Showing papers on "Data access published in 1997"

System for controlling access and distribution of digital property

Abstract: A method and device are provided for controlling access to data. Portions of the data are protected and rules concerning access rights to the data are determined. Access to the protected portions of the data is prevented, other than in a non-useable form; and users are provided access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. A method is also provided for distributing data for subsequent controlled use of those data. The method includes protecting portions of the data; preventing access to the protected portions of the data other than in a non-useable form; determining rules concerning access rights to the data; protecting the rules; and providing a package including: the protected portions of the data and the protected rules. A user is provided controlled access to the distributed data only in accordance with the rules as enforced by a mechanism protected by tamper protection. A device is provided for controlling access to data having protected data portions and rules concerning access rights to the data. The device includes means for storing the rules; and means for accessing the protected data portions only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data.

Lore: a database management system for semistructured data

Abstract: Lore (for Lightweight Object Repository) is a DBMS designed specifically for managing semistructured information. Implementing Lore has required rethinking all aspects of a DBMS, including storage management, indexing, query processing and optimization, and user interfaces. This paper provides an overview of these aspects of the Lore system, as well as other novel features such as dynamic structural summaries and seamless access to data from external sources.

Method and apparatus for scalable, high bandwidth storage retrieval and transportation of multimedia data on a network

Abstract: An improved system and method for providing multimedia data in a networked system is disclosed. The present invention provides a platform for distributed client-server computing and access to data over asymmetric real-time networks. A service mechanism allows applications to be split such that client devices (set-top boxes, personal digital assistants, etc.) can focus on presentation, while backend services running in a distributed server complex, provide access to data via messaging across an abstracted interface.

Multiple remote data access security mechanism for multitiered internet computer networks

Abstract: A system and method for managing client authorization to access remote data repositories through a middle tier server such as a web server. Client remote data repository access is intercepted by the middle tier server and the server is searched for stored credentials permitting client access to the remote data repository. If found, the stored credentials are used to authenticate access without further interaction with the client system. If no stored credentials are found, the server requests credentials from the client and passes them to the remote data repository for validation. Validated credentials are stored by the server for future use and indexed by a client identifier. Permitted remote data repository access is stored with the validated credentials. Access to a mounted remote file system is not permitted without authorization even if the remote file system would not otherwise require authorization.

Dynamic modeling for resource allocation in a file server

Abstract: Resources in a file server are allocated by dynamically modeling a configuration of data handling components in the file server and routings of data streams through the data handling components. The dynamic model is a computer model maintained in memory by a controller of the file server. For example, the dynamic model is a directed acyclic graph in which nodes represent the data handling components and edges represent data stream paths. Each node has a list of resources and current allocations of the resources. Associated with each active data stream is a list of pointers to the nodes and current allocations for the data stream. The controller of the file server has programs for automatically creating the dynamic model, modifying the dynamic model in response to component changes such as component failures, enforcing a scheduling and admissions policy by allocating resources for a path for a data stream during a search through the dynamic model in response to a client request for data access, de-allocating resources in response to an end-of-stream condition, and balancing allocations of resources to data streams in order to free resources to allocate a path for a requested data stream. The dynamic model is created automatically by collecting information about what components are installed in the file server, the resources of the installed components, and connections between the installed components.

Representing and reasoning about semantic conflicts in heterogeneous information systems

Abstract: The scCOntext scINterchange (scCOIN) strategy (Sciore et al., 1994, Siegel and Madnick, 1991) presents a novel perspective for mediated data access in which semantic conflicts among heterogeneous systems are not identified a priori, but are detected and reconciled by a Context Mediator through comparison of contexts associated with any two systems engaged in data exchange. In this Thesis, we present a formal characterization and reconstruction of this strategy in a scCOIN framework, based on a deductive object-oriented data model and language called scCOIN. The scCOIN framework provides a logical formalism for representing data semantics in distinct contexts. We show that this presents a well-founded basis for reasoning about semantic disparities in heterogeneous systems. In addition, it combines the best features of loose- and tight-coupling approaches in defining an integration strategy that is scalable, extensible and accessible. These latter features are made possible by teasing apart context knowledge from the underlying schemas whenever feasible, by enabling sources and receivers to remain loosely-coupled to one another, and by sustaining an infrastructure for data integration. The feasibility and features of this approach have been demonstrated in a prototype implementation which provides mediated access to traditional database systems (e.g., Oracle databases) as well as semi-structured data (e.g., Web-sites). (Copies available exclusively from MIT Libraries, Rm. 14-0551, Cambridge, MA 02139-4307. Ph. 617-253-5668; Fax 617-253-1690.)

