*MASHUPS (Internet), *OPEN source software, *COMPUTER security, *SECURITY systems, *DATA transmission systems, *DATABASE security, *AJAX (Web development technology)

Abstract

The article reports on the launching of the SMash (secure mashups) by IBM and the security concerns it has to dealt with. The technology pull information from multiple sources to create a unified Web application. According to Rod Smith, vice president of emerging technology at IBM, SMash allows information from different sources to interact but keeps them isolated so malicious code could not access into enterprise systems. It states that IBM contributed the technology to the OpenAjax Alliance company, an organization of vendors, open-source projects and firms using Asynchronous JavaScript and XML.

Published

2008

33. Security apps can't weather Storm.

Author

Vaas, Lisa

Subjects

*COMPUTER security, *DATA protection, *SECURITY systems, *INFORMATION technology security, *WEBSITE security, *DATA security, *DATABASE security, *COMPUTER software, *COMPUTER networks

Abstract

The article focuses on the usefulness of the Storm botnet. Storm botnet is also known as the storm worm botnet which overpowers most of the anti-virus and the access control systems. The principal security strategist of IBM Internet Security System Joshua Corman states that the storm botnet is just hiding on the subnets, monitoring the system's operations. Additionally, Corman has included the kinds of worms that would affect the system. Moreover, several professional, not only IT personnel but students as well, are aware of this botnet.

Published

2007

34. APPDETECTIVEPRO GETS RUSSIAN SECURITY CERTIFICATION.

Subjects

*DATABASE security, *CERTIFICATION, *SECURITY systems, *INFORMATION resources management, *BUSINESS information services, *EXPORT controls, *GOVERNMENT agencies

Abstract

The article announces that AppDetectivePro's vulnerability assessment solution has been certified by the Russian Federal Services for Technical and Export Control (FSTEK). The declaration was made by two Russia's leading information security company including Application Security Inc. and Informzaschita. Informzaschita specialize on providing services in designing, development and implementation of information security solutions for state and commercial information systems. Application Security Inc. is the leading global provider of database security solutions for the enterprise. According to George Fyffe, FSTEK certification extends their commitment to database security on a global basis and puts them on their way to penetrating the burgeoning eastern European market.

Published

2007

35. Would You Accept a Bar Code Implant?

Author

Borkowski, Mark

Subjects

*IDENTIFICATION cards, *BIOMETRIC identification, *DATABASE security, *SECURITY systems, *BIOMETRY

Abstract

The author comments on the possible adoption of a national identification (ID) card with biometric identifiers by governments. The author presents some of the advantages of such an ID but expresses his concern over its disadvantages. He warns that such an ID will increase unsolicited surveillance and will blur the distinction between public and private databases. He encourages citizens to advocate for an outright ban of the ID to avoid a governmental mandate.

Published

2008

36. Dangerous databases at large.

Author

Vaas, Lisa

Subjects

*DATABASE management, *DATABASE security, *ELECTRONIC information resources, *SECURITY systems, *DATA protection, *COMPUTER crimes, *ACCESS control

Abstract

The article reports on the increasing number of dangerous databases that are available in Internet in the U.S. According to the author, a security company was able to assess half a million databases from 1.16 million Internet protocol (IP) addresses does not contain firewall protections wherein mostly of them are run in Microsoft SQL Servers and Oracle databases. Security researcher David Litchfield stresses that the results poses significant risks which includes the potential accessibility of computer hackers and malicious viruses. In addition, database operators and users does not initiate their own security measures and wait for their service providers to integrate system control and database protections.

Published

2007

37. RSS' security deadline.

Author

Rapoza, Jim

Subjects

*RSS feeds, *COMPUTER network resources, *SECURITY systems, *DATABASE security

Abstract

The author reflects on the integration of Really Simple Syndication (RSS) feeds among developers and businesses in the U.S. According to the author, the integration of RSS feeds is an important feature for a whole host of products. He discusses the security issues of RSS feeds and suggests that the bigger security concern is with the use or misuse of the RSS enclosure tag.

Published

2006

38. MICROSOFT'S EARLY WARNING.

Author

Hulme, George V.

