Showing papers on "Data access published in 2000"

Secure data interchange

Abstract: A secure data interchange system enables information about bilateral and multilateral interactions between multiple persistent parties to be exchanged and leveraged within an environment that uses a combination of techniques to control access to information, release of information, and matching of information back to parties. Access to data records can be controlled using an associated price rule. A data owner can specify a price for different types and amounts of information access.

Data Management in an International Data Grid Project

Abstract: In this paper we report on preliminary work and architectural design carried out in the "Data Management" work package in the International Data Grid project. Our aim within a time scale of three years is to provide Grid middleware services supporting the I/O-intensive world-wide distributed next generation experiments in High-Energy Physics, Earth Observation and Bioinformatics. The goal is to specify, develop, integrate and test tools and middleware infrastructure to coherently manage and share Petabyte-range information volumes in high-throughput production-quality Grid environments. The middleware will allow secure access to massive amounts of data in a universal name-space, to move and replicate data at high speed from one geographical site to another, and to manage synchronisation of remote copies. We put much attention on clearly specifying and categorising existing work on the Grid, especially in data management in Grid related projects. Challenging use cases are described and how they map to architectural decisions concerning data access, replication, meta data management, security and query optimisation.

Multi-access mode electronic personal assistant

Abstract: A system enables communication between server resources and a wide spectrum of end-terminals to enable access to the resources of both converged and non-converged networks via voice and/or electronically generated commands. An electronic personal assistant (ePA) incorporates generalizing/abstracting communications channels, data and resources provided through a converged computer/telephony system interface such that the data and resources are readily accessed by a variety of interface formats including a voice interface or data interface. A set of applications provides dual interfaces for rendering services and data based upon the manner in which a user accesses the data. An electronic personal assistant in accordance with an embodiment of the invention provides voice/data access to web pages, email, file shares, etc. A voice-based resource server authenticates a user by receiving vocal responses to one or more requests variably selected and issued by a speaker recognition-based authentication facility. Thereafter an application proxy is created.

Automatically Extracting Structure from Free Text Addresses.

Abstract: Wide-area distribution raises significant performance problems for traditional query processing techniques as data access becomes less predictable due to link congestion, load imbalances, and temporary outages. Pipelined query execution is a promising approach to coping with unpredictability in such environments as it allows scheduling to adjust to the arrival properties of the data. We have developed a non-blocking join operator, called XJoin, which has a small memory footprint, allowing many such operators to be active in parallel. XJoin is optimized to produce initial results quickly and can hide intermittent delays in data arrival by reactively scheduling background processing. We show that XJoin is an effective solution for providing fast query responses to users even in the presence of slow and bursty remote sources. 1 Wide-Area Query Processing The explosive growth of the Internet and the World Wide Web has made tremendous amounts of data available on-line. Emerging standards such as XML, combined with wrapper technologies address semantic challenges by providing relational-style interfaces to remote data. Beyond the issues of structure and semantics, however, there remain significant technical obstacles to building responsive, usable query processing systems for widearea environments. A key performance issue that arises in such environments is response-time unpredictability. Data access over wide-area networks involves a large number of remote data sources, intermediate sites, and communications links, all of which are vulnerable to overloading, congestion, and failures. Such problems can cause significant and unpredictable delays in the access of information from remote sources. These delays, in turn, cause traditional distributed query processing strategies to break down, resulting in unresponsive and hence, unusable systems. In previous work [AFTU96] we identified three classes of delays that can affect the responsiveness of query processing: 1) initial delay, in which there is a longer than expected wait until the first tuple arrives from a remote source; 2) slow delivery, in which data arrive at a fairly constant but slower than expected rate; and 3) bursty arrival, in which data arrive in a fluctuating manner. With traditional query processing techniques, query execution can become blocked even if only one of the accessed data sources experiences such delays. Copyright 2000 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. Bulletin of the IEEE Computer Society Technical Committee on Data Engineering This work was partially supported by the NSF under grant IRI-94-09575, by the Office of Naval Research under contract number N66001-97-C8539 (DARPA order number F475), by a Siemens Faculty Development Award, and by an IBM Partnership Award.

