1 resultado para Mandatory Disclosure
em Repositório Institucional da Universidade de Aveiro - Portugal
Filtro por publicador
- Repository Napier (1)
- University of Cagliari UniCA Eprints (1)
- Aberdeen University (1)
- Abertay Research Collections - Abertay University’s repository (1)
- Academic Archive On-line (Jönköping University; Sweden) (4)
- Academic Archive On-line (Karlstad University; Sweden) (1)
- Adam Mickiewicz University Repository (1)
- Aquatic Commons (23)
- Archive of European Integration (7)
- Archivo Digital para la Docencia y la Investigación - Repositorio Institucional de la Universidad del País Vasco (7)
- Aston University Research Archive (16)
- B-Digital - Universidade Fernando Pessoa - Portugal (4)
- Biblioteca de Teses e Dissertações da USP (1)
- Biblioteca Digital da Câmara dos Deputados (5)
- Biblioteca Digital da Produção Intelectual da Universidade de São Paulo (3)
- Biblioteca Digital de la Universidad Católica Argentina (3)
- Biblioteca Digital de Teses e Dissertações Eletrônicas da UERJ (52)
- Bioline International (1)
- BORIS: Bern Open Repository and Information System - Berna - Suiça (21)
- Boston University Digital Common (1)
- Brock University, Canada (9)
- Bucknell University Digital Commons - Pensilvania - USA (1)
- Cambridge University Engineering Department Publications Database (3)
- CentAUR: Central Archive University of Reading - UK (16)
- Chinese Academy of Sciences Institutional Repositories Grid Portal (7)
- CORA - Cork Open Research Archive - University College Cork - Ireland (2)
- Cornell: DigitalCommons@ILR (1)
- Deakin Research Online - Australia (90)
- DI-fusion - The institutional repository of Université Libre de Bruxelles (2)
- Digital Commons @ Winthrop University (1)
- Digital Commons at Florida International University (1)
- Digital Peer Publishing (1)
- DigitalCommons@The Texas Medical Center (5)
- DigitalCommons@University of Nebraska - Lincoln (1)
- DRUM (Digital Repository at the University of Maryland) (1)
- Duke University (7)
- eResearch Archive - Queensland Department of Agriculture; Fisheries and Forestry (2)
- Glasgow Theses Service (1)
- Greenwich Academic Literature Archive - UK (2)
- Helda - Digital Repository of University of Helsinki (20)
- Hospitais da Universidade de Coimbra (1)
- Indian Institute of Science - Bangalore - Índia (13)
- Instituto Politécnico do Porto, Portugal (2)
- Iowa Publications Online (IPO) - State Library, State of Iowa (Iowa), United States (3)
- Ministerio de Cultura, Spain (1)
- National Center for Biotechnology Information - NCBI (1)
- Open University Netherlands (1)
- Portal de Revistas Científicas Complutenses - Espanha (2)
- QUB Research Portal - Research Directory and Institutional Repository for Queen's University Belfast (91)
- Queensland University of Technology - ePrints Archive (420)
- RCAAP - Repositório Científico de Acesso Aberto de Portugal (1)
- RDBU - Repositório Digital da Biblioteca da Unisinos (2)
- Repositório Científico da Universidade de Évora - Portugal (1)
- Repositório digital da Fundação Getúlio Vargas - FGV (9)
- Repositório Institucional da Universidade de Aveiro - Portugal (1)
- Repositório Institucional da Universidade de Brasília (1)
- Repositório Institucional da Universidade Federal de São Paulo - UNIFESP (1)
- Repositorio Institucional de la Universidad de Málaga (1)
- Repositório Institucional dos Hospitais da Universidade Coimbra (1)
- Repositório Institucional UNESP - Universidade Estadual Paulista "Julio de Mesquita Filho" (2)
- RUN (Repositório da Universidade Nova de Lisboa) - FCT (Faculdade de Cienecias e Technologia), Universidade Nova de Lisboa (UNL), Portugal (2)
- SAPIENTIA - Universidade do Algarve - Portugal (1)
- Universidade Técnica de Lisboa (1)
- Université de Lausanne, Switzerland (4)
- Université de Montréal, Canada (7)
- University of Canberra Research Repository - Australia (1)
- University of Connecticut - USA (3)
- University of Michigan (33)
- University of Queensland eSpace - Australia (18)
- University of Washington (3)
- WestminsterResearch - UK (2)
Resumo:
Database schemas, in many organizations, are considered one of the critical assets to be protected. From database schemas, it is not only possible to infer the information being collected but also the way organizations manage their businesses and/or activities. One of the ways to disclose database schemas is through the Create, Read, Update and Delete (CRUD) expressions. In fact, their use can follow strict security rules or be unregulated by malicious users. In the first case, users are required to master database schemas. This can be critical when applications that access the database directly, which we call database interface applications (DIA), are developed by third party organizations via outsourcing. In the second case, users can disclose partially or totally database schemas following malicious algorithms based on CRUD expressions. To overcome this vulnerability, we propose a new technique where CRUD expressions cannot be directly manipulated by DIAs any more. Whenever a DIA starts-up, the associated database server generates a random codified token for each CRUD expression and sends it to the DIA that the database servers can use to execute the correspondent CRUD expression. In order to validate our proposal, we present a conceptual architectural model and a proof of concept.