Multimedia product catalog and electronic purchasing system

Abstract: An electronic system that provides multimedia product presentations in real-time, by combining locally-stored data and data received from a remote server. Large volumes of data, representing product information such as motion images and sound, are stored locally on the system's data storing unit for fast data access. Small volumes of product time-variable data are received over a network from a remote server, which also has a transaction management function. The purchasing system combines the local and received data in order to provide both real-time and up-to-date product information to customers. Two versions of the purchasing system are provided. The first one is a multimedia public purchasing kiosk for use in malls and shopping centers. The second one is a PC-based purchasing system, equipped with multimedia capabilities. It uses a purchasing application which is distributed beside the large volumes of product-related data on a portable support such as a CD-ROM and which is intended for personal use, at home, on the customer's PC.

Data access system

Abstract: A method of automatically creating a database (112) on the basis of a set of category headings is described, where a set of keywords is provided for each category heading. The keywords are used by a processing platform (100) to define searches to be carried out on a plurality of search engines (130a, 130b, 130c) connected to the processing platform (100) via the Internet (120). The search results are processed by the processing platform (100) to identify the URLs embedded in the search results. The URLs are then used to retrieve the pages to which they refer from remote data sources in the Internet (120). The processing platform (100) then filters and scores the pages to determine which pages are the most relevant to the original categories. Internet location information for the most relevant pages is stored in the database (112).

Interface layer for navigation system

Abstract: An improved method and system that provides for a data access interface layer in a navigation system. The navigation system is of the type that includes a navigation application software program that provides navigating features to a user of the system and a geographic database stored on a computer-readable storage medium wherein the geographical database includes information relating to the geographical region about which the navigation system provides the navigation features to the user. The data access interface layer is preferably stored in the navigation system as a library of software functions. The data access interface layer operates in conjunction with the navigation system application software. The data access interface layer isolates the navigation application software from the geographic data which are stored on the storage medium. The data access interface layer intercepts requests by the navigation application software for geographic data. The data access interface layer retrieves geographic data from the storage medium and converts the data into a format usable by the navigation application software. The data access interface layer also provides for memory management that facilitates accessing and using geographic data from the particular storage medium quickly and efficiently. By recognizing that different media types have different physical formats, the data access interface layer accommodates and isolates the differences so that the portions of the data access interface layer that interact with the navigation application software can be generic.

Decentralized remotely encrypted file system

Abstract: A decentralized file system based on a network of remotely encrypted storage devices is disclosed. The file system includes a network to which a network client, a secure remotely encrypted storage device, a key manager, and a lock manager are attached. The system organizes data as files and directories. Files or directories are composed of one or more streams, which logically partition the data associated with the files or directories. The device serves as a repository of the system's data. The key manager controls data access keys while the lock manager handles consistency of the files. A network user may have read or write access to a file. Access is controlled using keys and access lists maintained by the key manager.

MineSet: an integrated system for data mining

Abstract: MineSet™, Silicon Graphics' interactive system for data mining, integrates three powerful technologies: database access, analytical data mining, and data visualization. It supports the knowledge discovery process from data access and preparation through iterative analysis and visualization to deployment. Mine-Set is based on a client-server architecture that scales to large databases. The database access component provides a rich set of operators that can be used to preprocess and transform the stored data into forms appropriate for visualization and analytical mining. The 3D visualization capabilities allow direct data visualization for exploratory analysis, including tools for displaying high-dimensional data containing geographical and hierarchical information. The analytical mining algorithms help identify potentially interesting models of the data, which can be viewed using visualization tools specialized for the learned models. Third party vendors can interface to the MineSet tools for model deployment and for integration with other packages.