Specifying and enforcing access control policies for XML document sources

Abstract: The Web is becoming the main information dissemination means in private and public organizations. As a consequence, several applications at both internet and intranet level need mechanisms to support a selective access to data available over the Web. In this context, developing an access control model, and related mechanisms, in terms of XML (eXtensible Markup Language) is an important step, because XML is increasingly used as the language for representing information exchanged over the Web. In this paper, we propose access control policies and an associated model for XML documents, addressing peculiar protection requirements posed by XML. A first requirement is that varying protection granularity levels should be supported to guarantee a differentiated protection of document contents. A second requirement arises from the fact that XML documents do not always conform to a predefined document type. To cope with these requirements, the proposed model supports varying protection granularity levels, ranging from a set of documents, to a single document or specific document portion(s). Moreover, it allows the Security Administrator to choose different policies for documents not covered or only partially covered by the existing access control policies for document types. An access control mechanism for the enforcement of the proposed model is finally described.

Remote data access and management system utilizing handwriting input

Abstract: A spreadsheet and a browser on a portable computer accept data from an input recognizer, including a non-cursive handwriting recognizer or a speech recognizer and communicate data directly with another computer or over the Internet using wireless media such as radio and infrared frequencies or over a landline. The computer is endowed with a plurality of built-in or snap-on expansion accessories to enhance the data capture capability as well as the ease of reading data from the limited screen of the present invention. These accessories include a camera, a scanner, a voice recorder or voice capture unit, and a remote large screen television. The camera and scanner allows visual data to be capture, the voice recorder allows the user to make quick verbal annotations into a solid state memory to minimize the main memory requirements, while the voice capture unit allows the voice to be captured into memory for subsequent transmission over the Internet or for voice recognition purposes. The spreadsheet or database receives data from the Internet or from the accessories and further can graph or manipulate the data entered into the spreadsheet as necessary. Furthermore, the database has a smart search engine interface which performs fuzzy search such that inexact queries can still result in matches. The smart search engine thus allows users to locate information even though the exact spelling or concept is not known. To minimize user's work in locating information to analyze, the spreadsheet and database can spawn and train an intelligent agent to capture data from a suitable remote source such as the Internet and transmit the data to the spreadsheet or browser for further analysis. Alternatively, the user can capture data directly by scanning or dictating the information into the spreadsheet or browser. In another aspect of the invention, a pan and zoom capability is provided to provide the user with an appropriately scaled view of the data for ease of reading. Alternatively, when the portable computer is within range of a larger display device such as an appropriately equipped television display or a personal computer with a larger display, the present invention's wireless link transmits the video information to the larger display to allow the user to view data the larger display unit. Similarly, the present invention provides a remote stereo receiver adapted to receive sound data stream from the portable computer and driving high quality speakers to support multimedia applications on the portable computer.

AJAX: an extensible data cleaning tool

Abstract: @ that permits users to determine the source and processing of data for debugging purposes.We will present the AJAX system applied to two real world problems: the consolidation of a telecommunication database, and the conversion of a dirty database of bibliographic references into a set of clean, normalized, and redundancy free relational tables maintaining the same data.

Remote data access and system control

Abstract: A system for enabling a user to monitor and control a remote equipment site over the Internet. All user access is through modules, or servlets (114), placed on a central server (100) to prevent the central server software from being directly accessed. Several levels of access are provided, through the use of codes (110), to prevent unauthorized access. The central server (100) has bi-directional communication with the remote units (122) that are connected to, and communicate with, the field equipment (124). The central server (100) can notify the user of problems or current status through the use of notification means. The central server (100) automatically contacts, and/or receives data from, each user's remote unit (122) on a predetermined schedule and updates data (112) from each remote unit. The central server software also enables the user to request a data update from the remote filed unit (122).

