Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture...
-
Upload
meagan-gibbs -
Category
Documents
-
view
213 -
download
0
Transcript of Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture...
![Page 1: Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.](https://reader035.fdocuments.net/reader035/viewer/2022071807/56649ebf5503460f94bca775/html5/thumbnails/1.jpg)
Data and Applications Security
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Lecture #1
Introduction to Data and Applications Security
August 29, 2014
![Page 2: Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.](https://reader035.fdocuments.net/reader035/viewer/2022071807/56649ebf5503460f94bca775/html5/thumbnails/2.jpg)
Outline
Data and Applications Security
- Developments and Directions
Secure Semantic Web
- XML Security; Other directions
Some Emerging Secure DAS Technologies
- Secure Sensor Information Management; Secure Dependable Information Management
Some Directions for Privacy Research
- Data Mining for handling security problems; Privacy vs. National Security; Privacy Constraint Processing; Foundations of the Privacy Problem
What are the Challenges?
![Page 3: Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.](https://reader035.fdocuments.net/reader035/viewer/2022071807/56649ebf5503460f94bca775/html5/thumbnails/3.jpg)
Developments in Data and Applications Security: 1975 - Present
Access Control for Systems R and Ingres (mid 1970s) Multilevel secure database systems (1980 – present)
- Relational database systems: research prototypes and products; Distributed database systems: research prototypes and some operational systems; Object data systems; Inference problem and deductive database system; Transactions
Recent developments in Secure Data Management (1996 – Present)
- Secure data warehousing, Role-based access control (RBAC); E-commerce; XML security and Secure Semantic Web; Data mining for intrusion detection and national security; Privacy; Dependable data management; Secure knowledge management and collaboration
![Page 4: Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.](https://reader035.fdocuments.net/reader035/viewer/2022071807/56649ebf5503460f94bca775/html5/thumbnails/4.jpg)
Developments in Data and Applications Security: Multilevel Secure Databases - I
Air Force Summer Study in 1982 Early systems based on Integrity Lock approach Systems in the mid to late 1980s, early 90s
- E.g., Seaview by SRI, Lock Data Views by Honeywell, ASD and ASD Views by TRW
- Prototypes and commercial products
- Trusted Database Interpretation and Evaluation of Commercial Products
Secure Distributed Databases (late 80s to mid 90s)
- Architectures; Algorithms and Prototype for distributed query processing; Simulation of distributed transaction management and concurrency control algorithms; Secure federated data management
![Page 5: Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.](https://reader035.fdocuments.net/reader035/viewer/2022071807/56649ebf5503460f94bca775/html5/thumbnails/5.jpg)
Developments in Data and Applications Security: Multilevel Secure Databases - II
Inference Problem (mid 80s to mid 90s)
- Unsolvability of the inference problem; Security constraint processing during query, update and database design operations; Semantic models and conceptual structures
Secure Object Databases and Systems (late 80s to mid 90s)
- Secure object models; Distributed object systems security; Object modeling for designing secure applications; Secure multimedia data management
Secure Transactions (1990s)
- Single Level/ Multilevel Transactions; Secure recovery and commit protocols
![Page 6: Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.](https://reader035.fdocuments.net/reader035/viewer/2022071807/56649ebf5503460f94bca775/html5/thumbnails/6.jpg)
Some Directions and Challenges for Data and Applications Security - I
Secure semantic web - Security models
Secure Information Integration- How do you securely integrate numerous and
heterogeneous data sources on the web and otherwiseSecure Sensor Information Management- Fusing and managing data/information from distributed
and autonomous sensorsSecure Dependable Information Management- Integrating Security, Real-time Processing and Fault
ToleranceData Sharing vs. Privacy- Federated database architectures?
![Page 7: Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.](https://reader035.fdocuments.net/reader035/viewer/2022071807/56649ebf5503460f94bca775/html5/thumbnails/7.jpg)
Some Directions and Challenges for Data and Applications Security - II
Data mining and knowledge discovery for intrusion detection
- Need realistic models; real-time data mining Secure knowledge management
- Protect the assets and intellectual rights of an organization Information assurance, Infrastructure protection, Access
Control
- Insider cyber-threat analysis, Protecting national databases, Role-based access control for emerging applications
Security for emerging applications
- Geospatial, Biomedical, E-Commerce, etc. Other Directions
- Trust and Economics, Trust Management/Negotiation, Secure Peer-to-peer computing,
![Page 8: Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.](https://reader035.fdocuments.net/reader035/viewer/2022071807/56649ebf5503460f94bca775/html5/thumbnails/8.jpg)
Coalition Data and Policy Sharing
ExportData/Policy
ComponentData/Policy for
Agency A
Data/Policy for Federation
ExportData/Policy
ComponentData/Policy for
Agency C
ComponentData/Policy for
Agency B
ExportData/Policy
![Page 9: Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.](https://reader035.fdocuments.net/reader035/viewer/2022071807/56649ebf5503460f94bca775/html5/thumbnails/9.jpg)
Other topics to be covered by course
Secure Cloud Computing Secure Social Media Mobile code security Vulnerability Analysis Infrastructure security Healthcare Security Financial Security