scholarly journals Analysis of formal models for ensuring data integrity and their applicability to databases

Radiotekhnika ◽  
2021 ◽  
pp. 30-39
Author(s):  
V.I. Yesin ◽  
S.G. Rassomakhin ◽  
V.V. Vilihura
Keyword(s):  
Information Systems ◽  
Security Policy ◽  
Data Integrity ◽  
Specific Situation ◽  
Formal Models ◽  
Advantages And Disadvantages ◽  
Wilson Model ◽  
Security Models ◽  
Integrity Assurance ◽  
The Right

Information systems in general and databases in particular are vulnerable to accidental or malicious attacks aimed at compromising data integrity. Security is easier if you have a clear model that is the formal expression of security policy. The paper explores known security models related to data integrity, their applicability and significance for databases. The analysis of formal models for ensuring data integrity revealed that each of them, having certain advantages and disadvantages, has the right to use. The decisive factor in making a decision is an assessment of a specific situation, which will make it possible to make the right choice, including their complex application. In this regard, the paper notes that the Clark-Wilson model, the undoubted advantages of which are its simplicity and ease of joint use with other security models, is advisable to use as a set of practical recommendations for building an integrity assurance system in information systems. While stating the fact that traditional DBMSs support many of the mechanisms of the Clark-Wilson model, the article points out that implementations based on standard SQL require some compromise solutions. Analyzing the Biba model, the paper concludes about its relative simplicity and the use of a well-studied mathematical apparatus. It is noted that in practice, for the creation of secure information systems, as systems that ensure the confidentiality and data integrity, it is important to unite the Bell-LaPadula and Biba models. Moreover, this union should be on the basis of one common lattice, but with two security labels (confidentiality and integrity) with the opposite character of their definition. This is exactly the variant of combining the Bell-LaPadula and Biba models that is recommended for use in modern information systems and DBMSs, where a mandatory security policy is implemented.

scholarly journals Analysis of formal models for access control and specific features of their applicability to databases

Radiotekhnika ◽  
2021 ◽  
pp. 53-70
Author(s):  
V.V. Vilihura
Keyword(s):  
Information Systems ◽  
Access Control ◽  
Practical Implementation ◽  
Security Level ◽  
Specific Situation ◽  
Security Model ◽  
Formal Models ◽  
Advantages And Disadvantages ◽  
Security Models ◽  
The Right

An integral part of any project to create or assess the security of information systems and databases is the presence of a security model. The paper considers the main positions of the most common security models based on controlling the access of subjects to objects. The analysis of formal models for access control has revealed that each of them, having certain advantages and disadvantages, has the right to be used. The decisive factor in making a decision is an assessment of a specific situation, which will allow one to make the right choice. In this regard, the paper notes that security models based on discretionary policies are advisable to be applied when conducting formal verification of the correctness of building access control systems in well-protected information systems and databases. However, it is emphasized that these models have certain drawbacks that limit their use. The paper states that despite the fact that security models based on the mandatory access policy play a significant role in information security theory and their provisions have been introduced as mandatory requirements for systems that process secret information, as well as in the standards of secure systems, a number of problems may arise in the practical implementation of these models. Among these problems there are the problems associated with overestimating the security level, blind recordings, performing operations that do not fit into the framework of the model by privileged subjects. The paper also concludes that the use of security models based on role-based policy allows one to implement access control rules dynamically changing during the operation of information systems and databases, the effectiveness of which is especially noticeable when organizing access to the resources of systems with a large number of users and objects.

Data Integrity Techniques in Cloud Computing: An Analysis

2017 ◽  
Vol 7 (8) ◽  
pp. 121 ◽  
Author(s):  
Neha Thakur ◽  
Aman Kumar Sharma
Keyword(s):  
Cloud Computing ◽  
Cloud Storage ◽  
Data Integrity ◽  
Advantages And Disadvantages ◽  
Security Models ◽  
Cloud Storage Service ◽  
Storage Service ◽  
Cloud Users ◽  
It Enterprises

Cloud computing has been envisioned as the definite and concerning solution to the rising storage costs of IT Enterprises. There are many cloud computing initiatives from IT giants such as Google, Amazon, Microsoft, IBM. Integrity monitoring is essential in cloud storage for the same reasons that data integrity is critical for any data centre. Data integrity is defined as the accuracy and consistency of stored data, in absence of any alteration to the data between two updates of a file or record.  In order to ensure the integrity and availability of data in Cloud and enforce the quality of cloud storage service, efficient methods that enable on-demand data correctness verification on behalf of cloud users have to be designed. To overcome data integrity problem, many techniques are proposed under different systems and security models. This paper will focus on some of the integrity proving techniques in detail along with their advantages and disadvantages.

