Still Life

Firefighters battled a controlled blaze on the tarmac at Penn State's University Park Airport on May 23 during a full-scale emergency exercise. The exercise was designed to provide real-time training and recertification for emergency response personnel from around the Centre Region.

University Park Airport Emergency Response Exercise

A moment of levity: Penn State Lehigh Valley graduates celebrated with the Nittany Lion after commencement ceremonies, held May 5 at Stabler Arena in Bethlehem, Pa.

Commencement across Penn State: Spring 2012

New graduates of Penn State's Eberly College of Science listened to the commencement address provided by United States Secretary of Energy Steven Chu during spring 2012 graduation ceremonies held May 5 at the Bryce Jordan Center on the University Park campus.

Spring commencement 2012 under way

A Moroccan farmer taught Penn State students about the properties of vetiver grass, including its ability to clean wastewater. The grass could be used as part of a solution to water-quality problems being experienced in Assoul, Morocco, where students spent time recently.

Penn State, Moroccan students problem-solve together

Anjelica Fortunato, left, and Jeffrey Lu reviewed for their Anatomy 129 final exam on May 1 on the HUB-Robeson Center Lawn on Penn State's University Park campus. Penn State students are preparing for and taking final exams throughout the week as spring semester 2012 comes to a close.

Finals Week Spring Semester 2012

Featured Video

Painting the Lines at Beaver Stadium

Painting the Lines at Beaver Stadium

Did They Get It Right? - RedTails

Did They Get It Right? - RedTails

Iconic Penn State elm taken down over spring break 2012

Iconic Penn State elm taken down over spring break 2012

We ... are Penn State (December 19, 2011)

We ... are Penn State (December 19, 2011)

Disease stricken matching elm tree slated for removal

Disease stricken matching elm tree slated for removal

Penn State's creamery, from the cow to the cone

Penn State's creamery, from the cow to the cone

Updates:
Penn State Promise

Board of Trustees launches new website

Faculty Senate recaps 2011-12 activity for Board of Trustees

Frazier provides update on Special Investigations Task Force

Board of Trustees meeting to be streamed live

Penn State donates more than $2.6 million to abuse prevention efforts

New software developed by Penn State improves database security

Thursday, November 11, 2004

University Park, Pa.-- Penn State researchers have developed software that more quickly and efficiently ensures that databases don't release unauthorized information.

The software, QFilter, "sits" between users and databases and filters or culls out unauthorized requests for data before a database responds to a query.

"We have shifted the thinking from data filtering to query filtering," said Dongwon Lee, assistant professor in Penn State's School of Information Sciences and Technology (IST). "This is a practical solution to the ongoing problem of database access controls."

Businesses and organizations know a critical security guarantee for their databases is that only authorized users can access approved data. That security is managed currently through access control-modules built separately into individual databases.

QFilter can implement database security without those modules. This means it can be used with off-the-shelf databases and without requiring substantial changes to existing databases, the researchers said.

"That difference not only makes the security check of QFilter very practical, but it also significantly improves query-response time by rejecting unauthorized requests early on," Lee said.

The technology is discussed in a paper titled "QFilter: Fine-Grained Run-Time XML Access Control via NFA-based Query Rewriting" presented today (Nov. 11) at the ACM Conference on Information and Knowledge Management in Washington, D.C.

Lee's co-authors are Bo Luo, IST doctoral student; Peng Liu, assistant professor of information sciences and technology; and Wang-Chien Lee, associate professor of computer science and engineering at Penn State.

Other technologies for restricting access to databases exist. One popular technique is view-based technology, which creates different data views for each user. Once the views are created, the database no longer has to check users' credentials, so there is a speed advantage. But as the number of users requesting access grows or views need to be updated frequently, this technology will have maintenance and storage
issues, the researchers said.

"The issues are what technology is the fastest, what requires the least storage and what requires the least amount of changes to existing databases," Lee said. "Compared to competing techniques, QFilter is better on all three."

To capture and determine who can access what information, QFilter uses a specialized model of computation known as non-deterministic finite automata (NFA). NFA stores a large number of access control policies in an efficient and non-redundant fashion. NFA monitors when users' queries pass through and filters out parts of queries asking for unauthorized access.

Work on QFilter continues as the software is not in its final version, said Lee who anticipates developing other applications for QFilter.

The research was supported partially by the National Science Foundation.

Contact