Cure for AIDS a step closer as common cancer drug is found to 'purge' dormant HIV from body

Cure for AIDS a step closer as common cancer drug is found to 'purge' dormant HIV from body

A cure for AIDS has got a step closer after scientists found that a common cancer drug can purge the disease as it lies dormant in the body.
Current treatments are effective at reducing levels of the disease in the bloodstream - but a drug that can 'knock out' the disease when it lies dormant is thought to be key to a cure.
Tests on eight HIV-positive men found that the drug was highly effective in 'unmasking' the hidden reservoirs in the body - which the researchers say is a vital step towards eradicating HIV from the body.
‘This work provides compelling evidence for a new strategy to directly attack and eradicate latent HIV infection,’ said David Margolis at the University of North Carolina at Chapel Hill.
‘Long-term, widespread use of antiretrovirals has personal and public health consequences, including side effects, financial costs, and community resistance,’ said Margolis, who led the study.
‘We must seek other ways to end the epidemic, and this research provides new hope for a strategy to eradicate HIV completely from the body.’
The existence of persistent reservoirs of dormant HIV in the immune system that are not attacked by anti-AIDS drugs is believed to be a major reason why infection reemerges once patients stop taking their medication.
The disruption and clearance of these reservoirs is critical to finding a cure for AIDS

Technology

Olympus's glasses link to a smartphone via Bluetooth to display information such as emails - they also have built-in GPS and an accelerometer to deliver mapping information

The idea is to bypass computers, tablets and smartphones entirely and keep the user connected in a (fairly) discreet way.
With the glasses, directions to your destination or a text message from a friend can appear literally before your eyes


The glasses have a GPS system and accelerometer built in, which could be used to deliver information about the local area direct to their 320x240 display.
A small projector displays an image in front of the wearer's eyes while letting them stay aware on the outside world.
Google's Project Glass glasses are designed to let users capture video with a built-in camera as well as use apps, the internet, and social networking sites on the move.

Experience: Google has already released a sneak-peak at the user-interface for the Glass, which broadcasts data directly in front of the eye, bypassing cell phones

The idea is to bypass computers, tablets and smartphones entirely and keep the user connected in a (fairly) discreet way.
With the glasses, directions to your destination or a text message from a friend can appear literally before your eyes

