Presentation is loading. Please wait.

Presentation is loading. Please wait.

EZID data security and risks Situation – EZID is “system of record”: data is irreplaceable, authoritative – Forever Challenge – How to protect data against.

Published byEdmund Powers Modified over 9 years ago

Similar presentations

Presentation on theme: "EZID data security and risks Situation – EZID is “system of record”: data is irreplaceable, authoritative – Forever Challenge – How to protect data against."— Presentation transcript:

1 EZID data security and risks Situation – EZID is “system of record”: data is irreplaceable, authoritative – Forever Challenge – How to protect data against loss & corruption?

2 1) Database dependency DBMS software is sole means of access – Backups, too Leads to total reliance on: – Having DBMS software – Database is running now – Database is running correctly – Database has been running correctly in the past

3 EZID’s strategy EZID DBMS vendor 1 DBMS vendor 1 DBMS vendor 2 DBMS vendor 2 text dumptext transaction log AND/OR comparison tool fixup tools offsite backup continuous, real-time daily rebuild tools

4 2) LDAP dependency Problem: identifier owners are identified by ARKs – “ark:/28722/... is owned by ark:/99166/p9...” – LDAP: ark:/99166/p9... = merritt Strategy – LDAP attributes are cached with owner ARKs in EZID’s database – As a result, data is self-describing

5 Risks Availability – DBMS integrity failure – Data loss – DBMS service availability – Security intrusion, DOS – Geo-localized failure – Human failure (error, malicious) –... Interpretability – Dependent information – Knowledge embodied in select staff –... Many others...

6 SPOT model for risk assessment Availability Identity Persistence Renderability Understandability Authenticity Vermaaten, Lavoie, Caplan (2012), “Identifying Threats to Successful Digital Preservation: the SPOT Model for Risk Assessment,” D-Lib Magazine doi:10.1045/september2012-vermaaten

7 SPOT model for risk assessment Renderability – Necessary software is not available – Software can’t be operated or maintained – Necessary environment is unknown – Not possible to verify integrity/accuracy of rendering – Salient characteristics were not preserved

8 Questions Is there a principled way of identifying (and mitigating) risks? – Yes: think NASA space missions – But in this area? What constitutes “enough” mitigation?

Download ppt "EZID data security and risks Situation – EZID is “system of record”: data is irreplaceable, authoritative – Forever Challenge – How to protect data against."

Similar presentations

Test process essentials Riitta Viitamäki, 14.4.2004

Test process essentials Riitta Viitamäki,
Avionics Panel Go For Luna Landing! Graham ONeil United Space Alliance March 2008.

Avionics Panel Go For Luna Landing! Graham ONeil United Space Alliance March 2008.
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.

S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
SAN DIEGO SUPERCOMPUTER CENTER Security and Grids Victor Hazlewood, CISSP Information Security Officer

SAN DIEGO SUPERCOMPUTER CENTER Security and Grids Victor Hazlewood, CISSP Information Security Officer
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Session - 15 RECOVERY CONTROL - 1 Matakuliah: M0184 / Pengolahan Data Distribusi Tahun: 2005 Versi:

Session - 15 RECOVERY CONTROL - 1 Matakuliah: M0184 / Pengolahan Data Distribusi Tahun: 2005 Versi:
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.

1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
National Institute of Standards and Technology Computer Security Division Information Technology Laboratory Threat Information Sharing; Perspectives, Strategies,

National Institute of Standards and Technology Computer Security Division Information Technology Laboratory Threat Information Sharing; Perspectives, Strategies,
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
®® Microsoft Windows 7 for Power Users Tutorial 10 Backing Up and Restoring Files.

®® Microsoft Windows 7 for Power Users Tutorial 10 Backing Up and Restoring Files.
DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.

DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.

Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.
© Pearson Education Limited, 20041 Chapter 5 Database Administration and Security Transparencies.

© Pearson Education Limited, Chapter 5 Database Administration and Security Transparencies.
Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.

Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.
© 2013 Pearson Education, Inc. Publishing as Prentice Hall 1 CHAPTER 11: DATA AND DATABASE ADMINISTRATION Modern Database Management 11 th Edition Jeffrey.

© 2013 Pearson Education, Inc. Publishing as Prentice Hall 1 CHAPTER 11: DATA AND DATABASE ADMINISTRATION Modern Database Management 11 th Edition Jeffrey.

Similar presentations

Ads by Google