Classification of Cybersecurity Threats, Vulnerabilities and Countermeasures in Database Systems

Database systems have consistently been prime targets for cyber-attacks and threats due to the critical nature of the data they store.Despite the increasing reliance on database management systems,this field continues to face numerous cyber-attacks.Database management systems serve as the foundation of any information system or application.Any cyber-attack can result in significant damage to the database system and loss of sensitive data.Consequently,cyber risk classifications and assessments play a crucial role in risk management and establish an essential framework for identifying and responding to cyber threats.Risk assessment aids in understanding the impact of cyber threats and developing appropriate security controls to mitigate risks.The primary objective of this study is to conduct a comprehensive analysis of cyber risks in database management systems,including classifying threats,vulnerabilities,impacts,and countermeasures.This classification helps to identify suitable security controls to mitigate cyber risks for each type of threat.Additionally,this research aims to explore technical countermeasures to protect database systems from cyber threats.This study employs the content analysis method to collect,analyze,and classify data in terms of types of threats,vulnerabilities,and countermeasures.The results indicate that SQL injection attacks and Denial of Service(DoS)attacks were the most prevalent technical threats in database systems,each accounting for 9%of incidents.Vulnerable audit trails,intrusion attempts,and ransomware attacks were classified as the second level of technical threats in database systems,comprising 7%and 5%of incidents,respectively.Furthermore,the findings reveal that insider threats were the most common non-technical threats in database systems,accounting for 5%of incidents.Moreover,the results indicate that weak authentication,unpatched databases,weak audit trails,and multiple usage of an account were the most common technical vulnerabilities in database systems,each accounting for 9%of vulnerabilities.Additionally,software bugs,insecure coding practices,weak security controls,insecure networks,password misuse,weak encryption practices,and weak data masking were classified as the second level of security vulnerabilities in database systems,each accounting for 4%of vulnerabilities.The findings from this work can assist organizations in understanding the types of cyber threats and developing robust strategies against cyber-attacks.

Distributed File System Based on a Relational Database

Working with files and the safety of information has always been relevant, especially in financial institutions where the requirements for the safety of information and security are especially important. And in today’s conditions, when an earthquake can destroy the floor of a city in an instant, or when a missile hits an office and all servers turn into scrap metal, the issue of data safety becomes especially important. Also, you can’t put the cost of the software and the convenience of working with files in last place. Especially if an office worker needs to find the necessary information on a client, a financial contract or a company’s financial product in a few seconds. Also, during the operation of computer equipment, failures are possible, and some of them can lead to partial or complete loss of information. In this paper, it is proposed to create another level of abstraction for working with the file system, which will be based on a relational database as a storage of objects and access rights to objects. Also considered are possible protocols for transferring data to other programs that work with files, these can be both small sites and the operating system itself. This article will be especially interesting for financial institutions or companies operating in the banking sector. The purpose of this article is an attempt to introduce another level of abstraction for working with files. A level that is completely abstracted from the storage medium.

Exploration and Practice of Database System Course Based on KAPI Teaching Modality Under the Emerging Engineering Education

Nowadays,it is extremely urgent for the software engineering education to cultivate the knowledge and ability of database talents in the era of big data.To this end,this paper proposes a talent training teaching modality that integrates knowledge,ability,practice,and innovation(KAPI)for Database System Course.The teaching modality contains three parts:top-level design,course learning process,and course assurance and evaluation.The top-level design sorts out the core knowledge of the course and determines a mixed online and offline teaching platform.The course learning process emphasizes the correspondence transformation relationship between core knowledge points and ability enhancement,and the course is practiced in the form of experimental projects to finally enhance students’innovation consciousness and ability.The assurance and evaluation of the course are based on the outcome-based education(OBE)orientation,which realizes the objective evaluation of students’learning process and final performance.The teaching results of the course in the past 2 years show that the KAPI-based teaching modality has achieved better results.Meanwhile,students are satisfied with the evaluation of the modality.The teaching modality in this paper helps to stimulate students’initiatives,and improve their knowledge vision and practical ability,and thus helps to cultivate innovative and high-quality engineering talents required by the emerging engineering education.

