Your search keyword '"V.V. Vilihura"' showing total 6 results

1. The main categories of NewSQL databases and their features

Author

V.I. Yesin and V.V. Vilihura

Subjects

General Medicine

Abstract

In the modern world, the problem of working with big data and workloads is becoming more and more acute. For more than forty years, relational databases have been the main leading systems for storing, searching and managing data. However, despite their great popularity, application experience and universality, traditional relational DBMS, due to the growing needs for scalability and performance, often cannot meet modern requirements. This has led to the emergence of new alternative data management systems, including NewSQL systems. NewSQL is a class of modern relational database management systems that provide performance comparable to NoSQL systems while maintaining the data consistency guarantees inherent in traditional database systems. The growing interest in NewSQL technology in recent times has led to an increase number of evaluations and comparisons among competing NewSQL technologies. However, today there is still a certain lack of work devoted to the study of the features of NewSQL solutions and their capabilities in comparison with other technologies. This paper discusses the main features of the most famous NewSQL products of different categories and the identified problems associated with them. To overcome the certain ambiguity in the names and translations of some terms related to the subject area under consideration, which takes place in numerous relevant sources, additional explanations are given. For comparison, the paper presents the values of important characteristics inherent in NewSQL, traditional relational and NoSQL database systems. This paper can help researchers and people from the industry choose the best storage solutions for their needs.

Published

2022

2. Researching basic searchable encryption schemes in databases that support SQL

Author

V.I. Yesin and V.V. Vilihura

Subjects

General Medicine

Abstract

Currently, many users prefer to outsource data to third-party cloud servers in order to mitigate the load of local storage. However, storing sensitive data on remote servers creates security challenges and is a source of concern for data owners. With ever-growing security and privacy concerns, it is becoming increasingly important to encrypt data stored remotely. However, the use of traditional encryption prevents the search operation in the encrypted data. One approach to solving this problem is searchable encryption. Solutions for search in secure databases cover a wide range of cryptographic techniques, although there is still no dominant solution. Designing secure search systems is a balance between security, functionality, performance, and usability. Therefore, this paper provides an overview of some of the important current secure search solutions. The main searchable encryption systems of databases that support SQL are considered. The strengths and weaknesses of the analyzed systems and the techniques implemented in them are highlighted. A comparative analysis of some characteristics of the compared systems is given. Attention is drawn to the fact that the ability to perform search operations in encrypted data leads to a complication of systems, an increase in the amount of required memory and query execution time. All this indicates the openness of the protected search problem and the need for further research in this direction to ensure secure work with remote databases and data warehouses.

Published

2022

3. Analysis of formal models for access control and specific features of their applicability to databases

Author

V.V. Vilihura

Subjects

Correctness, Database, business.industry, Computer science, Process (engineering), Access control, General Medicine, Information security, Computer security model, computer.software_genre, Factor (programming language), Information system, business, Formal verification, computer, computer.programming_language

Abstract

An integral part of any project to create or assess the security of information systems and databases is the presence of a security model. The paper considers the main positions of the most common security models based on controlling the access of subjects to objects. The analysis of formal models for access control has revealed that each of them, having certain advantages and disadvantages, has the right to be used. The decisive factor in making a decision is an assessment of a specific situation, which will allow one to make the right choice. In this regard, the paper notes that security models based on discretionary policies are advisable to be applied when conducting formal verification of the correctness of building access control systems in well-protected information systems and databases. However, it is emphasized that these models have certain drawbacks that limit their use. The paper states that despite the fact that security models based on the mandatory access policy play a significant role in information security theory and their provisions have been introduced as mandatory requirements for systems that process secret information, as well as in the standards of secure systems, a number of problems may arise in the practical implementation of these models. Among these problems there are the problems associated with overestimating the security level, blind recordings, performing operations that do not fit into the framework of the model by privileged subjects. The paper also concludes that the use of security models based on role-based policy allows one to implement access control rules dynamically changing during the operation of information systems and databases, the effectiveness of which is especially noticeable when organizing access to the resources of systems with a large number of users and objects.

Published

2021

4. Analysis of formal models for ensuring data integrity and their applicability to databases

Author

V.I. Yesin, V.V. Vilihura, and S.G. Rassomakhin

Subjects

SQL, Computer science, General Medicine, Computer security model, Security policy, Computer security, computer.software_genre, Biba Model, Data integrity, Information system, Confidentiality, Implementation, computer, computer.programming_language