Peer-to-peer caching network for user data

Abstract: A network topology is described which supports the peer-to-peer storage of user-generated applications data at multiple nodes in a virtual private network. In one embodiment, the network supports Application Service Provider applications. In one embodiment, user data is redundantly stored at multiple locations. If a user logs-in to a location which does not store the user's data, the network automatically causes that data to be downloaded from another node. In one embodiment, data is stored in a hierarchical file structure which allows the isolation of data on an application, user or enterprise basis, with access to data being governed by mechanisms which limit the ability of a user or application to gain access to data generated by other users or other applications. In one embodiment, data is synchronized between nodes whenever a user changes data at one node, by causing the data to be downloaded from that node to all other nodes holding the user's data. In one embodiment, the network includes means to insure that certain critical fields contain the same value across nodes.

Flash memory having data blocks, spare blocks, a map block and a header block and a method for controlling the same

Abstract: A flash memory and a method for controlling the same are disclosed. The flash memory has units, each of which includes a plurality of data blocks for writing data; a plurality of spare blocks emptied for writing updated data of the data blocks; a map block for designating an actual location in which data is written; and a header block for recording flash memory information and unit information. The method, in the case of updating data of a data block, first writes update data into an empty spare block in the same unit, updates mapping information of the map block, and updates state information of a previous block, so that a user can have access to data by using the same address and there is no need of deleting a unit every time the block is updated. Therefore, the present invention enhances an efficiency of writing and updating data while reducing the number of delete times.

System and methods for permitting open access to data objects and for securing data within the data objects

Abstract: A system and methods for permitting open access to data objects and for securing data within the data objects is disclosed. According to one embodiment of the present invention, a method for securing a data object is disclosed. According to one embodiment of the present invention, a method for securing a data object is disclosed. The method includes the steps of (1) providing a data object comprising digital data and file format information; (2) embedding independent data into a data object; and (3) scrambling the data object to degrade the data object to a predetermined signal quality level. The steps of embedding and scrambling may be performed until a predetermined condition is met. The method may also include the steps of descrambling the data object to upgrade the data object to a predetermined signal quality level, and decoding the embedded independent data.

Performance modeling of distributed and replicated databases

Abstract: The paper surveys performance models for distributed and replicated database systems. Over the last 20 years (1980-2000), a variety of such performance models have been developed and they differ in: (1) which aspects of a real system are or are not captured in the model (e.g., replication, communication, nonuniform data access, etc.); and (2) how these aspects are modeled. We classify the different alternatives and modeling assumptions and discuss their interdependencies and expressiveness for the representation of distributed databases. This leads to a set of building blocks for analytical performance models. To illustrate the work that is surveyed, we select a combination of these proven modeling concepts and give an example of how to compose a balanced analytical model of a replicated database. We use this example to show how to derive meaningful performance values and to discuss the applicability and expressiveness of performance models for distributed and replicated databases. Finally, we compare the analytical results to measurements in a distributed database system.

System and method for data rights management

Abstract: A system and method for data rights management across multiple data rights management architectures is disclosed. The system and method solves the problems posed by multiple incompatible data rights management architectures. In particular, a data rights management clearing house is provided that generates permits, permit classes, and enables content packaging across multiple data rights management architectures. Consumers may acquire rights to content packaged with different data rights management architecture from the single data rights management clearing house. Additionally, the system and method enables content packagers to package content with multiple data rights management architectures. Finally, the data rights management clearing house provides consumers with a single location from which to manage data access rights and restore data access rights that have been lost.