Use of Component Integration Services in Multidatabase Systems: A Feasible Solution for Integrating Academic Institutions or Commercial Industries

The book chapter is an extended version of the research paper entitled “Use of Component Integration Services in Multidatabase Systems”, which is presented and published by the 13th ISITA, the National Conference of Recent Trends in Mathematical and Computer Sciences, T.M.B. University, Bhagalpur, India, January 3-4, 2015. Information is widely distributed across many remote, distributed, and autonomous databases (local component databases) in heterogeneous formats. The integration of heterogeneous remote databases is a difficult task, and it has already been addressed by several projects to certain extents. In this chapter, we have discussed how to integrate heterogeneous distributed local relational databases because of their simplicity, excellent security, performance, power, flexibility, data independence, support for new hardware technologies, and spread across the globe. We have also discussed how to constitute a global conceptual schema in the multidatabase system using Sybase Adaptive Server Enterprise’s Component Integration Services (CIS) and OmniConnect. This is feasible for higher education institutions and commercial industries as well. Considering the higher educational institutions, the CIS will improve IT integration for educational institutions with their subsidiaries or with other institutions within the country and abroad in terms of educational management, teaching, learning, and research, including promoting international students’ academic integration, collaboration, and governance. This will prove an innovative strategy to support the modernization and large expansion of academic institutions. This will be considered IT-institutional alignment within a higher education context. This will also support achieving one of the sustainable development goals set by the United Nations: “Goal 4: ensure inclusive and quality education for all and promote lifelong learning”. However, the process of IT integration into higher educational institutions must be thoroughly evaluated, identifying the vital data access points. In this chapter, Section 1 provides an introduction, including the evolution of various database systems, data models, and the emergence of multidatabase systems and their importance. Section 2 discusses component integration services (CIS), OmniConnect and considering heterogeneous relational distributed local databases from the perspective of academics, Section 3 discusses the Sybase Adaptive Server Enterprise (ASE), Section 4 discusses the role of component integration services and OmniConnect of Sybase ASE under the Multidatabase System, Section 5 shows the database architectural framework, Section 6 provides an implementation overview of the global conceptual schema in the multidatabase system, Section 7 discusses query processing in the CIS, and finally, Section 8 concludes the chapter. The chapter will help our students a lot, as we have discussed well the evolution of databases and data models and the emergence of multidatabases. Since some additional useful information is cited, the source of information for each citation is properly mentioned in the references column.

Building Hot Snapshot Copy Based on Windows File System

This paper describes a method for building hot snapshot copy based on windows-file system （HSCF）. The architecture and running mechanism of HSCF are discussed after giving a comparison with other on-line backup tecbnology. HSCF, based on a file system filter driver, protects computer data and ensures their integrity and consistency with following three steps： access to open files, synchronization and copy on-write. Its strategies for improving system performance are analyzed including priority setting, incremental snapshot and load balance. HSCF is a new kind of snapshot technology to solve the data integrity and consistency problem in online backup, which is different from other storage-level snapshot and Open File Solution.

Development of a database system for operational use in the selection of titanium alloys

The selection of titanium alloys has become a complex decision-making task due to the growing number of creation and utilization for titanium alloys,with each having its own characteristics,advantages,and limitations.In choosing the most appropriate titanium alloys,it is very essential to offer a reasonable and intelligent service for technical engineers.One possible solution of this problem is to develop a database system（DS） to help retrieve rational proposals from different databases and information sources and analyze them to provide useful and explicit information.For this purpose,a design strategy of the fuzzy set theory is proposed,and a distributed database system is developed.Through ranking of the candidate titanium alloys,the most suitable material is determined.It is found that the selection results are in good agreement with the practical situation.

Design and Implementation of a Heterogeneous Database System over the Intranet

Aim To develop a heterogeneous database united system(HDBUS)that combines the local database of Oracle, Sybase and SQL server distributed on different server into a global database,and supports the global transaction management and parallel query over the Intranet Methods In the designing and implementation of HDBUS two important concepts heterogeneous tables join. Results and Conclu- tion The first concept can be used to process the parallel query of multiple database server, the second one is the key technology of heterogeneous is the key technology of heterogeneous distribute database.

A BiLSTM cardinality estimator in complex database systems based on attention mechanism

An excellent cardinality estimation can make the query optimiser produce a good execution plan.Although there are some studies on cardinality estimation,the prediction results of existing cardinality estimators are inaccurate and the query efficiency cannot be guaranteed as well.In particular,they are difficult to accurately obtain the complex relationships between multiple tables in complex database systems.When dealing with complex queries,the existing cardinality estimators cannot achieve good results.In this study,a novel cardinality estimator is proposed.It uses the core techniques with the BiLSTM network structure and adds the attention mechanism.First,the columns involved in the query statements in the training set are sampled and compressed into bitmaps.Then,the Word2vec model is used to embed the word vectors about the query statements.Finally,the BiLSTM network and attention mechanism are employed to deal with word vectors.The proposed model takes into consideration not only the correlation between tables but also the processing of complex predicates.Extensive experiments and the evaluation of BiLSTM-Attention Cardinality Estimator(BACE)on the IMDB datasets are conducted.The results show that the deep learning model can significantly improve the quality of cardinality estimation,which is a vital role in query optimisation for complex databases.

