scholarly journals Database Security in a Dynamic IT world

2021 ◽  
Author(s):  
Temitope Awodiji
Keyword(s):  
Data Security ◽  
Database Security ◽  
Sensitive Information ◽  
Data Confidentiality ◽  
Comprehensive Strategy ◽  
Data Accessibility ◽  
Knowledge Loss ◽  
Home Depot ◽  
Access To Data ◽  
Right Of Access

Databases are vulnerable. Public statements by Target, Home Depot, and Anthem following their extremely advertised data breaches are each uniform and succinct on how their breaches unfolded: unauthorized access to those systems that ultimately led to the extraction of sensitive information. A comprehensive strategy to secure a database is over data security. Usually, security events will be related to the later action: illegitimate access to data confidentiality damage, injury to the integrity of knowledge, loss of data accessibility (Discover). Loss of privacy of data, creating them accessible to others without a right of access is not visible within the database and does not need changes deductible database. This paper addresses these events to confirm database security.

scholarly journals British Columbia’s Health Data Platform: Unleashing the Power of a Data Environment Commons for Health and Health System Improvement

2020 ◽  
Vol 5 (5) ◽  
Author(s):  
Shirley Wong ◽  
Victoria Schuckel ◽  
Simon Thompson ◽  
David Ford ◽  
Ronan Lyons ◽  
...  
Keyword(s):  
Health Sector ◽  
Data Access ◽  
Health Data ◽  
Decision Makers ◽  
Security And Privacy ◽  
Privacy And Security ◽  
Data Accessibility ◽  
Data Platform ◽  
Access To Data ◽  
Data Consumer

IntroductionThere is no power for change greater than a community discovering what it cares about.1 The Health Data Platform (HDP) will democratize British Columbia’s (population of approximately 4.6 million) health sector data by creating common enabling infrastructure that supports cross-organization analytics and research used by both decision makers and cademics. HDP will provide streamlined, proportionate processes that provide timelier access to data with increased transparency for the data consumer and provide shared data related services that elevate best practices by enabling consistency across data contributors, while maintaining continued stewardship of their data. HDP will be built in collaboration with Swansea University following an agile pragmatic approach starting with a minimum viable product. Objectives and ApproachBuild a data sharing environment that harnesses the data and the understanding and expertise about health data across academe, decision makers, and clinicians in the province by: Enabling a common harmonized approach across the sector on: Data stewardship Data access Data security and privacy Data management Data standards To: Enhance data consumer data access experience Increase process consistency and transparency Reduce burden of liberating data from a data source Build trust in the data and what it is telling us and therefore the decisions made Increase data accessibility safely and responsibly Working within the jurisdiction’s existing legislation, the Five Safes Privacy and Security Framework will be implemented, tailored to address the requirements of data contributors. ResultsThe minimum viable product will provide the necessary enabling infrastructure including governance to enable timelier access, safely to administrative data to a limited set of data consumers. The MVP will be expanded with another release planned for early 2021. Conclusion / ImplicationsCollaboration with Swansea University has enabled BC to accelerate its journey to increasing timelier access to data, safely and increasing the maturity of analytics by creating the enabling infrastructure that promotes collaboration and sharing of data and data approaches. 1 Margaret Wheatley

Synthetic Data

2020 ◽  
Vol 8 (1) ◽  
Author(s):  
Trivellore E. Raghunathan
Keyword(s):  
Synthetic Data ◽  
Future Research ◽  
Annual Review ◽  
Publication Date ◽  
Data Sets ◽  
Sensitive Information ◽  
Inferential Justification ◽  
Widespread Access ◽  
Access To Data ◽  
Privacy And Confidentiality

Demand for access to data, especially data collected using public funds, is ever growing. At the same time, concerns about the disclosure of the identities of and sensitive information about the respondents providing the data are making the data collectors limit the access to data. Synthetic data sets, generated to emulate certain key information found in the actual data and provide the ability to draw valid statistical inferences, are an attractive framework to afford widespread access to data for analysis while mitigating privacy and confidentiality concerns. The goal of this article is to provide a review of various approaches for generating and analyzing synthetic data sets, inferential justification, limitations of the approaches, and directions for future research. Expected final online publication date for the Annual Review of Statistics, Volume 8 is March 8, 2021. Please see http://www.annualreviews.org/page/journal/pubdates for revised estimates.

scholarly journals Research on Security Architecture in Mobile Cloud Computing to Prevent Adaptive Anomaly Attacks

2019 ◽  
Vol 8 (6S4) ◽  
pp. 942-947
Keyword(s):  
Cloud Computing ◽  
Data Storage ◽  
Data Security ◽  
Data Privacy ◽  
Mobile Cloud Computing ◽  
Mobile Cloud ◽  
Data Accessibility ◽  
Security Issues ◽  
Wide Range ◽  
Rapid Pace