Information Security Policies and Procedures Guidance for Agencies

2020 ◽  
pp. 47-62
Author(s):  
Dasari Kalyani
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Large Scale ◽  
Management Strategies ◽  
Security Policies ◽  
Risk Levels ◽  
Security Models ◽  
Policies And Procedures ◽  
Good Policy ◽  
The Right

In today's digital e-commerce and m-commerce world, the information itself acts as an asset and exists in the form of hardware, software, procedure, or a person. So the security of these information systems and management is a big challenging issue for small and large-scale agencies. So this chapter discusses the major role and responsibility of the organization's management in identifying the need for information security policy in today's world of changing security principles and controls. It focuses on various policy types suitable for all kinds of security models and procedures with the background details such as security policy making, functionality, and its impact on an agency culture. Information security policies are helpful to identify and assess risk levels with the available set of technological security tools. The chapter describes the management strategies to write a good policy and selection of the right policy public announcement. The agencies must also ensure that the designed policies are properly implemented and ensure compliance through frequent intermediate revisions.

scholarly journals Using formal security models in secure databases

2021 ◽  
pp. 70-74
Author(s):  
Vladislav Vilihura ◽  
Yuriy Gorbenko ◽  
Vitaliy Yesin ◽  
Serhiy Rassomakhin
Keyword(s):  
Access Control ◽  
Specific Situation ◽  
Role Based Access Control ◽  
Security Model ◽  
Access Control Models ◽  
Control Models ◽  
Security Models ◽  
Role Based ◽  
The Right ◽  
Secure Databases

The paper contains key provisions (requirements) that should be followed when building secure databases using the capabilities of the main formal access control models, such as discretionary access control models, mandatory access control models, role-based access control models. At the same time, it is noted that any security model does not provide protection but only provides the principle of building a secure database, the implementation of which should ensure the security properties inherent in the model. The security of the database is equally determined by: the properties of the model itself (one or more), its (their) adequacy to the threats affecting the system, and how it (they) is correctly implemented(s). The decisive factor in making a decision is always an assessment of a specific situation, which will allow you to make the right choice, including the complex use of formal models.

scholarly journals Analysis of Advantages and Disadvantages of the Location Methods of International Auricular Acupuncture Points

2016 ◽  
Vol 2016 ◽  
pp. 1-13 ◽  
Author(s):  
Pei-Jing Rong ◽  
Jing-Jun Zhao ◽  
Lei Wang ◽  
Li-Qun Zhou
Keyword(s):  
Research Quality ◽  
Auricular Acupuncture ◽  
Acupuncture Points ◽  
Location Method ◽  
International Standard ◽  
Advantages And Disadvantages ◽  
International Standardization ◽  
The Right ◽  
Auricular Therapy ◽  
Location Methods

The international standardization of auricular acupuncture points (AAPs) is an important basis for auricular therapy or auricular diagnosis and treatment. The study on the international standardization of AAPs has gone through a long process, in which the location method is one of the key research projects. There are different points of view in the field of AAPs among experts from different countries or regions. By only analyzing the nine representative location methods, this paper tried to offer a proper location method to locate AAPs. Through analysis of the pros and cons of each location method, the location method applied in the WFAS international standard of AAPs is thoroughly considered as an appropriate method. It is important to keep the right direction during developing an International Organization for Standardization (ISO) international standard of auricular acupuncture points and to improve the research quality of international standardization for AAPs.

The Future of the Information Systems Discipline: A Response to Walsham

2012 ◽  
Vol 27 (2) ◽  
pp. 96-99 ◽  
Author(s):  
Salvatore T. March ◽  
Fred Niederman
Keyword(s):  
Information Technology ◽  
Information Systems ◽  
Human Mind ◽  
Look Ahead ◽  
New Knowledge ◽  
The Future ◽  
Other Information ◽  
The Right

We must look ahead at today's radical changes in technology, not just as forecasters but as actors charged with designing and bringing about a sustainable and acceptable world. New knowledge gives us power for change: for good or ill, for knowledge is neutral. The problems we face go well beyond technology: problems of living in harmony with nature, and most important, living in harmony with each other. Information technology, so closely tied to the properties of the human mind, can give us, if we ask the right questions, the special insights we need to advance these goals. Herbert A. Simon (2000)

Mikor és hogyan integráljuk az onkológiai és a palliatív ellátást?

