A database design methodology is presented in this paper which aims to improve the security of medical database systems. The proposed methodology is based on both the discretionary and the mandatory database security policies. In this way the advantages of both approaches are combined to enhance medical database security. The experimental implementation of the proposed methodology in a major Greek hospital is also presented. The implementation has shown that the combined discretionary and mandatory security enforcement effectively limits the unauthorised access to the medical database, without severely restricting the capabilities of the system.
A database design methodology is presented in this paper which aims to improve the security of medical database systems. The proposed methodology is based on both the discretionary and the mandatory database security policies. It also supports tuple-level granularity that helps to reduce the complexity encountered when supporting field-level granularity and minimise the number of fragments encountered when supporting table-level granularity. An experimental implementation of the proposed methodology in a major Greek hospital is also presented. The implementation has proved the usefulness of the proposals as well as their effectiveness in limiting the unauthorised access to the medical database, without severely restricting the capabilities of the system.
Purpose-The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing Digital Forensic Readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing. Design/methodology/approach-This paper employs a quantitative methodology to identify the most popular Cyber Threat Intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value resulting in the quick and accurate triaging and identification of patterns of malicious activities. Findings-While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the Digital Forensics (DF) domain. Originality/value-The proposed model can help organizations to improve their digital forensic readiness posture and thus minimize the time and cost of cybercrime incidents.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.