Example: Data Mining for the NBA

Download Report

Transcript Example: Data Mining for the NBA

Secure Dependable Stream
Data Management
Vana Kalogeraki (UC Riverside)
Dimitrios Gunopulos (UC Riverside)
Ravi Sandhu (UT San Antonio)
Bhavani Thuraisingham (UT Dallas)
May 2008
Outline
 Dependable Information Management
- Integrating Real-time and Security Policies
 Secure Real-Time TMO
- Apply RBAC and UCON models
 Stream Data/Information Management
- Overview, Data Manager, Security Policy, Directions
 QoS-based Stream Execution Model
Dependable Sensor Information Management
 Dependable sensor information management includes
- secure sensor information management
- fault tolerant sensor information
- High integrity and high assurance computing
- Real-time computing
 Conflicts between different features
- Security, Integrity, Fault Tolerance, Real-time Processing
- E.g., A process may miss real-time deadlines when access
control checks are made
- Trade-offs between real-time processing and security
- Need flexible security policies; real-time processing may be
critical during a mission while security may be critical during
non-operational times
Secure Dependable Information Management
Example: Next Generation AWACS
Navigation
Data Analysis Programming
Group (DAPG)
Data Links
Sensors
Sensor
Detections
Multi-Sensor
Tracks
Technology
Future
App
provided by
Future
App
the project
Data
Mgmt.
Data
Xchg.
MSI
App
Infrastructure Services
Real-time Operating System
Hardware
Future
App
Display
Processor
&
Refresh
Channels
Consoles
(14)
•Security being considered after
the system has been designed
and prototypes implemented
•Challenge: Integrating real-time
processing, security and
fault tolerance
Secure Dependable Information Management:
Directions
 Challenge: How does a system ensure integrity, security, fault
tolerant processing, and still meet timing constraints?
 Develop flexible security policies; when is it more important to
ensure real-time processing and ensure security?
 Secure dependable models and architectures for the policies;
Examine real-time algorithms – e.g., query and transaction
processing
 Research for databases as well as for applications; what
assumptions do we need to make about operating systems,
networks and middleware?
 Developing dependable sensor objects
RBAC (Sandhu et al) and ABAC (Network
Centric Enterprise Services)
 RBAC
- Access to information sources including structured and
unstructured data both within the organization and external to
the organization
- Access based on roles
- Hierarchy of roles: handling conflicts
- Controlled dissemination and sharing of the data
 ABAC (Attribute based access control)
- User presents credentials
- Depending on the user credentials user is granted access
- Suitable for open web environments
UCON (Sandhu et al)
 RBAC model is incorporated into UCON and useful for
various applications
- Authorization component
 Obligations
Obligations are actions required to be performed before
an access is permitted
- Obligations can be used to determine whether an
expensive knowledge search is required
 Attribute Mutability
- Used to control the scope of the knowledge search
 Condition
- Can be used for resource usage policies to be relaxed or
tightened
-
UCON (Sandhu et al))
TMO (Kane Kim et al)
 TMO model
A TMO object
ODSS ODSS2
EAC
1
AAC:
Autonomous
Activation
Condition
Service
Request
Queue
Remote
TMO
Clients
Object Data Store (ODS)
AA
C
AA
C
SpM1
SpM2
Capability for accessing other
TMOs and network
environment including logical
multicast channels and I/O
devices
Lock/Condition/CREW for
Concurrent Access
Time-triggered(TT)
Spontaneous
Methods(SpMs)
Deadlines
SvM1
SvM2
Concurrency
Control
Message-triggered(MT)
Service Methods(SvMs)
RT-RBAC (Jungin Kim and Thuraisingham)
 Access Control mechanisms
-
-
Role Based Access Control (RBAC) model

Users (TMO objects) are associated with roles

Roles are associated with permissions (Write, Read, Execution, All)

A user has permission only if the user has
an authorized role which is associated with
that permission
Inadequate for distributed real-time system

