scispace - formally typeset
Search or ask a question
Author

Michael Coles

Bio: Michael Coles is an academic researcher. The author has contributed to research in topics: Encryption & Data Transformation Services. The author has an hindex of 4, co-authored 14 publications receiving 62 citations.

Papers
More filters
Book ChapterDOI
01 Jan 2009
TL;DR: Up to this point, I’ve focused on cell-level encryption, which represents a significant portion of SQL Server’s encryption functionality, and it does have some drawbacks.
Abstract: Up to this point, I’ve focused on cell-level encryption, which represents a significant portion of SQL Server’s encryption functionality. Cell-level encryption can be an extremely useful tool for targeted data encryption, but it does have some drawbacks. For one thing, a proper strategy involving cell-level encryption requires careful planning to balance the needs of security and performance. Cell-level encryption can be difficult, or impossible in some cases, to implement when you already have a database in production. The cost of refactoring a complex database (and its dependent applications) can be a significant deterrent to implementing cell-level encryption.

34 citations

Book
06 Apr 2011
TL;DR: This book covers all that a SQL Server database administrator needs to know about encryption and demonstrates advanced techniques such as the use of hardware security modules via extensible key management.
Abstract: Every day organizations large and small fall victim to attacks on their data. Encryption provides a shield to help defend against intruders. Because of increasing pressure from government regulators, consumers, and the business community at large, the job descriptions of SQL DBAs and developers are expanding to include encryption. Expert SQL Server 2008 Encryption will show you how to efficiently implement SQL Server 2008 encryption functionality and features to secure your organizational data. Introduces encryption, guiding readers through its implementation in SQL Server Demonstrates advanced techniques such as the use of hardware security modules Covers all that a SQL Server database administrator needs to know about encryption What you'll learn Take advantage of hardware security modules via extensible key management Implement targeted encryption of individual columns Secure an entire database at once with Transparent Data Encryption Encrypt disk volumes using BitLocker encryption Effectively design and manage encryption as part of your total security solution Digitally sign documents stored in your database Who is this book for? The audience for this book includes SQL Server DBAs, SQL developers, and .NET developers who want to take advantage of the powerful encryption functionality available in SQL Server 2008. The new features of SQL Server 2008 provide a powerful set of tools to secure your most sensitive data, helping protect it from theft.

6 citations

Book ChapterDOI
01 Jan 2009
TL;DR: This book discusses encryption features that cover the spectrum from column- level encryption to database-level encryption, with support for external hardware security modules in SQL Server 2008, and provides a complete toolset for securing data at any storage granularity.
Abstract: SQL Server 2008 provides the most comprehensive set of encryption technologies of any SQL Server release to date The newest release of SQL Server implements encryption features that cover the spectrum from column-level encryption to database-level encryption, with support for external hardware security modules In addition, Windows Vista and Windows Server 2008 provide encryption support via Encrypting File System and BitLocker encryption This combination of options provides a complete toolset for securing your data at any storage granularity—cell-level, database-level, or an entire volume In this book, I’ll discuss all of these features for securing your SQL Server-based data

5 citations

Book
01 Jan 2007
TL;DR: Discussing new and existing features, SQL Server designer and administrator Michael Coles takes you on an expert guided tour of TransactSQL functionality in SQL Server 2008 in his book Pro TSQL 2008 Programmers Guide.
Abstract: Discussing new and existing features, SQL Server designer and administrator Michael Coles takes you on an expert guided tour of TransactSQL functionality in SQL Server 2008 in his book Pro TSQL 2008 Programmers Guide. Fully functioning examples and downloadable source code bring Coles technically accurate and engaging treatment of TransactSQL into your own hands. Stepbystep explanations ensure clarity, and an advocacy of bestpractices will steer you down the road to success. Pro TSQL 2008 Programmers Guide is every developers key to making full use of SQL Server 2008s powerful, builtin TransactSQL language. TransactSQL is the language developers and DBAs use to interact with SQL Server. Its used for everything from querying data, to writing stored procedures, to managing the database. New features in SQL Server 2008 include a spatial data type, SQLCLR integration, the MERGE statement, a dramatically improved and marketleading XML feature set, and support for encryptionall of which are covered in this book What youll learn Write stored procedures, functions, and triggers using TransactSQL Apply bestpractices when centralizing procedural logic inside your SQL Server database. Seamlessly work with XML data using XQuery, XPath, and the XML type. Use SQLCLR to write .NET code that runs inside SQL Server. Implement fulltext search within your database. Load data more efficiently using the new MERGE statement. Learn about the new geography type for storing spatial data. Who is this book for? Pro TSQL 2008 Programmers Guide is written for SQL Server and TransactSQL developers who want to implement bestpractices and take full advantage of all that SQL Server has to offer. .NET programmers will find the book helpful in showing how to run .NET code within SQL Server. Database administrators who need to write triggers and the occasional stored procedure will also benefit from the book. About the Apress Pro Series The Apress Pro series books are practical, professional tutorials to keep you on and moving up the professional ladder. You have gotten the job, now you need to hone your skills in these tough competitive times. The Apress Pro series expands your skills and expertise in exactly the areas you need. Master the content of a Pro book, and you will always be able to get the job done in a professional development project. Written by experts in their field, Pro series books from Apress give you the hardwon solutions to problems you will face in your professional programming career. Related Titles SQL Server 2008 Transact-SQL Recipes: A Problem-Solution Approach Pro SQL Server 2008 XML Accelerated SQL Server 2008 Beginning SQL Server 2008 for Developers: From Novice to Professional

