"Data can easily find itself in danger of being accessed by 'bad guys,'" says emeritus professor of computer science Gio Wiederhold, who will speak about trusted information databases Feb. 14 in Seattle at the annual meeting of the American Association for the Advancement of Science (AAAS). "Passwords and other means of access control are okay, but additional security mechanisms are needed to provide security." To ensure that data records are not released into the wrong hands, Wiederhold suggests adding filters to outgoing data.
Traditional security systems often utilize access control in which passwords are the key to identifying authorized users and granting them access to data. While doctors or nurses may have access to medical data in a hospital database, they cannot access financial data in the hospital's accounting database. Conversely, an insurance company can access financial records but not patient medical records. Patients, in contrast, can request access to both types of data. A database administrator in a traditional system defines different roles for different users, and those roles define the type of access allowed.
The good news about traditional systems is that bad guys must employ multiple 'hacks' to get past the firewalls, operating systems and the database security itself. The bad news is that because the filter is at the level of user access, security stops once a user gains access to material authorized for his or her role. If a good guy turns bad - as in the case where a disgruntled employee with access privileges decides to do some damage - the database becomes endangered.
A severe disadvantage to the access-driven security model is that it requires that all of the contents be well organized and placed into neat bins for access by those with authorized roles. Protection is poor for data that
'"/>
Contact: Dawn Levy
dawnlevy@stanford.edu
650-725-1944
Stanford University
14-Feb-2004