Server side centralized model

Need constraints on temporal
behaviors of spontaneous methods
in TMO
RT-UCON (Jungin Kim and Thuraisingham)
 Basic authorization components for access control in TMO
•
•
•
•
Continuity: dynamic and seamless constraints
Mutability: control the scope of access
Conditions: control the amount of access, access time
Obligations: pre-conditions for determining access decisions
 Adequate for distributed real-time system
•
Space and Time domain; Server and Client side control; Dynamic and
Flexible
 Implemented access control through a separated object
 Checks access right, maintain access policies in the system
•
•
•
ODS: stores static and dynamic access policies
SpM: controls access policies in ODS
SvM: handles access decision requests
Secure CAMIN (Jungin Kim and Thuraisingham)
 Mission: Defend target objects both in the sea and on the land
from the hostile objects in the sky
 Access control checks policies and security levels
 Some malicious objects are added
Secure Sensor/Stream Information Management
 Sensor network consists of a collection of autonomous and
interconnected sensors that continuously sense and store
information about some local phenomena
- May be employed in battle fields, seismic zones, pavements
 Data streams emanate from sensors; for geospatial applications
these data streams could contain continuous data of maps, images,
etc. Data has to be fused and aggregated
 Continuous queries are posed, responses analyzed possibly in real-
time, some streams discarded while rest may be stored
 Recent developments in sensor information management include
sensor database systems, sensor data mining, distributed data
management, layered architectures for sensor nets, storage
methods, data fusion and aggregation
 Secure sensor data/information management has received very little
attention; need a research agenda
Secure Sensor/Stream Information Management:
Data Manager
Continuous Query
Response
Sensor Data Manager
Input Data
Update Processor
Processes input data,
Carries out action, Stores
some data in stable storage,
Throws away transient data;
data
Checks access control rules
and constraints
Query Processor
Processes continuous
queries and gives
responses periodically;.
periodically
Checks access control rules
and constraints
Data to and from Stable Storage
Stable Sensor
Data Storage
Transient Data
Policy Specification and Enforcement: Elena
Ferrari and Barbara Carminati et al
 Example: Aurora Stream Model develop by Stonebraker et al
 Model Operators
- Filter: Select on streams based on predicates; results is a
sequence of streams
- Map: Project onto attributes by applying certain functions
- Aggregate: Aggregate/fuse streams
 Secure Model Operators
Secure Filter: Form of secure selection where access to
resulting streams are controlled
- Secure Map: Access to resulting attributes are controlled
- Secure Aggregation: Access to resulting stream is
controlled
- Access to original streams are controlled but not to the
results
-
Secure Sensor/Stream Information Management:
Inference/Aggregation Control
Inference Controller:
Inferenceaggregation
Controller
Controls
Controller
Sensor Data Manager
Security Manager:
Manages
Security
Manager
constraints
Update Processor:
Processes constraints
Update
Processor
and enters
sensor data
at the appropriate levels
Query Processor:
Query
Processor
Processes
constraints
during query operation
and prevent certain
information from
being retrieved
Data to and from Stable Storage
Stable Sensor
Data Storage
Secure Sensor/Stream Information Management:
Security Policy Integration (MURI Project)
AdditionalFederated
security constraints
for
Privacy Controller
Inference Control
IntegratedFederated
Policy forData
the Management
Sensor
Network
Export
Engine
Policy
Generic
Privacy
Policy
for A
Controller
Component
Data System
Policy
for Sensor
AgencyAA
Export
Engine
Policy
Export
Engine
Policy
Generic
Privacy
Controller
Policy for C
Generic
Privacy
Controller
Policy
for B
Component
Data System
Policy
For Sensor
for
AgencyCC
Component
Data System
Policy
for Sensor
AgencyBB
Real-time Knowledge Discovery (RT-KDD)
 How does a data mining technique meet the timing constraint?
- E.g., if an association rule mining algorithm has a 5 minutes
constraint, then should it output as many rules as possible
within 5 minutes
- How does this affect the accuracy of the results?
- Will there be an increase in false positives and negatives?
 Approximate data mining
- Are there techniques analogous to techniques in approximate
query processing
- Are incomplete results better than no results
 What are the applications for RT-KDD
- Give the results to the first responder/law enforcement official
in 5 minutes so that he can take appropriate actions
 Secure RT-KDD?
Secure Sensor/Stream Information Management:
Directions
 Individual sensors may be compromised and attacked; need
techniques for detecting, managing and recovering from such
attacks
 Aggregated sensor data may be sensitive; need secure storage sites
for aggregated data; variation of the inference and aggregation
problem?
 Security has to be incorporated into sensor database management
- Policies, models, architectures, queries, etc.
 Evaluate costs for incorporating security especially when the sensor
data has to be fused, aggregated and perhaps mined in real-time
 Data may be emanating from sensors and other devices at multiple
locations
- Data may pertain to individuals (e.g. video information, images,
surveillance information, etc.); Data may be mined to extract
useful information; Need to maintain privacy
Secure Stream based Execution Model:
Integrate Kalogeraki stream model with UCON
 QoS based Infrastructure support for hosting stream based
applications
 Component Discovery
- Data summarization and dissemination to propagate
components and resource information to the appropriate nodes
- Bloom filter data structure based techniques
 QoS aware composition
- For each application request the user specifies the data source,
application graph (describing the application components and
their invocations) and real-0time requirements
 Apply UCON model as the basis for security
- Integrate concepts from RT-UCON with stream based policies
 Our approach: Specify security policies and prove that the resulting
system is secure