Method and apparatus for locating inter-enterprise resources using text-based strings

Abstract: A standard format is provided for a text string called an enterprise identifier, which acts as a handle to access resources from disparate sources and technologies. Enterprise identifiers use extensible markup language format to allow a resource identifier to be created manually without accessing the resource. The identifier may be passed between enterprises via business-to-business connection, e-mail, telephone, or facsimile. Data may be extracted from the identifier for display or programmatic use without accessing the resource, thus avoiding unnecessary data access and transfer

Ensuring privacy in presence awareness: an automated verification approach

Abstract: Providing information about other users and their activites is a central function of many collaborative applications. The data that provide this "presence awareness" are usually automatically generated and highly dynamic. For example, services such as AOL Instant Messenger allow users to observe the status of one another and to initiate and participate in chat sessions. As such services become more powerful, privacy and security issues regarding access to sensitive user data become critical. Two key software engineering challenges arise in this context:Policies regarding access to data in collaborative applications have subtle complexities, and must be easily modifiable during a collaboration.Users must be able to have a high degree of confidence that the implementations of these policies are correct.In this paper, we propose a framework that uses an automated verification approach to ensure that such systems conform to complex policies. Our approach takes advantage of VeriSoft, a recent tool for systematically testing implementations of concurrent systems, and is applicable to a wide variety of specification and development platforms for collaborative applications. we illustrate the key features of our framework by applying it to the development of a presence awareness system.

Virtual structure data repository and directory

Abstract: The present invention relates to a computer accessible system for electronically storing a model which communicates the physical attributes of a structure along with warranty, insurance and other information relative to that structure. The system of the present invention integrates physical information in a model which is displayed as a physical representation of the structure with other non-physical information. Selecting specific areas of the model provides access to data regarding physical or non-physical characteristics of that area of the structure and the contents thereof. Data relevant to warranties, insurance, maintenance or other information can be accessed by selecting portions of the model or indices attached or related to that portion. Equipment, appliances and other items within the structure may also be controlled by access through the computer model. Systems of the present invention allow multiple users to remotely access the information and model via a computer network, such as the Internet, in order to make informed decisions regarding the structure and its characteristics.

Methods and apparatus for providing host controlled caching of data in a storage system

Abstract: Mechanisms and techniques allow a host computer system to control caching operations within a data storage system. In a typical implementation, the system of the invention operates within a host computer system to intercept requests for access to data stored within a data storage system that originate from applications, programs or other processes that perform (e.g., execute) on the host computer system or another computer system. Once intercepted, the host computer can examine such a request for access to data to determine if the request matches any prefetch criteria defined within a prefetch database provided by the system of the invention. As an example, prefetch criteria defined in a prefetch database can specify various requestors (e.g., applications, programs, processes, users, or the like) that can access data (e.g., specific files, databases, volumes, data types or the like) stored within the data storage system according to various data access techniques (e.g., filesystems command such as open, read, write, seek and so forth). If a request for access to data matches prefetch criteria, the host computer configured with the invention determines prefetch information for related data related to data specified in the request based on the matching prefetch criteria. The prefetch information indicates the manner (e.g., amount, permanence, etc.) in which related data is to be cached in the data storage system. The host computer also obtains storage information for the related data that indicates the location of the related data stored within the data storage system. Using the prefetch information and the storage information, the invention generates one or more prefetch commands which indicate what related data is to be cached within the data storage system and from what storage locations within the data storage system that related data is to be obtained. The prefetch command is then transmitted to the data storage system to cause the data storage system to cache the related data.

Method and apparatus for accessing memory

Abstract: A specific embodiment is disclosed for a method and apparatus for processing data access requests from a requesting device, such as a graphics processor device. Data access commands are provided at a first rate, for example 200M commands per second, to a memory bridge. In response to receiving the access requests the memory bridge will provide its own access requests to a plurality of memories at approximately the first rate. In response to the memory bridge requests, the plurality of memories will access a plurality of data at a second data rate. When the data access between the memory bridge and the memories is a read request, data is returned to the requesting device at a third data rate which is greater than the first data rate by approximately four-times or more. Noise and power reduction techniques can be used on the data bus between the accessing device and the data bridge.