5 citations

Book
01 Nov 2008
TL;DR: Introducing powerful Integrated FullText Search features in SQL Server such as the FREETEXT and CONTAINS predicates, custom thesauruses, and stop lists and showing you how to optimize fulltext query performance through features like fulltext indexes and iFilters.
Abstract: Businesses today want actionable insights into their datathey want their data to reveal itself to them in a natural and userfriendly form. What could be more natural than human language? Naturallanguage search is at the center of a storm of everincreasing webdriven demand for humancomputer communication and information access. SQL Server 2008 provides the tools to take advantage of the features of its builtin enterpriselevel naturallanguage search engine in the form of Integrated FullText Search (iFTS). Integrated FullText Search uses textaware relational queries to provide your users with fast access to content. Whether you want to set up an enterprisewide Internet or intranet search engine or create less ambitious naturallanguage search applications, this book will teach you how to get the most out of SQL Server 2008 Integrated FullText Search: Introducing powerful Integrated FullText Search features in SQL Server such as the FREETEXT and CONTAINS predicates, custom thesauruses, and stop lists Showing you how to optimize fulltext query performance through features like fulltext indexes and iFilters Providing examples that help you understand and apply the power of Integrated FullText Search in your daily projects What youll learn Harness the power of iFTS for your applications. Administer iFTS catalogs and indexes. Use new iFTS features such as stop lists and iFTSbased dynamic management functions. Optimize and tune iFTS queries. Implement languageaware, naturallanguage searches for data. Simplify searches of structured and unstructured content. Who is this book for? The audience for this book includes SQL Server SQL and TransactSQL developers, and also .NET developers, who want to take advantage of the new Integrated FullText Search (iFTS) functionality available in SQL Server 2008. About the Apress Pro Series The Apress Pro series books are practical, professional tutorials to keep you on and moving up the professional ladder. You have gotten the job, now you need to hone your skills in these tough competitive times. The Apress Pro series expands your skills and expertise in exactly the areas you need. Master the content of a Pro book, and you will always be able to get the job done in a professional development project. Written by experts in their field, Pro series books from Apress give you the hardwon solutions to problems you will face in your professional programming career.

3 citations


Cited by
More filters
Journal ArticleDOI
TL;DR: This paper aims to present a generalized view of complete big data system which includes several stages and key components of each stage in processing the big data, and systematically investigates big data tools and technologies including distributed/cloud-based stream processing tools in a comparative approach.
Abstract: The traditional databases are not capable of handling unstructured data and high volumes of real-time datasets Diverse datasets are unstructured lead to big data, and it is laborious to store, manage, process, analyze, visualize, and extract the useful insights from these datasets using traditional database approaches However, many technical aspects exist in refining large heterogeneous datasets in the trend of big data This paper aims to present a generalized view of complete big data system which includes several stages and key components of each stage in processing the big data In particular, we compare and contrast various distributed file systems and MapReduce-supported NoSQL databases concerning certain parameters in data management process Further, we present distinct distributed/cloud-based machine learning (ML) tools that play a key role to design, develop and deploy data models The paper investigates case studies on distributed ML tools such as Mahout, Spark MLlib, and FlinkML Further, we classify analytics based on the type of data, domain, and application We distinguish various visualization tools pertaining three parameters: functionality, analysis capabilities, and supported development environment Furthermore, we systematically investigate big data tools and technologies (Hadoop 30, Spark 23) including distributed/cloud-based stream processing tools in a comparative approach Moreover, we discuss functionalities of several SQL Query tools on Hadoop based on 10 parameters Finally, We present some critical points relevant to research directions and opportunities according to the current trend of big data Investigating infrastructure tools for big data with recent developments provides a better understanding that how different tools and technologies apply to solve real-life applications

