• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.107-115
• /
• 2022

Recently, big data applications need another database different from the Relation database. NoSQL databases are used to save and handle massive amounts of data. NoSQL databases have many advantages over traditional databases like flexibility, efficiently processing data, scalability, and dynamic schemas. Most of the current applications are based on the web, and the size of data is in increasing. NoSQL databases are expected to be used on a more and large scale in the future. However, NoSQL suffers from many security issues, and one of them is access control. Many recent applications need Fine-Grained Access control (FGAC). The integration of the NoSQL databases with FGAC will increase their usability in various fields. It will offer customized data protection levels and enhance security in NoSQL databases. There are different NoSQL database models, and a document-based database is one type of them. In this research, we choose the CouchDB NoSQL document database and develop an access control mechanism that works at a fain-grained level. The proposed mechanism uses role-based access control of CouchDB and restricts read access to work at the document level. The experiment shows that our mechanism effectively works at the document level in CouchDB with good execution time.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.2
• /
• pp.95-104
• /
• 2017

As the technology in smart device is growing and Social Network Services(SNS) are becoming more common, the data which is difficult to be processed by existing RDBMS are increasing. As a result of this, NoSQL databases are getting popular as an alternative for processing massive and unstructured data generated in real time. The demand for the technique of digital investigation of NoSQL databases is increasing as the businesses introducing NoSQL database in their system are increasing, although the technique of digital investigation of databases has been researched centered on RDMBS. New techniques of digital forensic investigation are needed as NoSQL Database has no schema to normalize and the storage method differs depending on the type of database and operation environment. Research on document-based database of NoSQL has been done but it is not applicable as itself to other types of NoSQL Database. Therefore, the way of operation and data model, grasp of operation environment, collection and analysis of artifacts and recovery technique of deleted data in HBase which is a NoSQL column-based database are presented in this paper. Also the proposed technique of digital forensic investigation to HBase is verified by an experimental scenario.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.2
• /
• pp.59-66
• /
• 2017

MySQL database is the second place in the market share of the current database. Especially InnoDB storage engine has been used in the default storage engine from the version of MySQL5.5. And many companies are using the MySQL database with InnoDB storage engine. Study on the structural features and the log of the InnoDB storage engine in the field of digital forensics has been steadily underway, but for how to restore on a record-by-record basis for the deleted data, has not been studied. In the process of digital forensic investigation, database administrators damaged evidence for the purpose of destruction of evidence. For this reason, it is important in the process of forensic investigation to recover deleted record in database. In this paper, We proposed the method of recovering deleted data on a record-by-record in database by analyzing the structure of MySQL InnoDB storage engine. And we prove this method by tools. This method can be prevented by database anti forensic, and used to recover deleted data when incident which is related with MySQL InnoDB database is occurred.

• Journal of Internet Computing and Services
• /
• v.17 no.2
• /
• pp.1-9
• /
• 2016

Users are provided infrastructure such as CPU, memory, network, and storage as IaaS (Infrastructure as a Service) service on cloud computing environments. However storage instances cannot support the maximum storage capacity that SQL servers can use, because the capacity of instances provided by service providers is usually limited. In this paper, we propose a method of securing mass storage capacity for SQL servers by sharing network disks with limited storage capacity. We confirmed through experiments that it is possible to secure mass storage capacity, which exceeds the maximum storage capacity provided by an instance with Amazon EBS on Amazon EC2 Windows environments, and it is possible to improve the overall performance of the SQL servers by increasing the disk capacity and performance.

• KIPS Transactions on Software and Data Engineering
• /
• v.5 no.10
• /
• pp.477-482
• /
• 2016

As being the advanced analytics indispensable on big data for agile decision-making and tactical planning in enterprises, distributed processing platforms, such as Hadoop and Spark which distribute and handle the large volume of data on multiple nodes, receive great attention in the field. In Spark platform stack, Spark SQL unveiled recently to make Spark able to support distributed processing framework based on SQL. However, Spark SQL cannot effectively handle advanced analytics that involves machine learning and graph processing in terms of iterative tasks and task allocations. Motivated by these issues, this paper proposes the design of SQL-based big data optimal processing engine and processing framework to support advanced analytics in Spark environments. Big data optimal processing engines copes with complex SQL queries that involves multiple parameters and join, aggregation and sorting operations in distributed/parallel manner and the proposing framework optimizes machine learning process in terms of relational operations.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.3
• /
• pp.298-305
• /
• 2016