Multi-view personalized communications agent

Abstract: A data access and retrieval system comprises a plurality of user data sources each storing electronic data signals describing data specific to a user, or enabling services selected by a user; an agent device which is configurable to select individual ones of the user data sources and present selections of user data and service data to a set of callers who may interrogate the agent device remotely over a communications network; a plurality of service terminals capable of communicating with the agent device over a communications network the service terminals operable by said callers; and a plurality of key devices, storing caller information and security code information for enabling remote access of selections of user data and/or services to be transmitted over a communications network to a caller located at a said service terminal.

Data collection and dissemination system

Abstract: A data collection and dissemination system, in which one or more portable data terminals enter or disseminate data through a wireless access point to which they are communicatively coupled. The wireless access point is also coupled to a portable server for storing and retrieving the information requested by the portable data terminals. The portable server maintains a database for the purposes of storing data from and retrieving data for the portable data terminals. The portable data terminals initiate a transaction with the portable server via communication with the wireless access point. The portable data servers formulate a request to retrieve or store data using a database query. The database query is transmitted to the wireless access point, from which the query is directed to the portable server, which then stores or transmits the requested data. The portable server is connected to other networks and is able to access data on data retrieval devices on these networks, as the data retrieval devices on these networks may also access the data on the portable server. Thus, a wide area network, such as the Internet, provides a backbone network through which the mobile units can communicate to the database server. The mobile units can access data from other mobile units, as other database servers on the networks may also access the data also.

System and method for remote, wireless positive identity verification

Abstract: Disclosed is a system and method of providing system integrity and positive audit capabilities to a positive identification system. The use of access authority information units to gain access to the positive identification system solves the problems of open, unsecured and unauditable access to data for use in point of use identification systems and enables the system to be implemented in a mobile embodiment, which would expand system uses to applications using wireless communications links between the point of identification terminal and a remote identification database. In order to secure the rights to the data that is needed to make mass identification systems operate, it must be shown that records will be closed and secure, as well as that there will be an audit trail of access that is made to the data. This system solves those problems through the use of a system and method for identification with biometric data and/or personal identification numbers and/or personalized devices embedded with codes unique to their assigned users.

Ultrasonic diagnostic imaging system with data access and communications capability

Abstract: An ultrasonic diagnostic imaging system is provided which is capable of accessing images and information from internal or external databases by means of a browser. Access to such images or information may be over a local network or over a worldwide network such as the Internet. The browser may be used to pull in system preset data or reference images from a reference image library, for instance.

The Context Interchange mediator prototype

Abstract: The Context Interchange strategy presents a novel approach for mediated data access in which semantic conflicts among heterogeneous systems are not identified a priori, but are detected and reconciled by a context mediator through comparison of contexts. This paper reports on the implementation of a Context Interchange Prototype which provides a concrete demonstration of the features and benefits of this integration strategy.

Diagnostic system for a distributed data access networked system

Abstract: A diagnostic system for a data access networked system (e.g., an Internet/Intranet access networked system) is described. The data access networked system includes a number of data service systems coupled together. Each of the data service systems is independently administrated. The diagnostic system includes a number of diagnostic modules, each running a number of diagnostic tests within one of the data service systems upon receiving a diagnostic request. The diagnostic modules also transmit the diagnostic request and diagnostic results to one another using an open standard communication protocol. The diagnostic system also includes a diagnostic terminal that is coupled to a first diagnostic module of the diagnostic modules to generate the diagnostic request to the first diagnostic module and to display the diagnostic results received from the first diagnostic module. A diagnostic system for a data service system of a data access networked system is also described.

Indexed sequential data broadcasting in wireless mobile computing

Abstract: Energy saving is one of the most important issues in wireless mobile computing. Among others, one viable approach to achieving energy saving is to use an indexed data organization to broadcast data over wireless channels to mobile units. We explore the issue of indexing data with skewed access for sequential broadcasting in wireless mobile computing. We propose methods to build index trees based on access frequencies of data records. To minimize the average cost of index probes, we consider two cases: one for fixed index fanouts and the other for variant index fanouts, and devise algorithms to construct index trees for both cases. We show that the cost of index probes can be minimized not only by employing an imbalanced index tree that is designed in accordance with data access skew, but also by exploiting variant fanouts for index nodes.

Scalable, distributed data mining—an agent architecture

Abstract: Scalability determines the potential in distributing both data and computation in data mining. The PADMA (PArallel Data Mining Agents) architecture will be described, along with experiments on text to address scalability. PADMA agents offer parallel data access, and hierarchical clustering, with results visualized through a JAVA web-interface.