Abstract

Information systems in general and databases in particular are vulnerable to accidental or malicious attacks aimed at compromising data integrity. Security is easier if you have a clear model that is the formal expression of security policy. The paper explores known security models related to data integrity, their applicability and significance for databases. The analysis of formal models for ensuring data integrity revealed that each of them, having certain advantages and disadvantages, has the right to use. The decisive factor in making a decision is an assessment of a specific situation, which will make it possible to make the right choice, including their complex application. In this regard, the paper notes that the Clark-Wilson model, the undoubted advantages of which are its simplicity and ease of joint use with other security models, is advisable to use as a set of practical recommendations for building an integrity assurance system in information systems. While stating the fact that traditional DBMSs support many of the mechanisms of the Clark-Wilson model, the article points out that implementations based on standard SQL require some compromise solutions. Analyzing the Biba model, the paper concludes about its relative simplicity and the use of a well-studied mathematical apparatus. It is noted that in practice, for the creation of secure information systems, as systems that ensure the confidentiality and data integrity, it is important to unite the Bell-LaPadula and Biba models. Moreover, this union should be on the basis of one common lattice, but with two security labels (confidentiality and integrity) with the opposite character of their definition. This is exactly the variant of combining the Bell-LaPadula and Biba models that is recommended for use in modern information systems and DBMSs, where a mandatory security policy is implemented.

Published

2021

5. Деякий підхід до маскування даних як засіб протидії загрозі логічного висновку

Author

V.I. Yesin and V.V. Vilihura

Subjects

конфіденційні дані, Computer science, Speech recognition, Data Security, база данных, Inference, General Medicine, Sensitive Data, маскирование данных, Database, безопасность данных, конфиденциальные данные, безпека даних, база даних, Data Masking, маскування даних, Data masking

Abstract

The goal of the article is to reveal the essence of some approach to data masking stored in the database as a means to counteract the inference threat. This approach is based on the principles of random permutation of the elements of a data field of the row column of the production database table data and dynamic masking. A distinctive feature of the proposed solution is the approach to the process of data shuffling, namely, shuffling data value elements within the demanded row field. It is possible to mask both an entire value of the field of the table row column and its part using this solution. The proposed approach differs from most of the typical commercial tools for masking sensitive data in that a preliminary physical change of sensitive data is made in the production database, and a user who has the appropriate rights can cancel these changes if it is necessary. The legitimate user in the proposed approach gets access to sensitive data due to the ability to transform (rewrite) the query “on the fly”, and the attacker can only read the previously modified data that is stored in the database. The proposed approach to data masking can be used in both production and non-production databases, expanding the possibilities of so-called static data masking., Цель статьи – раскрытие сути некоторого подхода к маскированию данных, хранящихся в базе данных, как средства противодействия угрозе логического вывода. В основу подхода положены принципы случайной перестановки элементов поля данных столбца строки таблицы производственной базы данных и динамического маскирования. Отличительной особенностью предлагаемого решения является подход к процессу перемешивания данных, а именно, перемешиванию элементов значения данных внутри требуемого поля строки. С помощью данного решения возможно маскирование как всего значения поля столбца строки таблицы, так и его части. Предлагаемый подход отличается от большей части типичных коммерческих инструментов маскирования критических данных тем, что в базе данных выполняются предварительные физические изменения конфиденциальных данных, и эти изменения при необходимости можно отменить пользователем, который имеет соответствующие права на это. Легитимный пользователь получает доступ к конфиденциальным данным за счет возможности осуществить преобразование (перезапись) запроса «на лету», а злоумышленник может только считать хранящиеся в базе заранее измененные определенным образом с сохранением исходного формата данные. Предлагаемый подход к маскированию данных может быть использован как в производственных, так и в непроизводственных базах данных, расширяя возможности, так называемого, статического маскирования данных., Мета статті – розкриття суті деякого підходу до маскування даних, що зберігаються в базі даних, як засобу протидії загрозі логічного висновку. В основу підходу було покладено принципи випадкової перестановки елементів поля даних стовпця рядка таблиці виробничої бази даних і динамічного маскування. Відмінною особливістю запропонованого рішення є підхід до процесу перемішування даних, а саме – перемішування елементів значення даних всередині потрібного поля рядка. За допомогою даного рішення можливо маскування як всього значення поля стовпця рядка таблиці, так і його частини. Запропонований підхід відрізняється від більшої частини типових комерційних інструментів маскування критичних даних тим, що в базі даних виконуються попередні фізичні зміни конфіденційних даних, і ці зміни при необхідності можна скасувати користувачем, який має відповідні права на це. Легітимний користувач отримує доступ до конфіденційних даних за рахунок можливості здійснити перетворення (перезапис) запиту «на льоту», а зловмисник може тільки зчитувати заздалегідь змінені певним чином зі збереженням вихідного формату дані, що зберігаються в базі. Запропонований підхід до маскування даних може бути використаний як в виробничих, так і в невиробничих базах даних, розширюючи можливості так званого статичного маскування даних.

Published

2019

6. Method for developing databases being easily adaptable to changes in the subject domain

Author

V.I. Yesin and V.V. Vilihura

Subjects

General Medicine

Abstract

A method for developing relational databases with the schema invariant to subject domains is proposed. The use of this method unlike the traditional technology of designing relational databases allows: creating databases for various simulated subject domains that meet the requirements of consumers of the information product in the process of reengineering, with less time and financial costs; adapting relational databases built on the basis of a scheme with a universal basis of relations to dynamic changes in subject domains, without changing the database schema, due to the use of the created predetermined structure of basic relations.

Published

2018