Scheduling transactions in mobile distributed real-time database systems

A DMVOCC-MVDA （distributed multiversion optimistic concurrency control with multiversion dynamic adjustment） protocol was presented to process mobile distributed real-time transaction in mobile broadcast environments. At the mobile hosts, all transactions perform local pre-validation. The local pre-validation process is carried out against the committed transactions at the server in the last broadcast cycle. Transactions that survive in local pre-validation must be submitted to the server for local final validation. The new protocol eliminates conflicts between mobile read-only and mobile update transactions, and resolves data conflicts flexibly by using multiversion dynamic adjustment of serialization order to avoid unnecessary restarts of transactions. Mobile read-only transactions can be committed with no-blocking, and respond time of mobile read-only transactions is greatly shortened. The tolerance of mobile transactions of disconnections from the broadcast channel is increased. In global validation mobile distributed transactions have to do check to ensure distributed serializability in all participants. The simulation results show that the new concurrency control protocol proposed offers better performance than other protocols in terms of miss rate, restart rate, commit rate. Under high work load （think time is ls） the miss rate of DMVOCC-MVDA is only 14.6%, is significantly lower than that of other protocols. The restart rate of DMVOCC-MVDA is only 32.3%, showing that DMVOCC-MVDA can effectively reduce the restart rate of mobile transactions. And the commit rate of DMVOCC-MVDA is up to 61.2%, which is obviously higher than that of other protocols.

Research on the Automatic Pattem Abstraction and Recognition Methodology for Large-scale Database System based on Natural Language Processing

In this research paper, we research on the automatic pattern abstraction and recognition method for large-scale database system based on natural language processing. In distributed database, through the network connection between nodes, data across different nodes and even regional distribution are well recognized. In order to reduce data redundancy and model design of the database will usually contain a lot of forms we combine the NLP theory to optimize the traditional method. The experimental analysis and simulation proves the correctness of our method.

Load-Balance Policy in Two Level-Cluster File System

In this paper, we explored a load-balancing algorithm in a cluster file system contains two levels of metadata-server, primary-level server quickly distributestasks to second-level servers depending on the closest load-balancing information. At the same time, we explored a method which accurately reflect I/O traffic and storage of storage-node： computing the heat-value of file, according to which we realized a more logical storage allocation. According to the experiment result, we conclude that this new algorithm shortens the executing time of tasks and improves the system performance compared with other load algorithm.

A dynamic crash recovery scheme for distributed real-time database systems

Recovery performance in the event of failures is very important for distributed real-time database systems. This paper presents a time-cognizant logging-based crash recovery scheme （TCLCRS） that aims at distributed real-time databases, which adopts a main memory database as its ground support. In our scheme, each site maintains a real-time log for local transactions and the subtransactions, which execute at the site, and execte local checkpointing independently. Log records are stored in non-volatile high- speed store, which is divided into four different partitions based on transaction classes. During restart recovery after a site crash, partitioned crash recovery strategy is adopted to ensure that the site can be brought up before the entire local secondary database is reloaded in main memory. The partitioned crash recovery strategy not only guarantees the internal consistency to be recovered, but also guarantee the temporal consistency and recovery of the sates of physical world influenced by uncommitted transactions. Combined with two- phase commit protocol, TCLCRS can guarantee failure atomicity of distributed real-time transactions.

Weak Serializable Concurrency Control in Distributed Real-Time Database Systems

Most of the proposed concurrency control protocols for real time database systems are based on serializability theorem. Owing to the unique characteristics of real time database applications and the importance of satisfying the timing constraints of transactions, serializability is too strong as a correctness criterion and not suitable for real time databases in most cases. On the other hand, relaxed serializability including epsilon serializability and similarity serializability can allow more real time transactions to satisfy their timing constraints, but database consistency may be sacrificed to some extent. We thus propose the use of weak serializability(WSR) that is more relaxed than conflicting serializability while database consistency is maintained. In this paper, we first formally define the new notion of correctness called weak serializability. After the necessary and sufficient conditions for weak serializability are shown, corresponding concurrency control protocol WDHP(weak serializable distributed high priority protocol) is outlined for distributed real time databases, where a new lock mode called mask lock mode is proposed for simplifying the condition of global consistency. Finally, through a series of simulation studies, it is shown that using the new concurrency control protocol the performance of distributed real time databases can be greatly improved.