Patient-Centered Access to Secure Systems Online (PCASSO): a secure approach to clinical data access via the World Wide Web.

Abstract: The Internet's World-Wide Web (WWW) provides an appealing medium for the communication of health related information due to its ease of use and growing popularity. But current technologies for communicating data between WWW clients and servers are systematically vulnerable to certain types of security threats. Prominent among these threats are "Trojan horse" programs running on client workstations, which perform some useful and known function for a user, while breaching security via background functions that are not apparent to the user. The Patient-Centered Access to Secure Systems Online (PCASSO) project of SAIC and UCSD is a research, development and evaluation project to exploit state-of-the-art security and WWW technology for health care. PCASSO is designed to provide secure access to clinical data for healthcare providers and their patients using the Internet. PCASSO will be evaluated for both safety and effectiveness, and may provide a model for secure communications via public data networks.

Method of pre-caching or pre-fetching data utilizing thread lists and multimedia editing systems using such pre-caching

Abstract: A method of pre-caching data using thread lists, and a multi-media editing system using such a pre-caching method, are disclosed. A list of data which will be required by a host application is passed to a data storage device such as a hard disk drive, CDROM drive, or other data storage device. The data storage device locates the data and stores it in its own storage device buffer. Thus, the data is immediately available when requested by the host. The pre-caching method may be used in a multimedia or video editing system to quickly retrieve data from storage devices. The thread list may include a video thread, an audio thread and a data access parameter reflecting host data application requirements. The data access parameter may include at least one of data prioritization, cache management, error processing including resend capability, and data supply rate. The thread list may also include data specifying a percentage of the storage device buffer to be reserved for read ahead data and a percentage of the storage device buffer to be reserved for data which has been previously provided to the host computer.

Method and system allowing direct data access to a shared data storage subsystem by heterogeneous computing systems

Abstract: A method and system are provided which allow heterogeneous computing systems to have direct access to the same data storage areas on a shared data storage subsystem such that the method and system are transparent to the heterogeneous computing systems. The method and system achieve the foregoing via the following steps. A data storage subsystem controller queries all computing systems having direct access to the same data storage areas of a shared data storage subsystem as to the operating systems utilized by such computing systems. In response to answers received in response to the queries, the data storage subsystem controller creates and stores meta-data which associates each computing system having direct access with whatever operating system is running on each computing system having direct access. In response to a request from a computing system having direct access for access to a data storage area within the shared data storage subsystem, the data storage subsystem controller retrieves the stored meta-data associated with the computing system which is requesting access to a data storage area within the shared data storage subsystem. The data storage subsystem controller utilizes the retrieved meta-data to correctly interpret and respond to the request for access to a data storage area in a manner consonant with the operating system of the computing system which is requesting access to a data storage area within said shared data storage subsystem.

Method and system for managing access to data through data transformation

Abstract: In providing a system that can manage access to data to effectively prevent illegal access to the data or the like, there is provided a system for embedding access management information that prepares management information for managing access to the data, and embeds the management information in the data through data transformation without changing amount of data. In managing access to data, there is provided a method that extracts management information embedded in the data through data deformation without changing amount of data, and manages access to the data according to the extracted management information. There is also provided a method for changing management of access to the data according to the type of medium in which the data is stored (RAM or ROM). The management information further contains information for controlling recording of the data, reception of the data, playback of the data, interference of output of the data, duplication history of the data, or modification of the management information. The access management method can prevent illegal duplication of data or the like, and can effectively protect a work.

Database Caching Over the Air-Storage

Abstract: Previous research on broadcast databases in a mobile computing environment utilizing wireless channels has been focused on mechanisms for a mobile client to selectively pick database items in which the client is interested from a broadcast channel. The fundamental issue of identifying the appropriate database items for broadcast or refrained from being broadcast have largely been ignored. In this paper, we consider the concept of 'air-storage', by treating the wireless broadcast media as a layer of cache storage. Broadcasting database items over the air-storage becomes similar in spirit to the caching of database items from the database server. Similarly, determining which database items need to be broadcast or refrained from being broadcast becomes similar in nature to cache management. Existing caching mechanisms are reviewed and management issues specific to the new air-storage are raised and discussed. In view of new issues in air-storage management, we propose and investigate several mechanisms in selecting the proper database items to be placed over this new layer of air-storage under a variety of data access patterns. Finally, the effectiveness of the mechanisms is evaluated by means of simulated experiments and the results are discussed.