Subjects

*COMPUTER security, *DATA protection, *COMPUTER network security, *SECURITY systems, *DATABASE security

Abstract

Announces that Microsoft's Technet Security Web will provide a summary of planned security bulletin releases three business days before Patch Tuesday, which falls on the second Tuesday of each month. Security alerts issued by Microsoft to select customers and service companies about patches; Establishment of the policy in response to customer feedback.

Published

2004

39. Europe Zips Lips; U.S. Sells ZIPs.

Author

Dash, Eric

Subjects

*DATA protection laws, *RIGHT of privacy, *COMPUTER crimes, *ACCESS control of records, *COMPUTER security, *CONFIDENTIAL communications, *DISCLOSURE, *DATA protection, *ACCESS control, *SECURITY systems, *COMPUTER access control, *DATABASE security, *ELECTRONIC information resources, *SECRECY (Law)

Abstract

Examines how Europe strictly controls how personal data can be used. How, in the U.S., collecting and selling personal data is a big and erratically regulated business; Examples of how personal information in the U.S. has been lost, stolen and sold to thieves; Europe's comprehensive national privacy laws and offices of data protection, which are led by privacy commissioners; Perception of privacy in Europe as a right; How these two systems for dealing with data arise from a cultural divide over privacy itself; Data collection in the U.S.; Background on privacy protection in Europe; Topic of data breaches and compromises.

Published

2005

40. U.P.S. Loses A Shipment Of Citigroup Client Data.

Author

Zeller Jr., Tom

Subjects

*DATA protection, *DATABASE security, *COMPUTER security, *ACCESS control of records, *ELECTRONIC information resources, *SECURITY systems, *ACCESS control, *COMPUTER network security, *CONSUMERS, *PERSONNEL record access control, *ELECTRONIC data processing department security measures, *INFORMATION services, *ELECTRONIC data processing, *CUSTOMER services, *RIGHT of privacy, *DATA protection laws

Abstract

Reports that, in one of the largest breaches of data security to date, CitiFinancial, the consumer finance subsidiary of Citigroup, announced that computer tapes containing information on 3.9 million customers was lost by United Parcel Service while in transit to a credit reporting agency. Content of the tapes, including names, addresses, Social Security numbers and account numbers; Reference to a series of recent data-security failures, ranging from ChoicePoint and LexisNexis to Bank of America and Wachovia; Views of privacy and security advocates; Suggestion that a California law, requiring that consumers be notified of data security breaches, has led to more confessions of data losses and increased awareness of a longstanding problem; Details of Citygroup's data loss.

Published

2005

41. Personal Data For the Taking.

Author

Zeller Jr., Tom

Subjects

*ELECTRONIC data processing department security measures, *IDENTITY theft, *DATABASE security, *DATA protection, *COMPUTER hackers, *COMPUTER network security, *COMPUTER access control, *RIGHT of privacy, *COMPUTER security, *ACCESS control, *SECURITY systems, *COMPUTER crimes, *COMPUTER hacking, *COLLEGE students

Abstract

Observes that personal information is held in thousands of public databases and new limits are being proposed on Internet access to such data. How graduate students in a computer security course at Johns Hopkins University built dossiers on Baltimore, Maryland citizens using only public databases; Appearance of ChoicePoint and LexisNexis before Congress to explain their companies' data security, after thieves stole consumer data; The mounting concerns over data security; Conflicts between convenient access to public records and personal privacy rights; Details of the Johns Hopkins project, which was conceived by Aviel D. Rubin; Arguments of privacy advocates; Views of the Johns Hopkins students. INSET: In Plain Sight.

Published

2005

42. Spyware Is Easy to Get, Difficult to Remove, Increasingly Malicious.

Author

Gomes, Lee

Subjects

*COMPUTER security, *SECURITY systems, *DATA protection, *RIGHT of privacy, *FAULT-tolerant computing, *ACCESS control, *COMPUTER crimes, *ELECTRONIC surveillance, *COMPUTER network security, *DATABASE security, *WEB browsers, *ONLINE banking

Abstract

Discusses the problems associated with spyware or software that runs in connection with a Web browser. How programs such as Grokster and Kazaa, which allow users to download music, use a form of spyware which runs advertisements on one's computer; Capability of spyware to record personal identification numbers associated with online banking; How spyware often causes Windows and other programs to crash frequently; Suggestion that computer owners use antispyware programs Pest Patrol and Ad-Aware.