2021 ◽  
Vol 162 (44) ◽  
pp. 1769-1775
Author(s):  
Orsolya Horváth ◽  
Enikő Földesi ◽  
Katalin Hegedűs
Keyword(s):  
Palliative Care ◽  
Care Providers ◽  
Yale University ◽  
Early Integration ◽  
Advantages And Disadvantages ◽  
Referral Criteria ◽  
Number Of Patients ◽  
Oncology Care ◽  
The Right

Összefoglaló. A palliatív ellátások korai bevonása az onkológiai betegek ellátásába előnnyel jár mind a beteg életminősége, mind a kezelés színvonala, mind a költséghatékonyság szempontjából. Szükség van egy olyan modellre, mely alapján a megfelelő időben, a megfelelő beteg a megfelelő minőségű palliatív ellátásban részesül. Ebben a közleményben a palliatív ellátás korai integrációjának előnyei, szintjei és a speciális palliatív ellátás fogalmának ismertetése után a leginkább elterjedt beutalási modellek előnyeit és hátrányait mutatjuk be a nemzetközi szakirodalom alapján. A speciális palliatív ellátást igénylő betegek kiszűrésére szolgáló, prognózisalapú modellek hátránya, hogy nincs elég kapacitás az ilyen módon beutalt nagyszámú beteg ellátására, ezért széles körben nem terjedtek el. A tüneteken alapuló modellek sokszor bonyolultak és a mindennapi klinikai gyakorlatban nem használatosak. Az új kutatások alapján egyszerű, gyakorlatias kérdéssorokat alkalmaznak, melyekkel könnyen kiemelhetők, akik profitálnak a speciális palliatív intervencióból. Ezek közül a Yale egyetemi és a PALLIA -10 modellt ismertetjük részletesen. Amennyiben az aktív onkológiai ellátást végzők a megfelelő palliatív beutalási kritériumokat ismerik és alkalmazzák, a betegek időben jutnak a megfelelő komplex kezeléshez anélkül, hogy a palliatív ellátórendszer túlterhelődne. Orv Hetil. 2021; 162(44): 1769–1775. Summary. Early integration of palliative care into the trajectory of cancer care brings advantages into the patients’ quality of life, the level of care and cost-efficiency, too. On the basis of a predefined model, the right patient may receive the right level of palliative care at the right time. Having defined the advantages, the levels of early integration of palliative care and the concept of special palliative care, we also aim to describe the advantages and disadvantages of the most common referral models on the basis of international literature in this article. The drawback of prognosis-based models to identify patients needing special palliative care is the lack of capacity to provide care for the large number of patients so recognised; therefore they have not become widespread. Needs-based models tend to be complicated and thus rarely applied in everyday clinical practice. On the basis of new researches, simple, pragmatic questionnaires are utilised through which the patients who could benefit from special palliative care interventions are easy to identify. Here we give a detailed report of the Yale University and PALLIA-10 models. On condition that appropriate palliative referral criteria are known and applied by active oncology care providers, patients may receive adequate complex care without the palliative care system being overloaded. Orv Hetil. 2021; 162(44): 1769–1775.

The role of motivation in talent selection and ­development in competitive sport

2021 ◽  
Keyword(s):  
Measurement Instrument ◽  
Psychological Characteristics ◽  
Advantages And Disadvantages ◽  
Current State ◽  
Talent Selection ◽  
Comprehensive Picture ◽  
Performance Development ◽  
The Right

The early and long-term development of promising young athletes is a decisive factor in being internationally competitive in top-level sports. Among the multitude of talent criteria suggested in the literature, motivation plays a prominent role in the area of psychological characteristics. It is recognised in practice and research as a relevant criterion for performance development across all sports. This article provides an overview of the current state of talent research in the field of motivation. First, the most common theories of motivation in competitive sports are described, then different measurement methods and their advantages and disadvantages as well as the predictive value of motivation for athletic performance are discussed. Finally, implications for practice are suggested. It can be summarised that motivation in sport is conceptualised and operationalised in different ways and that the decision for the right measurement instrument depends on the goal of the assessment. To get a comprehensive picture of an athlete’s motivational status, it is useful to assess several aspects of motivation through different methods.

scholarly journals Information systems validation using formal models

2014 ◽  
pp. 533-542 ◽  
Author(s):  
Azadeh Sarram ◽  
Ali Harounabadi
Keyword(s):  
Information Systems ◽  
Formal Models
Sign in / Sign up

Export Citation Format

Share Document