Device, system and method for data access control

Abstract: A device, a method and a system for providing control of access to data which is stored in an electronic data storage device. The device, method and system enable various types of permissions to be set for determining access to the stored data, such that if an attempt is made to access particular data which does not have a suitable permission type, access is denied. Preferably, the present invention is implemented as an access control device, such as a chip for example, which more preferably controls all access to the data storage device. This implementation is preferred, since such electronic devices are more difficult to “hack” for access by an unauthorized user. The device, system and method have a number of different utilizations, such as for controlling access to credit card information; for identifying a user according to a PIN or other identification information; for controlling access to a particular location according to the identity of the user; and for controlling access to various types of data files, such as music files in the MP3 format and so forth.

The LHAM log-structured history data access method

Abstract: Numerous applications such as stock market or medical information systems require that both historical and current data be logically integrated into a temporal database. The underlying access method must support different forms of “time-travel” queries, the migration of old record versions onto inexpensive archive media, and high insertion and update rates. This paper presents an access method for transaction-time temporal data, called the log-structured history data access method (LHAM) that meets these demands. The basic principle of LHAM is to partition the data into successive components based on the timestamps of the record versions. Components are assigned to different levels of a storage hierarchy, and incoming data is continuously migrated through the hierarchy. The paper discusses the LHAM concepts, including concurrency control and recovery, our full-fledged LHAM implementation, and experimental performance results based on this implementation. A detailed comparison with the TSB-tree, both analytically and based on experiments with real implementations, shows that LHAM is highly superior in terms of insert performance, while query performance is in almost all cases at least as good as for the TSB-tree; in many cases it is much better.

Virtual home data repository and directory

Abstract: The present invention relates to a computer accessible system for electronically storing a model which communicates the physical attributes of a structure along with warranty, insurance and other information relative to that structure. The system of the present invention integrates physical information in a model which is displayed as a physical representation of the structure with other non-physical information. Selecting specific areas of the model provides access to data regarding non-physical characteristics of that area of the structure and the contents thereof. Data relevant to warranties, insurance, maintenance or other information can be accessed by selecting portions of the model or indices attached or related to that portion. Systems of the present invention allow multiple users to remotely access the information and model via a computer network, such as the Internet, in order to make informed decisions regarding the structure and its characteristics.

Optimal index and data allocation in multiple broadcast channels

Abstract: The issue of data broadcast has received much attention in mobile computing. A periodic broadcast of frequently requested data can reduce the workload of the up-link channel and facilitate data access for the mobile user. Since the mobile units usually have limited battery capacity, the minimization of the access latency for the broadcast data is an important problem. The indexing and scheduling techniques on the broadcast data should be considered. We propose a solution to find the optimal index and data allocation, which minimizes the access latency for any number of broadcast channels. We represent all the possible allocations as a tree in which the optimal one is searched, and propose a pruning strategy based on some properties to greatly reduce the search space. Experiments are performed to show the effectiveness of the pruning strategy. Moreover, we propose two heuristics to solve the same problem when the size of the broadcast data is large.

Optimal Disclosure Limitation Strategy in Statistical Databases: Deterring Tracker Attacks through Additive Noise

Abstract: Disclosure limitation methods transform statistical databases to protect confidentiality, a practical concern of statistical agencies. A statistical database responds to queries with aggregate statistics. The database administrator should maximize legitimate data access while keeping the risk of disclosure below an acceptable level. Legitimate users seek statistical information, generally in aggregate form; malicious users—the data snoopers—attempt to infer confidential information about an individual data subject. Tracker attacks are of special concern for databases accessed online. This article derives optimal disclosure limitation strategies under tracker attacks for the important case of data masking through additive noise. Operational measures of the utility of data access and of disclosure risk are developed. The utility of data access is expressed so that trade-offs can be made between the quantity and the quality of data to be released. Application is made to Ohio data from the 1990 censu...

Apparatus and method capable of restricting access to a data storage device

Abstract: The present invention is related to a data storage device capable of restricting access to data storage or retrieval when a first code is incompatible with a second code. The data storage device comprises (a) a data storage media having a data storage region; and (b) a controller adapted to compare a first code with a second code and to restrict access to a portion of the data storage region of the data storage device if the first code is incompatible with the second code.

Using Quality of Data Metadata for Source Selection and Ranking.