Cloud Computing is a very viable data storage structure where the users can store and access the data from anywhere. Cloud computing use is increasing at a very rapid pace nowadays. But as cloud allows us data accessibility quite easily data security is a major concern and is an emerging area of study. Other issues related to cloud computing are data privacy and internet dependency. On the other cloud computing also has wide range of benefits over traditional storage and accessibility environment such as scalability, flexibility and resource utilization. We have worked in the area of mobile cloud computing to analyse and solve the problems of anomaly attacks. Our work focuses on preventing the adaptive anomaly attacks and some other security issues of cloud computing

scholarly journals Bring-Your-Own-Device Usage Trends in Australian Hospitals – A National Survey

2021 ◽  
Author(s):  
Tafheem Ahmad Wani ◽  
Antonette Mendoza ◽  
Kathleen Gray
Keyword(s):  
National Survey ◽  
Data Security ◽  
Empirical Studies ◽  
Patient Data ◽  
Bring Your Own Device ◽  
Sensitive Information ◽  
Dominant Group ◽  
Data Breaches ◽  
Survey Responses ◽  
Personal Devices

Background: Healthcare is among the leading industries which drives the use of personal devices for work purposes (BYOD). However, allowing BYOD for healthcare workers comes at a cost, as it puts sensitive information assets such as patient data residing on personal devices at risk of potential data breaches. Objective: Previous review of the literature has highlighted the dearth of empirical studies in hospital settings regarding BYOD usage. As such, this paper aims to report BYOD usage trends in Australian hospitals through a national survey, first of its kind in Australia. Methods: An anonymous survey was conducted online among health IT personnel, asking them about their experiences about BYOD usage in their hospitals. 28 responses were collected based on public Australian hospitals, which included 21 hospital groups and 7 standalone hospitals, likely to represent more than 100 hospitals in total. Survey responses were quantitatively analysed through descriptive statistical analysis and cross tabulation. Results: BYOD is allowed in majority of the hospitals, and among all major staff groups, with doctors being the leading group. Participants ranked reasons for allowing BYOD, and most of them were related to improvement in clinical productivity, efficiency and mobility for clinical staff. Challenges were generally related to data security such as patient data breaches and compliance with data security laws, according to them. More than two thirds of hospitals had a cybersecurity officer employed, and CIOs were the most dominant group who held responsibility for managing BYOD within the hospital. Conclusion: This paper provides a starting point for better understanding of BYOD usage in a complex healthcare environment based on empirical evidence, one which highlights the security-usability conundrum, confirming previous literature themes.

scholarly journals Secure Distributed Data using Multi-Cloud

2020 ◽  
Vol 9 (4) ◽  
pp. 2998-3003
Keyword(s):  
Cloud Computing ◽  
Data Security ◽  
Cloud Service ◽  
Security And Privacy ◽  
Distributed Data ◽  
Second Stage ◽  
The Third ◽  
Third Stage ◽  
Three Stages ◽  
Access To Data

Implementing cloud computing provides many paths for web-based service. But, data security and privacy requirement become an important problem that limits several cloud applications. One of the key security and privacy concerns is the fact that cloud service suppliers have access to data. This concern greatly reduces the usability of cloud computing in many areas, such as financial business and government agencies. This paper focuses on this important issue and suggests a new approach, so cloud providers cannot directly access data. The proposed approach is divided into two sides: upload side and download side. In upload side, there is three stages, at the first stage; the transmitted file is splitted and then encrypted in order to achieve the data security requirement. At the second stage, the splitted data are integrity checked by MD5 algorithm, in order to achieve integrity requirement. At the third stage, the checked splitted data are stored separately in three -clouds, in order to achieve distribution requirement. In download side, also there is three stages. At the first stage, the data is retrieved from the three-clouds. At the second stage, data integrity is performed using MD5. At the third stage, data decryption and merging are done. The proposed approach is successfully implemented on (25 KB) image. The proposed model is successfully implemented in uploading side dependent on shares3 because provide high security with total time of (8.144 sec), and in downloading side with total side of (9.42).

scholarly journals BNRDT: When Data Transmission Meets Blockchain

2020 ◽  
Vol 2020 ◽  
pp. 1-16
Author(s):  
Hongjian Jin ◽  
Xingshu Chen ◽  
Xiao Lan ◽  
Hui Guo ◽  
Hongxia Zhang ◽  
...  
Keyword(s):  
Digital Signature ◽  
Data Transmission ◽  
Data Security ◽  
Distributed Networks ◽  
Public Key Infrastructure ◽  
Third Party ◽  
Short Message ◽  
Data Confidentiality ◽  
Transmission Scheme ◽  
Almost All

Data transmission exists in almost all the Internet-based applications, while few of them consider the property of nonrepudiation as part of data security. If a data transmission scheme is performed without the endorsement of a trusted third party (TTP) or a central server, it is easy to raise disputes while transmitting valuable data, especially digital goods, because a dishonest participant can deny the fact of particular data transmission instance. The above problem can be solved by signing and encrypting. However, digital signature schemes usually assume public key infrastructure (PKI), increasing the burden on certificate management and are not suitable for distributed networks without TTP such as blockchain. To solve the above problems, we propose two new schemes for nonrepudiation data transmission based on blockchain (we call it BNRDT): one for short message transmission and the other for large file transmission. In BNRDT schemes, nonrepudiation evidence of data transmission is generated and stored on the blockchain to satisfy both the properties of nonrepudiation (including nonrepudiation of origin and nonrepudiation of receipt) and data confidentiality. We implement and test the schemes on Hyperledger Fabric. The experimental results show that the proposed schemes can provide appealing performance.

