Data and Applications Security Developments and Directions

1
Data and Applications Security Developments and
Directions

• Dr. Bhavani Thuraisingham
• The University of Texas at Dallas
• Lecture 1
• Introduction to Data and Applications Security
• January 11, 2005

2
Outline

• Data and Applications Security
• Developments and Directions
• Secure Semantic Web
• XML Security Other directions
• Some Emerging Secure DAS Technologies
• Secure Information Integration Secure Sensor
  Information Management Secure Dependable
  Information Management
• Some Directions for Privacy
• Data Mining for handling security problems
  Privacy vs. National Security Privacy Constraint
  Processing Foundations of the Privacy Problem
• What are the Challenges?
• Outline of the Course

3
Developments in Data and Applications
Security 1975 - Present

• Access Control for Systems R and Ingres (mid
  1970s)
• Multilevel secure database systems (1980
  present)
• Relational database systems research prototypes
  and products Distributed database systems
  research prototypes and some operational systems
  Object data systems Inference problem and
  deductive database system Transactions
• Recent developments in Secure Data Management
  (1996 Present)
• Secure data warehousing, Role-based access
  control (RBAC) E-commerce XML security and
  Secure Semantic Web Data mining for intrusion
  detection and national security Privacy
  Dependable data management Secure knowledge
  management and collaboration

4
Developments in Data and Applications
Security Multilevel Secure Databases - I

• Air Force Summer Study in 1982
• Early systems based on Integrity Lock approach
• Systems in the mid to late 1980s, early 90s
• E.g., Seaview by SRI, Lock Data Views by
  Honeywell, ASD and ASD Views by TRW
• Prototypes and commercial products
• Trusted Database Interpretation and Evaluation of
  Commercial Products
• Secure Distributed Databases (late 80s to mid
  90s)
• Architectures Algorithms and Prototype for
  distributed query processing Simulation of
  distributed transaction management and
  concurrency control algorithms Secure federated
  data management

5
Developments in Data and Applications
Security Multilevel Secure Databases - II

• Inference Problem (mid 80s to mid 90s)
• Unsolvability of the inference problem Security
  constraint processing during query, update and
  database design operations Semantic models and
  conceptual structures
• Secure Object Databases and Systems (late 80s to
  mid 90s)
• Secure object models Distributed object systems
  security Object modeling for designing secure
  applications Secure multimedia data management
• Secure Transactions (1990s)
• Single Level/ Multilevel Transactions Secure
  recovery and commit protocols

6
Some Directions and Challenges for Data and
Applications Security - I

• Secure semantic web
• Single/multiple security models?
• Different application domains
• Secure Sensor Information Management
• Fusing and managing data/information from
  distributed and autonomous sensors
• Secure Dependable Information Management
• Integrating Security, Real-time Processing and
  Fault Tolerance
• Data Sharing vs. Privacy
• Federated database architectures?

7
Some Directions and Challenges for Data and
Applications Security - II

• Data mining and knowledge discovery for intrusion
  detection
• Need realistic models real-time data mining
• Secure knowledge management
• Protect the assets and intellectual rights of an
  organization
• Information assurance, Infrastructure protection,
  Access Control
• Insider cyber-threat analysis, Protecting
  national databases, Role-based access control for
  emerging applications
• Security for emerging applications
• Geospatial, Biomedical, E-Commerce, etc.
• Other Directions
• Trust and Economics, Trust Management/Negotiation,
  Secure Peer-to-peer computing, Biometrics

8
Secure Semantic Web

• According to Tim Berners Lee, The Semantic Web
  supports
• Machine readable and understandable web pages
• Layers for the semantic web Security cuts across
  all layers

9
Steps to Securing the Semantic Web

• Flexible Security Policy
• One that can adapt to changing situations and
  requirements
• Security Model
• Access Control, Role-based security,
  Nonrepudiation, Authentication
• Security Architecture and Design
• Examine architectures for semantic web and
  identify security critical components
• Securing the Layers of the Semantic Web
• Secure agents, XML security, RDF security, secure
  semantic interoperabiolity, security properties
  for ontologies, Security issues for digital
  rights

10
XML Security

• Some ideas have evolved from research in secure
  multimedia/object data management
• Access control and authorization models
• Protecting entire documents, parts of documents,
  propagations of access control privileges
  Protecting DTDs vs Document instances Secure XML
  Schemas
• Update Policies and Dissemination Policies
• Secure publishing of XML documents
• How do you minimize trust for third party
  publication
• Use of Encryption
• Inference problem for XML documents
• Portions of documents taken together could be
  sensitive, individually not sensitive

11
What are the Next Steps and Challenges for Secure
Semantic Web?

• We need to continue with XML security research as
  well as work with standards
• W3C standards are advancing rapidly security
  research, prototypes and products must keep up
  with the developments
• Researchers, vendors and standards organizations
  must work together
• Secure XML Database Systems (query, transactions,
  storage, - - -)
• RDF Security
• When you bring in semantics, many challenges for
  security
• Need to develop security models for RDF documents
• Secure Ontologies
• Two aspects one is to develop protection models
  for Ontology databases other is to use
  ontologies for ensuring security and privacy

12
Secure Sensor Information Management

• Sensor network consists of a collection of
  autonomous and interconnected sensors that
  continuously sense and store information about
  some local phenomena
• May be employed in battle fields, seismic zones,
  pavements
• Data streams emanate from sensors for geospatial
  applications these data streams could contain
  continuous data of maps, images, etc. Data has to
  be fused and aggregated
• Continuous queries are posed, responses analyzed
  possibly in real-time, some streams discarded
  while rest may be stored
• Recent developments in sensor information
  management include sensor database systems,
  sensor data mining, distributed data management,
  layered architectures for sensor nets, storage
  methods, data fusion and aggregation
• Secure sensor data/information management has
  received very little attention need a research
  agenda