CRF:A Scheduling of Multi-Granularity Locks in Object-Oriented Database Systems

This paper introduces a multi-granularity locking model (MGL) for concurrency control in object-oriented database system briefiy, and presents a MGL model formally. Four lockingscheduling algorithms for MGL are proposed in the paper. The ideas of single queue scheduling(SQS) and dual queue scheduling (DQS) are proposed and the algorithm and the performance evaluation for these two scheduling are presented in some paper. This paper describes a new idea of thescheduling for MGL, compatible requests first (CRF). Combining the new idea with SQS and DQS,we propose two new scheduling algorithms called CRFS and CRFD. After describing the simulationmodel, this paper illustrates the comparisons of the performance among these four algorithms. Asshown in the experiments, DQS has better performance than SQS, CRFD is better than DQS, CRFSperforms better than SQS, and CRFS is the best one of these four scheduling algorithms.

Multi-Level Cryptographic Functions for the Functionalities of Open Database System

The purpose of this paper is to design and implement a secure open database system for organizations that are increasingly opened up their information for easy access by different users. The work proposed some functionalities such as open password entry with active boxes, combined encryption methods and agent that can be incorporated into an open database system. It designed and implemented an algorithm that would not allow users to have free access into open database system. A user entering his password only needs to carefully study the sequence of codes and active boxes that describe his password and then enter these codes in place of his active boxes. The approach does not require the input code to be hidden from anyone or converted to place holder characters for security reasons. Integrating this scheme into an open database system is viable in practice in term of easy use and will improve security level of information.

Quasi Serializable Concurrency Control in Distributed Real-Time Database Systems

This paper formally defines and analyses the new notion of correctness called quasi serializability, and then outlines corresponding concurrency control protocol QDHP for distributed real-time databases. Finally, through a series of simulation studies, it shows that using the new concurrency control protocol the performance of distributed real-time databases can be much improved.

OrientX: An Integrated, Schema Based Native XML Database System

The increasing number of XML repositories has stimulated the design of systems that can store and query XML data efficiently. OrientX, a native XML database sys tern, is designed to meet this requirement. In this paper, we described the system structure and design of OrientX, an integrated, schema-based native XML database. The main contributions of OrientX are： a）We have implemented an integrated native XML database system, which supports native storage of XML data, and based on it we can handle XPath＆ XQuery efficiently; b）In our OrientX system, schema information is fully explored to guide the storage, optimization and query processing.

基于Read-only zip file system的文字内码到点阵信息的转换研究

在嵌入式系统环境下，利用Ahera公司提供的zip file system，用C语言标准文件读写函数将内码转换为可以在液晶屏幕上显示字符图形的点阵信息。将该方案应用于电子阅读器的开发，较好的实现了设计目标，并在硬件、软件方面都留下较多地接口，有利于将来进行二次开发。

Validation concurrency control protocol in parallel real-time database systems

In parallel real-time database systems, concurrency control protocols must satisfy time constraints as well as the integrity constraints. The authors present a validation concurrency control(VCC) protocol, which can enhance the performance of real-time concurrency control mechanism by reducing the number of transactions that might miss their deadlines, and compare the performance of validation concurrency control protocol with that of HP2PL(High priority two phase locking) protocol and OCC-TI-WAIT-50(Optimistic concurrency control-time interval-wait-50) protocol under shared-disk architecture by simulation. The simulation results reveal that the protocol the author presented can effectively reduce the number of transactions restarting which might miss their deadlines and performs better than HP2PL and OCC-TI-WAIT-50. It works well when arrival rate of transaction is lesser than threshold. However, due to resource contention the percentage of missing deadline increases sharply when arrival rate is greater than the threshold.

An Online Outpatient Database System: A Case Study of General Hospital, Minna

Outpatients receive medical treatment without being admitted to a hospital. They are not hospitalized for 24 hours or more but visit hospital, clinic or associated facility for diagnosis or treatment [1]. But the problems of keeping their records for quick access by the management and provision of confidential, secure medical report that facilitates planning and decision making and hence improves medical service delivery are vital issues. This paper explores the challenges of manual outpatient records system for General Hospital, Minna and infers solutions to the current challenges by designing an online outpatient’s database system. The main method used for this research work is interview. Two (2) doctors, three (3) nurses on duty and two (2) staff at the record room were interviewed. Fifty (50) sampled outpatient records were collected. The combination of PHP, MYSQL and MACROMIDIA DREAMVEAVER was used to design the webpage and input data. The records were implemented on the designed outpatient management system and the outputs were produced. The finding shows these challenges facing the manual system of inventory management system. Distortion of patient’s folder and difficulty in searching a patient’s folder, difficulty in relating previous complaint with the new complains because of volume of the folder, slow access to patient diagnosis history during emergency, lack of back up when an information is lost, and preparation of accurate and prompt reports make it become a difficult task as information is difficult to collect from various register. Based on the findings, this paper highlights the possible solutions to the above problems. An online outpatient database system was designed to keep the outpatients records and improve medical service delivery.