Physical Sciences and Mathematics Commons^™

College Of Education Filemaker Extraction And End-User Database Development, Andrew Tran

Electronic Theses, Projects, and Dissertations

The College of Education (CoE) at the California State University San Bernardino (CSUSB) developed a system to keep track of both state and national accreditation requirements using FileMaker 5, a database system. This accreditation data is crucial for reporting and record-keeping for the CSU Chancellor’s Office as well as the State of California. However, the database system was developed several decades ago, and software support has long since been dropped, causing the CoE’s legacy accreditation data to be at risk of being lost should the software or hardware suffer permanent failure. The purpose of this project was to perform extraction …

Vzwam Web-Based Lookup, Ruben Claudio

Masters Theses & Doctoral Dissertations

This web-based lookup will allow V employees to find territory sales rep much faster. It will simplify the process and eliminate manual processes.

At the moment, a combination of multiple manual processes is needed to find territory sales reps. The company’s CRM does not allow to find rep sales quickly. When an in-house sales representative is talking to a prospect, this sales rep has to go through a few series of steps to find an outside or territory sales rep --which is usually needed to schedule in-person meetings, that results in delays while doing transactions with the prospects. Besides, because …

Enforcing Database Security On Cloud Using A Trusted Third Party Based Model, Victor Fuentes Tello

Graduate Theses and Dissertations

Cloud computing offers a considerable number of advantages to clients and organizations that use several capabilities to store sensitive data, interact with applications, or use technology infrastructure to perform daily activities. The development of new models in cloud computing brings with it a series of elements that must be considered by companies, particularly when the sensitive data needs to be protected. There are some concerns related to security that need to be taken into consideration when a service provider manage and store the data in a location outside the company. In this research, a model that uses a trusted third …

Data Insertion In Bitcoin's Blockchain, Andrew Sward, Vecna Op_0, Forrest Stonedahl

Computer Science: Faculty Scholarship & Creative Works

This paper provides the first comprehensive survey of methods for inserting arbitrary data into Bitcoin's blockchain. Historical methods of data insertion are described, along with lesser-known techniques that are optimized for efficiency. Insertion methods are compared on the basis of efficiency, cost, convenience of data reconstruction, permanence, and potentially negative impact on the Bitcoin ecosystem.

Sql Injection: The Longest Running Sequel In Programming History, Matthew Horner, Thomas Hyslip

Journal of Digital Forensics, Security and Law

One of the risks to a company operating a public-facing website with a Structure Query Language (SQL) database is an attacker exploiting the SQL injection vulnerability. An attacker can cause an SQL database to perform actions that the developer did not intend like revealing, modifying, or deleting sensitive data. This can cause a loss of confidentiality, integrity, and availability of information in a company’s database, and it can lead to severe costs of up to $196,000 per successful injection attack (NTT Group, 2014). This paper discusses the history of the SQL injection vulnerability, focusing on:

• How an attacker can exploit …

Privacy-Preserving Sanitization In Data Sharing, Wentian Lu

Doctoral Dissertations

In the era of big data, the prospect of analyzing, monitoring and investigating all sources of data starts to stand out in every aspect of our life. The benefit of such practices becomes concrete only when analysts or investigators have the information shared from data owners. However, privacy is one of the main barriers that disrupt the sharing behavior, due to the fear of disclosing sensitive information. This dissertation describes data sanitization methods that disguise the sensitive information before sharing a dataset and our criteria are always protecting privacy while preserving utility as much as possible. In particular, we provide …

Database Access Pattern Protection Without Full-Shuffles, Xuhua Ding, Yanjiang Yang, Robert H. Deng

Research Collection School Of Computing and Information Systems

Privacy protection is one of the fundamental security requirements for database outsourcing. A major threat is information leakage from database access patterns generated by query executions. The standard private information retrieval (PIR) schemes, which are widely regarded as theoretical solutions, entail O(n) computational overhead per query for a database with items. Recent works propose to protect access patterns by introducing a trusted component with constant storage size. The resulting privacy assurance is as strong as PIR, though with O(1) online computation cost, they still have O(n) amortized cost per query due to periodically full database shuffles. In this paper, we …

Shifting Inference Control To User Side: Architecture And Protocol, Yanjiang Yang, Yingjiu Li, Robert H. Deng, Feng Bao

Research Collection School Of Computing and Information Systems

Inference has been a longstanding issue in database security, and inference control, aiming to curb inference, provides an extra line of defense to the confidentiality of databases by complementing access control. However, in traditional inference control architecture, database server is a crucial bottleneck, as it enforces highly computation-intensive auditing for all users who query the protected database. As a result, most auditing methods, though rigorously studied, are not practical for protecting large-scale real-world database systems. In this paper, we shift this paradigm by proposing a new inference control architecture, entrusting inference control to each user's platform that is equipped with …