Published

2004

43. Users Plan for Quick Oracle 11g Upgrades.

Author

Martens, China

Subjects

*DATABASE security, *DATABASES, *DATA security, *DATABASE management, *COMPUTER security, *SECURITY systems

Abstract

The article reports on the security update of 11 gigabit database of Oracle Corp. which lacks support for grid technology in the U.S. Senior database administrator Ed Mulheren of Wachovia Corp. believes that the additional features will help the company meets regulatory demands as well as line up with its desktop security policies. Oracle claims that the updates will include advanced automation, self-management tools, data partitioning, compression capabilities and improvements in XML performance. Linux version of the database will be shipped in August 2007, however, price was not disclosed.

Published

2007

44. Compromise DRM Better Than None.

Author

Thurman, Mathias

Subjects

*SECURITY systems, *INDUSTRIAL property, *EXECUTIVES, *INTELLECTUAL property, *SECURITY management, *INDUSTRIAL safety, *DATABASE security, *INFORMATION storage & retrieval systems, *DATA security

Abstract

The article comments on the interest of the manager to have a more digital rights management (DRM) than his company could afford, and affirms that the company's compromise system turns out to better than nothing. The author states that he was one of the security managers in the company who is involved in the technical processes to implement a DRM. Being part of the implementation, the author hopes that the initiative would be a successful beginning in protecting the intellectual property of their business.

Published

2007

45. Quack Hackers.

Author

Hayes, Frank

Subjects

*COMPUTER hackers, *COMPUTER security, *DATA protection, *DATABASE security, *SECURITY systems, *COMPUTER crimes, *COMPUTER viruses, *SECURITY management, *COMPUTER systems

Abstract

The article reports on the computer hackers' ability of covering security holes. Computer hackers used to create security problems and turn out as computer security researchers and experts. They also compete with each other to create credibility by finding security holes and tell the companies what they are about. However, vendors do not like the idea at all as security holes make them look bad. Computer hackers are not fully believed by companies since they are still hackers by heart. However, companies do not have much choice also but to trust them when it comes to covering security holes.

Published

2006

46. Data Security Policies Need Focus, Execs Say.

Author

Vijayan, Jaikumar

Subjects

*CONFERENCES & conventions, *COMPUTER security, *DATA protection, *SECURITY systems, *COMPUTER systems, *DATABASE security, *INFORMATION services, *INFORMATION networks, *COMPUTERS, *INFORMATION technology conferences

Abstract

The article discusses data security policies. Information technology managers who attended the annual InfoSec World conference has agreed to the keys of corporation information security policies. These objectives are focus, simplicity, and enforceability. Policies are mandatory. Companies must be clear on their security policies. Workers should understand them well and documents must be readily accessible. They must be enforced easily. Also, not to be overlooked are the exceptions. A formal process should be developed for this area.

Published

2006

47. SECURITY LOG.

Author

Thurman, Matthias

Subjects

*COMPUTER security, *COMPUTER network security, *DATABASE security, *SECURITY systems

Abstract

Reports developments related to computer security in the U.S. as of August 9, 2004. Availability of the book "Network Security Hacks," by Andrew Lockhart; Topics discussed in the book; Release of a database security software by Guardium Inc.

Published

2004

48. British Bug Hunter Finds 34 Flaws in Oracle Apps.

Author

Vijayan, Jaikumar

Subjects

*DATABASES, *DATA libraries, *DATABASE security, *COMPUTER security, *SECURITY systems, *DATA protection

Abstract

This article reports that Oracle Corp.'s effort to portray itself as a vendor of unbreakable technology received a setback when a British bug hunter disclosed that he had found 34 security vulnerabilities in the database vendor's products in the U.S. The flaws include several that could allow malicious attackers to gain complete administrative control of compromised database servers. They include buffer overflows, SQL injection issues, and a whole range of other minor issues. Some of the flaws can be exploited without a user ID and password, while others require them.

Published

2004

49. Matching Crypto Strength.

Author

Moskowitz, Robert

Subjects

*COMPUTER security, *DATA protection, *SECURITY systems, *DATABASE security

Abstract

Discusses the importance of configuring the cryptographic strength (crypto-strength) of a security system. The most common error when building security systems; What crypto-strength is controlled by; Why the security community must develop a set of scenarios defining preferred detailed settings.

Published

1999