ORACLE DATABASE SECURITY OPTIONS The five main security options available are:  Enterprise Manager Data Masking Pack  Audit Vault  Database vault  Advanced Security Option (ASO)  Label security ENTERPRISE MANAGER DATA MASKING PACK Enterprises run the risk of breaching sensitive information when copying production data into non-production environments for the purposes of application development, testing or data analysis. Oracle Data Masking Pack helps reduce this risk by irreversibly replacing the original sensitive data with fictitious data so that production data can be shared safely with IT developers or offshore business partners. Accessible via Oracle Enterprise Manager, this Management Pack provides end to end secure automation for provisioning test databases from production in compliance with regulations. KEY FEATURES AND BENEFITS ·. Consistent and automatic enforcement of data privacy policies across all enterprise data. · Rapid sharing of production data in compliance with data privacy regulations · Increased DBA productivity by automating the discovery and masking of sensitive data Note: Enterprise manager data masking pack is use to mask sensitive data before sharing it with development and testing teams Origbo Onoriode Page 1 ORACLE AUDIT VAULT Satisfying compliance regulations and mitigating security risks are two of the top security challenges businesses face today. Oracle Audit Vault reduces the cost and complexity of compliance and helps detect suspicious activity by automating the collection and consolidation of audit data. It provides a secure and highly scalable audit warehouse, enabling centralized reporting, analysis, and threat detection on audit data. Oracle Audit Vault automates the consolidation of audit data into a secure repository, enabling efficient monitoring and reporting. Oracle Audit Vault is a powerful solution providing a secure repository, built-in reporting, event alerting, and separation-of-duty. Built on Oracle’s industry leading technology, Oracle Audit Vault uses Oracle data security to protect audit data end-to-end. The latest release of Oracle Audit Vault provides enhanced out- of-the-box compliance reporting and audit collection, including support for Microsoft SQL Server 2000 & 2005, IBM DB2 Unix, Linux, and Windows 8.2 & 9.5, and Sybase ASE 12.5 & 15.0 databases.  • • • • • • KEY FEATURES AND BENEFITS Consolidate and secure audit data from Oracle and Microsoft SQL Server, Sybase and IBM DB2 databases Built-in and customizable reports for compliance and monitoring Raise alerts on suspicious activity Capture before/after values from transaction logs Automated cleanup of Oracle database audit data on source systems Manage audit policies across Oracle databases Scale with robust Oracle Database technology Origbo Onoriode Page 2 Simplify compliance reporting • Alert on security threat • Lowers IT cost with audit policies NOTE : Oracle Audit Vault is use to audit sensitive operation and the activity of privilege users. ADVANCE SECURITY OPTION (ASO) Oracle Advanced Security helps customers address regulatory compliance requirements by protecting sensitive data on the network, on storage media and within the database from unauthorized disclosure. Transparent Data Encryption, a major component of Oracle Advanced Security, provides the industry’s most advanced database encryption solution for protecting sensitive information without requiring changes to applications Protecting personally identifiable information (PII), intellectual property, financial results, and other sensitive information is a top priority for all organizations. Universities, healthcare organizations, and retailers are just a few of the organizations that have vast amounts of sensitive data ranging from social security numbers to personal health information (PHI) to credit card numbers. The amount of sensitive information collected and transmitted will continue to increase dramatically as organizations strive to achieve increased efficiencies and consumers continue to embrace Internet based commerce. At the same time, the value of sensitive information to those attempting to commit identity theft and other types of fraud continues to increase. Over the past years, the number of reported data breaches has increased, resulting in damages reaching into the tens of millions of dollars. As a result, numerous privacy and breach notification laws have been put in place that mandate the use of encryption technologies to provide a defensive shield for sensitive data: In 2003, the U.S. State of California passed the first such law known as Senate Bill 1386 (extended by Assembly Bill 1950). Ever since, similar laws have been put in place across the U.S., the State of Massachusetts being the most recent. The payment card industry data security standaencryption technology to provide protection for credit card data stored by anyone who processes credit card transactions. The HiTECH act of 2010 adds breach notification procedures to the Health Insurance Portability and Accountability Act (HIPAA), which only required encryption when sensitive information is transmitted across public networks (e.g. the Internet). Oracle Advanced Security provides transparent, standards-based security that protects data through data- at-rest encryption, network encryption, and strong authentication services. KEY FEATURES AND BENEFITS • Transparently encrypt data without application changes • Built-in key management • Encrypt entire application tables or individual columns • Encrypt database exports and RMAN backups • Encrypt Oracle SQL*Net network traffic Note: With Oracle Advanced Security you can use data encryption to secure primary database and back up data when it is written to disk and encrypt network traffic to reduce the risk of someone sniffing data on the wire. ORACLE DATABASE VAULT Regulatory compliance, industrial espionage and insider threats are just few of the challenges facing organizations in today's global economy. At the same time, remaining competitive requires the flexibility to deploy IT systems in a cost effective manner through consolidation and off shoring. While problems such as Origbo Onoriode   Page 4rd (PCI-DSS) is an industry driven initiative that mandates the use of insider threats are certainly not new, the concern over unauthorized access to sensitive information has never been greater. The cost of data theft from both a financial and public relations standpoint can be significant. At the same time compliance with regulations such as Sarbanes-Oxley (SOX), European Union Data Protection Directive, Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), and numerous breach disclosure laws requires strong controls on access to sensitive data. Oracle Database Vault provides a powerful and transparent security solution that helps organizations comply with regulations, deploy systems in a cost efficient manner, and prevent unauthorized access to sensitive data. Oracle Database Vault realms act as a firewall around application data and block access from privileged users. Realms are easily defined and can be placed around an entire application or a set of tables quickly and easily Oracle Database Vault command rules and factors tighten security by limiting who, when, where and how databases, data and an applications can be accessed. Command rules are policies that can be associated with various SQL commands inside the Oracle database. KEY FEATURES AND BENEFITS • Preventive controls on privileged user access to application data • Real time controls with command rules and multi-factor authorization • Separation-of-duty with account management, security administration and database administration Note: Oracle Database Vault empowers DBAs to tune and manage database, but restrict them from viewing or modifying sensitive data. ORACLE LABEL SECURITY Oracle Label Security helps organizations address security and compliance requirements using sensitivity labels such as confidential and sensitive. Sensitivity labels can be assigned to users in the form of label authorizations and associated with operations and objects inside the database using data labels. Label authorizations provide tremendous flexibility in making access control decisions and enforcing separation of duty. Oracle Label Security can be used to address numerous operational issues related to security, compliance and privacy. Data consolidation requires the ability to enforce strong access controls on sensitive data. Oracle Label Security data labels enable the Oracle database to know the sensitivity of data consolidated from multiple databases. Data labels such as confidential and sensitive can be assigned to data, enabling sensitive data to reside in the same table as less sensitive data. Oracle Label Security compliments existing application security by enforcing access control at the row level based on data classification. KEY FEATURES AND BENEFITS • Secure consolidation of sensitive data using data labels • Transparent data classification using hidden columns for data labels • Flexible enforcement controls • Integration with Oracle Enterprise Manager and Oracle Identity Management for centralized enterprise management • Complete PL/SQL API with functions for managing policies, comparing and interpreting data labels

Oracle Database 11G Security Options – Key Points

         

 Summary On Oracle Database Security Options 

1.   Audit Vault alerts can be define for the following events

·         Granting of DBA privileges.

·         Table drops.

·         Failed logins.

·         Direct views of sensitive data.

2.   Database Vault rules can be based on

·         time of day,

·         ip address,

·         language,

3.  Audit Vault agents can audit

·         Oracle databases

·         SQL databases

·         DB2  databases

·         Sybase databases.

4.  Database Vault command rules are not based on Database Vault rules, but on Database Vault rule sets.

5. Only 29% of customers  encrypt Personally Identifiable Information (PII) in their database

6. You can define your own Audit Vault reports

7.  Data Masking is used when sharing data outside of your production environment

8. Database Vault can be used to enforce separation of duties.

9. You can encrypt  data at the column or tablespace level

10. PCI, SOX and HIPAA are regulations that can lead to greater security requirements.

11. Advanced Security Option is used to implement strong authentication.

12.  Increased compliance regulations can lead to additional security requirements

13. Separation of duties is denying administrators access to data values

14. Database Vault and Advanced Security Option can be used to enforce separation of duties.

15. A Database Vault realm can prevent access to a table

16. Label Security is used to implement security based on data values in individual rows

17.  Label Security allows the finest-grained access control

18. data masking maintains relationships defined by foreign keys automatically

19. sensitive data should be encrypted when at rest in the database and in transit and when backed up.

20.  Audit Vault supports redo, database and operating system based auditing for the Oracle database.

21. A Database Vault rule set can control access to both commands and realms

22. Audit Vault provides consolidated reporting across multiple databases and active alerts of security  violations.

23. Label Security is used to implement security based on data values in individual rows

24. You can define your own Audit Vault alerts.

25. Database Vault and Audit Vault can produce reports on security violations

26. Payment Card Industry security standards can affect companies worldwide

27. Advanced Security Option uses a two-tier architecture for key management.

28. Rule sets in Database Vault control access to realms and commands