Abstract: The World Wide Web has become the preferred medium for the dissemination of information in virtually every domain of activity. Standards and formats for data interchange have addressed the issue of interoperability among heterogeneous sources. However, access to data is still hindered by the challenge of locating data relevant to a particular problem. Further, after a set of relevant sources have been identied, one must still decide which source is best suited for a given task and appropriately rank these sources. WWW sources typically may cover di erent domains and they may di er considerably with respect to a variety of quality of data (qod) parameters which include completeness, recency of update, granularity, etc. In order to solve this problem of source selection and ranking using qod parameters, we maintain metadata about source content and quality of data or scqd metadata. We use a data model for representing scqd metadata similar to those used in a data warehouse environment. We present a query language for source selection and ranking that supports both strict and fuzzy matching of scqd metadata. We then discuss the e cient organization of the scqd metadata to support source selection. We discuss how scqd metadata can be organized in partially ordered sets (po-sets) to support e cient query processing. Some queries can only be answered by a combination of sources. To avoid enumerating an exponential number of possible combinations, we propose a heuristic that gradually extends the associated po-set towards a lattice. We outline the loss of accuracy of the qod metadata incurred by this approach. [section] [section]

System and method for collecting and disseminating household information and for coordinating repair and maintenance services

Abstract: A method and system for collecting and disseminating household information is disclosed. The predictive system diagnoses deterioration and problems in a house and provides an early alert or notification of potential problems. The system integrates the local and remote monitoring of a house with the dispatching and coordinating of repairs. The system also generates and provides access to data that homeowner otherwise would not have access to or be able to generate.

Tamino - An Internet Database System

Abstract: Software AG's Tamino is a novel database server designed to fit the needs of electronic business and worldwide information exchange via the Internet. It is not just an on-top solution based on a database system originally designed for use in other application areas. Rather, it is entirely designed for the specific scenario of HTTP-based access to data represented in XML. These data can stem from various sources, and can be combined on the fly when a corresponding request is encountered. This paper sketches the architecture and the functional features of Tamino, and justifies its various design decisions.

Rule based security policy enforcement

Abstract: A rules based system enforces security policies in a data access management system. The rules based system provides rules that preclude certain activities, but those rules are only implemented and fired upon certain conditions occurring. This results in certain actions being precluded when specified conditions are true, without additional software required to check for the condition each time the action is requested.

Threshold-Based Dynamic Replication in Large-ScaleVideo-on-Demand Systems

Abstract: Recent advances in high speed networking technologies and video compression techniques have made Video-on-Demand (VOD) services feasible. A large-scale VOD system imposes a large demand on I/O bandwidth and storage resources, and therefore, parallel disks are typically used for providing VOD service. Although striping of movie data across a large number of disks can balance the utilization among these disks, such a striping technique can exhibit additional complexity, for instance, in data management, such as synchronization among disks during data delivery, as well as in supporting fault tolerant behavior. Therefore, it is more practical to limit the extent of data striping, for example, by arranging the disks in groups (or nodes) and then allowing intra-group (or intra-node) data striping only. With multiple striping groups, however, we may need to assign a movie to multiple nodes so as to satisfy the total demand of requests for that movie. Such an approach gives rise to several design issues, including: (1) what is the right number of copies of each movie we need so as to satisfy the demand and at the same time not waste storage capacity, (2) how to assign these movies to different nodes in the system, and (3) what are efficient approaches to altering the number of copies of each movie (and their placement) when the need for that arises. In this paper, we study an approach to dynamically reconfiguring the VOD system so as to alter the number of copies of each movie maintained on the server as the access demand for these movies fluctuates. We propose various approaches to addressing the above stated issues, which result in a VOD design that is adaptive to the changes in data access patterns. Performance evaluation is carried out to quantify the costs and the performance gains of these techniques.

Method for data access code generation

Abstract: A method for generating data access classes on an object-oriented environment. A data access code generator takes a least one code generation template and a data object description as inputs and outputs at least one data access class.