Storage system with selective optimization of data location

Abstract: An information storage system having a volume managing function and including a magnetooptical disk auto-changer, the system having data location optimizing means for, in accordance with access speed at which an access of data is made from each of disks, performing an optimizing function for optimizing data location in a case where data is stored in the disk, a volume management table for collecting and storing statistical information of data accesses for determining validity of the optimizing function when each of the disks has made an access to data, and data optimization determination means for determining validity of the optimizing function in accordance with the statistical information of data accesses.

Secure transaction processing in firm real-time database systems

Abstract: Many real-time database applications arise in safety-critical installations and military systems where enforcing security is crucial to the success of the enterprise. A secure real-time database system has to simultaneously satisfy who requirements guarantee data security and minimize the number of missed transaction deadlines. We investigate here the performance implications, in terms of missed deadlines, of guaranteeing security in a real-time database system. In particular, we focus on the concurrency control aspects of this issue.Our main contributions are the following: First, we identify which among the previously proposed real-time concurrency control protocols are capable of providing protection against both direct and indirect (covert channels) means of unauthorized access to data. Second, using a detailed simulation model of a firm-deadline real-time database system, we profile the real-time performance of a representative set of these secure concurrency control protocols. Our experiments show that a prioritized optimistic concurrency control protocol. OPT-WAIT, provides the best overall performance. Third, we propose and evaluate a novel dual approach to secure transaction concurrency control that allows the real-time database system to simultaneously use different concurrency control mechanisms for guaranteeing security and for improving real-time performance. By appropriately choosing these different mechanisms, we have been able to design hybrid concurrency control algorithms that provide even better performance than OPT-WAIT.

Service interface repository code generation data

Abstract: A method, apparatus, and article of manufacture for generation of tools and applications for a computer network. An access server, executed by a first computer accesses interface definitions stored in a database. A data access library, coupled to the access server and executed by a second computer, provides the interface definitions to be stored in the database by the access server. A server, coupled to the data access library and executed by a third computer, sends requests to maintain and use stored interface definitions in the database. An set of code generation data, stored in the database, which allows developers to give hints to the programmer and/or the code generator for default values, validation specifications and GUI presentation hints for a given field.

A multiprocessing system configured to detect and efficiently provide for migratory data access patterns

Abstract: A computer system includes a directory at each node which stores coherency information for the coherency units for which that node is the home node. In addition, the directory stores a data access state corresponding to each coherency unit which indicates the data access pattern observed for that coherency unit. The data access state may indicate migratory or non-migratory data access patterns. If the coherency unit has been observed to have a migratory data access pattern, then read/write access rights are granted. Conversely, if the coherency unit has been observed to have non-migratory data access patterns, then read access rights are granted. The home node further detects the migratory and non-migratory data access patterns and selects transitions between the migratory and non-migratory data access states independent of the cache hierarchies within the nodes which access the affected coherency unit. In one embodiment, a pair of counters are employed for each coherency unit. One of the counters is incremented when the coherency unit is in the migratory data access state and a data migration is detected. The other counter is incremented when the coherency unit is in the non-migratory data access state and a data migration is detected. When one of the counters overflows, the home node transitions the data access state of the coherency unit to the alternate data access state.

Systems and methods for fault tolerant information processing

Abstract: A fault-tolerant management information system includes three or more data management systems (e.g. data base systems) that replicate data. Data access requests resulting from user requests to application systems are issued by user request processing entities and forwarded by interceptors to all the data management systems. Responses from the data management systems are obtained, and a maximum group of identical responses provides the correct response, even in the case of "soft" errors not flagged by error codes. Errors are reported to an administration system, and correction of the data base containing the errors is handled by a recovery server. Overall system performance is further enhanced by including data base query systems, which replicate the data. Data access requests resulting from data base query requests are issued by query systems to the data base query systems.

Method and apparatus for obtaining and displaying network server information

Abstract: Apparatus, methods, and computer program products are disclosed to simplify a computer user's navigation through a distributed information space. The invention provides the computer user with information identifying the server that provides access to data or services of interest to the user.