Property Registration and Ownership Transfer using Blockchain

2020 ◽  
Vol 9 (6) ◽  
pp. 900-903
Keyword(s):  
Real Estate ◽  
Data Security ◽  
Complete Information ◽  
Comprehensive System ◽  
Sensitive Information ◽  
Financial Assets ◽  
Blockchain Technology ◽  
Ownership Transfer ◽  
History Of ◽  
Property Registration

The high-value property like Land, Home, related to real estate it is essential to have exact records that recognize the present proprietor and give evidence that he is surely the proprietor. Such a record can be utilized to protect the owner’s privileges, prevent sale fraud and to make sure that the ownership is correctly transferred to a new owner after sale. Thus it is essential to maintain correct and complete information and prevent illegal or unjustified, fraudulent changes. Many efforts have been taken already for providing data security to sensitive information. Blockchain is the technology that gives high security to the data. Blockchain technology can store an immutable history of transactional records, so no one can ever doubt the authenticity; records are permanently linked to the system so no one can ever interfere with a record of their own. This paper gives a comprehensive system on blockchain technology as it can not only be used in financial assets but anything which has some value.

Exploring the Data Processing Practices of Cloud ERP—A Case Study

2019 ◽  
Vol 17 (1) ◽  
pp. 63-70 ◽  
Author(s):  
Lei Gao
Keyword(s):  
Data Processing ◽  
Enterprise Resource Planning ◽  
Data Security ◽  
Resource Planning ◽  
Erp Systems ◽  
Case Study Method ◽  
Data Confidentiality ◽  
Data Retention ◽  
Data Process

ABSTRACT Although cloud enterprise resource planning (ERP) systems are becoming popular, there are still firms that have yet to migrate to the cloud because of data confidentiality and data security concerns. Firms that plan to adopt cloud ERP systems are expected to first understand cloud ERP's data processing practices. This study proposes a case study method with a systematic content analysis of cloud ERP providers' data processing agreements. The study will explore the data disclosure, data security, data sub-processing, and data retention and deletion practices of cloud ERP providers. In addition, this study investigates the linguistic characteristics of cloud ERP providers' data processing agreements including readability, litigious language, and uncertainty language. The findings of this study can help organizations to have a better understanding of the data process practices of cloud ERP providers, as well as the shared responsibilities between cloud ERP providers and users in maintaining data security.

Data Confidentiality and Chase-Based Knowledge Discovery

2011 ◽  
pp. 361-366
Author(s):  
Seunghyun Im ◽  
Zbigniew W. Ras
Keyword(s):  
Information System ◽  
Decision Support ◽  
Decision Support System ◽  
Knowledge Discovery ◽  
Support System ◽  
Data Security ◽  
Medical Information ◽  
Data Confidentiality ◽  
Global Knowledge ◽  
Confidential Data

This article discusses data security in Knowledge Discovery Systems (KDS). In particular, we presents the problem of confidential data reconstruction by Chase (Dardzinska and Ras, 2003c) in KDS, and discuss protection methods. In conventional database systems, data confidentiality is achieved by hiding sensitive data from unauthorized users (e.g. Data encryption or Access Control). However, hiding is not sufficient in KDS due to Chase. Chase is a generalized null value imputation algorithm that is designed to predict null or missing values, and has many application areas. For example, we can use Chase in a medical decision support system to handle difficult medical situations (e.g. dangerous invasive medical test for the patients who cannot take it). The results derived from the decision support system can help doctors diagnose and treat patients. The data approximated by Chase is particularly reliable because they reflect the actual characteristics of the data set in the information system. Chase, however, can create data security problems if an information system contains confidential data (Im and Ras, 2005) (Im, 2006). Suppose that an attribute in an information system S contains medical information about patients; some portions of the data are not confidential while others have to be confidential. In this case, part or all of the confidential data in the attribute can be revealed by Chase using knowledge extracted at S. In other words, self-generated rules extracted from non-confidential portions of data can be used to find secret data. Knowledge is often extracted from remote sites in a Distributed Knowledge Discovery System (DKDS) (Ras, 1994). The key concept of DKDS is to generate global knowledge through knowledge sharing. Each site in DKDS develops knowledge independently, and they are used jointly to produce global knowledge without complex data integrations. Assume that two sites S1 and S2 in a DKDS accept the same ontology of their attributes, and they share their knowledge in order to obtain global knowledge, and an attribute of a site S1 in a DKDS is confidential. The confidential data in S1 can be hidden by replacing them with null values. However, users at S1 may treat them as missing data and reconstruct them with Chase using the knowledge extracted from S2. A distributed medical information system is an example that an attribute is confidential for one information system while the same attribute may not be considered as secret information in another site. These examples show that hiding confidential data from an information system does not guarantee data confidentiality due to Chase, and methods that would protect against these problems are essential to build a security-aware KDS.

Sign in / Sign up

Export Citation Format

Share Document