88 citations

Proceedings ArticleDOI
13 Apr 2015
TL;DR: A prototype of Cipherbase is presented that uses FPGAs to provide secure processing and the system engineering details implemented to achieve competitive performance for transactional workloads are described.
Abstract: Cipherbase is a comprehensive database system that provides strong end-to-end data confidentiality through encryption. Cipherbase is based on a novel architecture that combines an industrial strength database engine (SQL Server) with lightweight processing over encrypted data that is performed in secure hardware. The overall architecture provides significant benefits over the state-of-the-art in terms of security, performance, and functionality. This paper presents a prototype of Cipherbase that uses FPGAs to provide secure processing and describes the system engineering details implemented to achieve competitive performance for transactional workloads. This includes hardware-software co-design issues (e.g. how to best offer parallelism), optimizations to hide the latency between the secure hardware and the main system, and techniques to cope with space inefficiencies. All these optimizations were carefully designed not to affect end-to-end data confidentiality. Our experiments with the TPC-C benchmark show that in the worst case when all data are strongly encrypted, Cipherbase achieves 40% of the throughput of plaintext SQL Server. In more realistic cases, if only critical data such as customer names are encrypted, the Cipherbase throughput is more than 90% of plaintext SQL Server.

64 citations

Proceedings ArticleDOI
22 Jun 2013
TL;DR: In this demonstration the functionality of Cipherbase is outlined --- a full fledged SQL database system that supports the full generality of a database system while providing high data confidentiality.
Abstract: Data confidentiality is one of the main concerns for users of public cloud services. The key problem is protecting sensitive data from being accessed by cloud administrators who have root privileges and can remotely inspect the memory and disk contents of the cloud servers. While encryption is the basic mechanism that can leveraged to provide data confidentiality, providing an efficient database-as-a-service that can run on encrypted data raises several interesting challenges. In this demonstration we outline the functionality of Cipherbase --- a full fledged SQL database system that supports the full generality of a database system while providing high data confidentiality. Cipherbase has a novel architecture that tightly integrates custom-designed trusted hardware for performing operations on encrypted data securely such that an administrator cannot get access to any plaintext corresponding to sensitive data.

59 citations

Journal Article
TL;DR: The real-time experimental evaluations have proven the applicability of the proposed mechanism pertaining to the security assurance and the consumed resources of the target IoT devices.
Abstract: Internet of Things (IoT) devices have grown up to comprise embedded systems and sensors with the ability to connect, collect, and transmit data over the Internet. Although, solutions to secure IoT systems exist, Class-0 IoT devices with insufficient resources to support such solutions are considered too resource constrained for a secure communication. This paper provides a distributed security mechanism that targets Class-0 IoT devices. The research goal is to secure the entire data path in two segments; device-to-gateway and gateway-to-server data communications. The main concern in the provided solution is that lighter security operations with minimal resource requirements are performed in the device, while heavier tasks are performed in the gateway side. The proposed mechanism utilizes a symmetric encryption for data objects combined with the native wireless security to offer a layered security mechanism between the device and the gateway. In the offered solution, the IoT gateways provide additional protection by securing data using Transport Layer Security (TLS). The real-time experimental evaluations have proven the applicability of the proposed mechanism pertaining to the security assurance and the consumed resources of the target IoT devices.

50 citations

Journal ArticleDOI
TL;DR: This article designed and implemented a prototype of a health self-management service for chronically ill people that supports patients with diabetes at tracking their blood glucose levels, and describes the requirements that drove the system's development, its architecture, and design decisions.
Abstract: Chronic medical conditions take a huge toll on lives of a growing number of people and are a major contributor to the rising costs in healthcare. As patients are increasingly willing to take an active part in managing their conditions, chronic disease self-management programs and information systems that support them are recognized for their potential to improve the quality of healthcare delivery. These programs often rely on recording longitudinal patient data and analyzing it. Therefore, maintaining appropriate data quality is important for self-management programs to be efficient and safe. We designed and implemented a prototype of a health self-management service for chronically ill people. It is a distributed application that supports patients with diabetes at tracking their blood glucose levels. The main design goals were usability, extensibility, security, and interoperability. The system integrates with the Microsoft HealthVault and Google Health personal health record platforms. It utilizes industry-strength storage and security mechanisms, is scalable, and as a result, can be used to gather, securely store, and analyze patient data over long periods of time. In this article we examine how software information technology can support chronic disease self-management and its impact on the quality of patient data. Furthermore, we describe the requirements that drove the system's development, its architecture, and design decisions.

44 citations