Encyclopedia of Computer Science and Technology

136 data securityparticular purpose, such as recording scientific observationsor keeping track of customers’ account histories. However,data often has potential applications beyond thoseconceived by its collector.Conceptually, data mining involves a process of refiningdata to extract meaningful patterns—usually with somenew purpose in mind. First, a promising set or subset of thedata is selected or sampled. Particular fields (variables) ofinterest are identified. Patterns are found using techniquessuch as regression analysis to find variables that are highlycorrelated to (or predicted by) other variables, or throughclustering (finding the data records that are the most similaralong the selected dimensions). Once the “refined” datais extracted, a representation or visualization (such as areport or graph) is used to express newly discovered informationin a usable form.Similar (if simpler) techniques are being used to targetor personalize marketing, particularly to online customers.For example, online bookstores such as Amazon.com canfind what other books have been most commonly boughtby people buying a particular title. (In other words, identifya sort of reader profile.) If a new customer searches forthat title, the list of correlated titles can be displayed, withan increased likelihood of triggering additional purchases.Businesses can also create customer profiles based on theirlonger-term purchasing patterns, and then either use themfor targeted mailings or sell them to other businesses (seee-commerce). In scientific applications, observations canbe “mined” for clues to phenomena not directly related tothe original observation. For example, changes in remotesensor data might be used to track the effects of climateor weather changes. Data-mining techniques can even beapplied to the human genome (see bioinformatics).TrendsData mining of consumer-related information has emergedas an important application as the volume of e-commercecontinues to grow, the amount of data generated by largesystems (such as online bookstores and auction sites)increases, and the value of such information to marketersbecomes established. However, the use of consumer datafor purposes unrelated to the original purchase, often bycompanies that have no pre-existing business relationshipto the consumer, can raise privacy issues. (Data is oftenrendered anonymous by removing personal identificationinformation before it is mined, but regulations or otherways to assure privacy remain incomplete and uncertain.)The most controversial applications of data mining arein the area of intelligence and homeland security. Becausesuch applications are often shrouded in secrecy, the publicand even lawmakers have difficulty in assessing their valueand devising privacy safeguards. According to the GovernmentAccountability Office, as of 2007 some 199 differentdata-mining programs were in use by at least 52 federalagencies. One of the most controversial is ADVISE (AnalysisDissemination, Visualization, Insight and SemanticEnhancement), developed by the Department of HomelandSecurity since 2003. The program purportedly can matchand create profiles using government records and users’Web sites and blogs. Privacy advocates and civil libertarianshave raised concerns, and legislation has been introducedthat would require that all federal agencies report their dataminingactivities to Congress (see also counterterrorismand computers and privacy in the digital age.)Further ReadingClayton, Mark. “U.S. Plans Massive Data Sweep.” Christian ScienceMonitor, February 9, 2006, n.p. Available online. URL: http://www.csmonitor.com/2006/0209/p01s02-uspo.html. AccessedJuly 8, 2007.Dunham, Margaret H. Data Mining: Introductory and Advanced Topics.Upper Saddle River, N.J.: Prentice Hall, 2002.Markov, Zdravko, and Daniel T. Larose. Data Mining the Web:Uncovering Patterns in Web Content, Structure, and Usage.Hoboken, N.J.: Wiley, 2007.Tan, Pang-Ning, Michael Steinbach, and Vipin Kumar. Introductionto Data Mining. Upper Saddle River, N.J.: Pearson Education,2006.data securityIn most institutional computing environments, access toprogram and data files is restricted to authorized persons.There are several mechanisms for restricting file access in amultiuser or networked system.User StatusBecause of their differing responsibilities, users are oftengiven differing restrictions on access. For example, theremight be status levels ranging from root to administrator to“ordinary.” A user with root status on a UNIX system is ableto access any file or resource. Any program run by such auser inherits that status, and thus can access any resource.Generally, only the user(s) with ultimate responsibility forthe technical functioning of the system should be givensuch access, because commands used by root users have thepotential to wipe out all data on the system. A person withadministrator status may be able to access the files of otherusers and to access certain system files (in order to changeconfigurations), but will not be able to access certain coresystem files. Ordinary users typically have access only tothe files they create themselves and to files designated as“public” by other users.File PermissionsFiles themselves can have permission status. In UNIX,there are separate statuses for the user, any group to whichthe user belongs, and “others.” There are also three differentactivities that can be allowed or disallowed: reading, writing,and executing. For example, if a file’s permissions areUser Group Otherrwx rw- r—the user can read or write the file or (if it is a directory orprogram), execute it. Members of the same group can reador write, but not execute, while others can only read the filewithout being able to change it in any way. Operating systemssuch as Windows NT use a somewhat different struc-