Various NoSQL databases are more excellent to process a large amount of big data than existing relational databases such as MySQL, PostgreSQL and Oracle. Among widely used NoSQL databases, performance of HBase, Cassandra, MongoDB and Redis was comparatively assessed. For distributed processing of a large amount of data, 12 servers were connected through switching hub and Ubuntu was installed as operating system. As for benchmark tool, YCSB was applied. Read and update ratios changed from 50% and 50%, 95% and 5% and finally, 100% and 0% and each of them was assessed as 200,000 commands developed into 1,200,000 commands for each case. Cassandra was most excellent with transaction processing per second while MongoDB was most excellent with the number of processes carried out per unit time.

• Communications for Statistical Applications and Methods
• /
• v.15 no.1
• /
• pp.51-64
• /
• 2008

In general, R is useful for small size data. We study how to access a large data set in a database by R-language. We provide real examples to access data sets stored in database servers MySQL, Oracle or PostgreSQL.

• Electronics and Telecommunications Trends
• /
• v.9 no.4
• /
• pp.157-169
• /
• 1994

본 고에서는 ISO/IEC JTC1/SC21 WG3(Database)에서 표준화하고 있는 SQL Multimedia and Application Packages (SQL/MM)에 대해 표준화의 동향과 이 표준에서 정의하고 있는 기술적인 내용을 분석한다. SQL/MM은 데이터베이스 언어의 표준인 SQL을 확장한 새로운 표준으로서, 멀티미디어 응용에서 필요로 하는 여러 가지 요구 사항을 만족시킬 수 있도록 하기 위한 새로운 기능들이 추가된 형태이다. 이 표준은 SQL3라는 객체 지향 데이터베이스를 위한 표준 질의 언어의 기본 기능 위에 멀티미디어적 요소들을 첨가하는 방법으로 표준 제정이 진행되고 있다. 우선적으로 다루고 있는 분야는 문서에 대한 full-text 검색 분야와 공간 및 시간 관계를 이용한 검색 분야 등이며, 다양한 데이터 타입들 중에서 여러 종류의 응용에서 공통적으로 사용되는 범용의 것들을 체계적으로 정리하는 분야도 병행하고 있다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2576-2590
• /
• 2020

The fundamental reason why most SQL injection detection methods are difficult to use in practice is the low reusability of the implementation code. This paper presents a reusable SQL injection detection method for Java Web applications based on AOP (Aspect-Oriented Programming) and dynamic taint analysis, which encapsulates the dynamic taint analysis processes into different aspects and establishes aspect library to realize the large-grained reuse of the code for detecting SQL injection attacks. A metamodel of aspect library is proposed, and a management tool for the aspect library is implemented. Experiments show that this method can effectively detect 7 known types of SQL injection attack such as tautologies, logically incorrect queries, union query, piggy-backed queries, stored procedures, inference query, alternate encodings and so on, and support the large-grained reuse of the code for detecting SQL injection attacks.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2021.07a
• /
• pp.89-90
• /
• 2021

최근 증가하고 있는 대용량, 비정형 데이터의 처리를 위해 NoSQL의 사용이 증가하고 있다. 하지만 기존의 소프트웨어들은 대부분 RDBMS로 구성되어있고, 저용량 데이터의 경우 RDBMS를 사용하여 관리하는 경우가 많다. 때문에 기존 RDBMS를 사용한 소프트웨어를 대용량 처리에 유리하도록 NoSQL 기반으로 마이그레이션하여 새로운 버전을 개발하고, 각각의 이점을 효율적으로 사용하기 위해 RDBMS와 NoSQL의 혼용하는 사례가 증가하고있다. 본 논문에서는 RDBMS와 NoSQL간의 데이터 매핑 관리 모델을 제안하여 소프트웨어 개발자 또는 데이터 관리자의 효율적 데이터 관리에 도움을 준다.