13
Secure Sensor Information Management Directions

• Individual sensors may be compromised and
  attacked need techniques for detecting, managing
  and recovering from such attacks
• Aggregated sensor data may be sensitive need
  secure storage sites for aggregated data
  variation of the inference and aggregation
  problem?
• Security has to be incorporated into sensor
  database management
• Policies, models, architectures, queries, etc.
• Evaluate costs for incorporating security
  especially when the sensor data has to be fused,
  aggregated and perhaps mined in real-time

14
Secure Dependable Information Management

• Dependable information management includes
• secure information management
• fault tolerant information
• High integrity and high assurance computing
• Real-time computing
• Conflicts between different features
• Security, Integrity, Fault Tolerance, Real-time
  Processing
• E.g., A process may miss real-time deadlines when
  access control checks are made
• Trade-offs between real-time processing and
  security
• Need flexible security policies real-time
  processing may be critical during a mission while
  security may be critical during non-operational
  times

15
Secure Dependable Information Management Example
Next Generation AWACS
Navigation
Display
Consoles
Data Analysis Programming
Processor
Data Links
(14)
Group (DAPG)

Sensors
Refresh
Channels
Multi-Sensor
Sensor

• Security being considered after
• the system has been designed
• and prototypes implemented
• Challenge Integrating real-time
• processing, security and
• fault tolerance

Tracks
Detections

• Technology provided by the project

Future
Future
Future
App
App
App
MSI
Data
App
Mgmt.
Data
Xchg.
Infrastructure Services
Real-time Operating System
Hardware
16
Directions for Privacy

• Why this interest now on privacy?
• Data Mining for National Security
• Data Mining is a threat to privacy
• Balance between data sharing/mining and privacy
• Is federated data management a solution
• Privacy Preserving Data Mining
• Inference Problem as a Privacy Problem
• Handling privacy constraints Foundations
• Web/Semantic Web will have to address privacy
• Federated Architectures for Data Sharing?

17
Data Mining to Handle Security Problems

• Data mining tools could be used to examine audit
  data and flag abnormal behavior
• Much recent work in Intrusion detection
• e.g., Neural networks to detect abnormal patterns
• Tools are being examined to determine abnormal
  patterns for national security
• Classification techniques, Link analysis
• Fraud detection
• Credit cards, calling cards, identity theft etc.

18
Data Mining as a Threat to Privacy

• Data mining gives us facts that are not obvious
  to human analysts of the data
• Enables inspection and analysis of huge amounts
  of data
• Possible threats
• Predict information about classified work from
  correlation with unclassified work
• Mining Open Source data to determine
  predictive events (e.g., Pizza deliveries to the
  Pentagon)
• It isnt the data we want to protect, but
  correlations among data items
• Initial ideas presented at the IFIP 11.3 Database
  Security Conference, July 1996 in Como, Italy
• Data Sharing/Mining vs. Privacy Federated Data
  Management Architecture for the Department of
  Homeland Security?

19
What can we do? Privacy Preserving Data Mining

• Prevent useful results from mining
• limit data access to ensure low confidence and
  support
• Extra data (cover stories) to give false
  results with Providing only samples of data can
  lower confidence in mining results
• Idea If adversary is unable to learn a good
  classifier from the data, then adversary will be
  unable to learn good
• rules, predictive functions
• Approach Only make a sample of data available
• Limits ability to learn good classifier
• Several recent research efforts have been
  reported

20
Privacy Constraints

• Simple Constraints - an attribute of a document
  is private
• Content-based constraints If document contains
  information about XXX, then it is private
• Association-based Constraints Two or more
  documents together is private individually they
  are public
• Dynamic constraints After some event, the
  document is private or becomes public
• Several challenges Specification and consistency
  of constraints is a Challenge How do you take
  into consideration external knowledge? Managing
  history information

21
Architecture for Privacy Constraint Processing
User Interface Manager
Privacy Constraints
Constraint Manager
Database Design Tool Constraints during database
design operation
Update Processor Constraints during update
operation
Query Processor Constraints during query and
release operations
DBMS
Database
22
Federated Data and Policy Management
Data/Policy for Federation
Export
Export
Data/Policy
Data/Policy
Export
Data/Policy
Component
Component
Data/Policy for
Data/Policy for
Agency A
Agency C
Component
Data/Policy for
Agency B
23
Some Key Directions

• Transfer security technology to operational
  systems need to develop systems that are
  flexible, usable and secure
• Bring human computer interaction and people
  aspects into system design
• Security for emerging applications
• E.g., medical informatics, bioinformatics,
  scientific and engineering informatics, and other
  areas
• Data mining for security (e.g., intrusion
  detection, insider cyber threat) cannot forget
  about Privacy
• Interdisciplinary research in information
  security
• Emerging areas include Secure semantic web,
  Secure Information Integration, Secure Sensors,
  Trust Management/Negotiation, Economics, - - - -
  -

24
Outline of Course

• Supporting Technologies
• Discretionary Security
• Multilevel Security
• Inference Problem
• Secure Distributed Databases
• Secure Object Systems
• Secure Data warehouses
• Data Mining and security
• Privacy
• Secure Multimedia and Information Management
• Secure Knowledge Management
• Secure Semantic Web
• Secure Dependable Information Management
• Special Topics Biometrics, Digital identity, - -
  -