-
Essay / KNOWLEDGE MANAGEMENT AS A MANAGEMENT TOOL - 1126
Despite the increased attention of research and industry to improving the security of our cyberinfrastructures, the protection of data entrusted to information systems businesses, is today more difficult than ever. Several factors underlie this trend. Data security concerns are evolving. In addition to the traditional requirements of confidentiality, integrity and availability of data, new requirements are added such as data quality (P. Missier, 2003), their completeness, their timeliness and their provenance. In particular, it is important that the data is complete, correct and up to date with the outside world. The increasing quality of data will make it more valuable. High-value data increases the potential for unauthorized access and the potential damage that can be caused if the data becomes corrupted. The amount of data is increasingly important: “It is estimated that the amount of information in the world doubles every 20 months, and that the size and number of databases are increasing even more rapidly” (R.Agawal, 2002)). Protection mechanisms must therefore be able to adapt correctly. We are seeing increasing disintermediation in access to data. Intermediate information processing steps typically carried out by company employees, such as entering an order received by telephone, are eliminated. Users located outside traditional corporate boundaries can have direct and immediate online access to business information about them. In a traditional environment, all access to sensitive information is through employees. Although employees are not always trusted, at least they are known, their access to sensitive data is limited by their role, and employees who violate access policies may be subject to disciplinary action.... . middle of paper ...... designed and integrated with processing techniques for continuous queries. Finally, the confidentiality of user location data, acquired from sensors and communication networks, must be guaranteed. • Database survival This is an important topic that has been largely unexplored, despite its relevance. Survivability refers to the ability of the database system to continue its functions, even with reduced capabilities, despite disruptive events, such as information warfare attacks. To date, issues related to database survivability have not been studied much. (Liu, 2002) proposed four database architectures for intrusion-tolerant database systems focused on containing malicious transactions. Although this is an important first step, much more research needs to be devoted to the techniques and methodologies that ensure the survival of the database system..