Secure, dynamic and distributed access control stack for database applications

In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: 1) if policies are complex, their enforcement can lead to performance decay of database servers; 2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.

Secure, dynamic and distributed access control stack for database applications

In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: (1) if policies are complex, their enforcement can lead to performance decay of database servers; (2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.

The effects of acute administration of Chinese aphrodisiacs sold in Blantyre City on sperm characteristics and fertility profile in guinea pigs

Background Chinese aphrodisiacs have become popular remedy for sexual dysfunction and improvement of libido in men in Malawi. However, selling of these drugs seems not to be well regulated. Probably the aphrodisiacs that are currently on the market have unknown efficacy, potency and safety profiles. The aim of this study was to assess the efficacy of imported Chinese aphrodisiacs using guinea pigs as a model. Materials and Methods Two types of drugs were purchased from vendors in Blantyre City. Tonic tea, which was purported to improve erectile function and libido, and sperm multiplier tablets which were claimed to increase the sperm count. The tonic tea was prepared by soaking one tea bag in 100ml boiling water. The tea was cooled and administered to eight male experimental animals in varying doses. Each animal was introduced into a separate cage with a female guinea pig. Sexual behaviour such as mounting, sniffing behind the female were observed and recorded. Each sperm multiplier tablet was dissolved in distilled water and administered to the experimental animals in the morning and evening for seven days. At the end of the treatment, the experimental and control animals were sacrificed, their semen collected and analysed sperm motility, concentration and morphology. Results For the tonic tea, there were no statistical differences between the experimental and the control animals in terms of the number of mountings and sniffing behind the female. The sperm multiplier drug showed statistically significant differences between the experimental and the control animals in terms of the sperm motility (78.24 ± 1.35 vs. 86.54 ± 1.88, p< 0.05), and concentration (54.28 ± 1.24 vs. 67.59 ± 2.12, p<0.05). Conclusion The tonic tea did not show any efficacy in improving erection and libido. The sperm multiplier tablets, purported to increase sperm production, significantly increased the sperm motility, sperm concentration in the treated animals.