Transcript Lecture27 - The University of Texas at Dallas

Data and Applications Security
Developments and Directions
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Guest Lecture
Lecture #27
Cyber Crime, Solutions,
Privacy and the Semantic Web
April 19, 2005
Outline
 Cyber Crime
 Some Solutions
 Privacy
 Secure Semantic Web
Types of Cyber Crime
Security
Threats and
Violations
Access
Control
Violations
Integrity/
Privacy
Violations
Denial of
Service/
Infrastructure
Attacks
Fraud/
Identity Theft
Sabotage
Confidentiality
Authentication
Nonrepudiation
Violations
Some Solutions
 Access Control Models
 Digital Identity Management
 Identity Theft Management
 Digital Forensics
 Digital Watermarking
 Risk Analysis
 Encryption
 Biometrics
Types of in Access Control
 Inference Problem and Access Control
- Inference problem occurs when users pose queries and deduce
unauthorized information from the legitimate responses
- Security constraint processing for controlling inferences
 Temporal Access Control Models
- Incorporates time parameter into the access control models
 Role-based access control
- Controlling access based on roles of people and the activities
they carry out; Implemented in commercial systems
 Positive and Negative Authorizations
- Should negative authorizations be explicitly specified? How can
conflicts be resolved?
 Usage Control
- Policies of authorizations, Obligations and Conditions
Inference and Access Control:
Security Constraint Processing
User Interface Manager
Security
Constraints
Database Design
Tool
Constraint
Manager
Query Processor:
Constraints during
query and release
operations
Update
Processor:
Constraints during
database design
operation
Constraints
during
update
operation
Relational DBMS
Database
Digital Identity Management
 Digital identity is the identity that a user has to access an
electronic resource
 A person could have multiple identities
- A physician could have an identity to access medical
resources and another to access his bank accounts
 Digital identity management is about managing the multiple
identities
- Manage databases that store and retrieve identities
- Resolve conflicts and heterogeneity
- Make associations
- Provide security
 Ontology management for identity management is an
emerging research area
Digital Identity Management - II
 Federated Identity Management
- Corporations work with each other across organizational
boundaries with the concept of federated identity
- Each corporation has its own identity and may belong to
multiple federations
Individual identity management within an organization
and federated identity management across organizations
 Technologies for identity management
- Database management, data mining, ontology
management, federated computing
-
Digital Identity Management – III
What is going on in this area?
 Private Sector Activity
- Microsoft Passport, Liberty Alliance
 Public Sector Activity
- Federal Executive, State Executive
 Some Public and Private Systems
- E-Tailing and User names, E-Government and Integration,
Government interest in Single Identity, Fair Information
Practices: Citizens managing their own identity
 Approaches
- Single Federal National System, State Federated System,
Systemic Uniformity
 Source: Identity Management White paper by the National
Electronic Commerce Coordinating Council, December 2002
Identity Theft Management
 Need for secure identity management
- Ease the burden of managing numerous identities
- Prevent misuse of identity: preventing identity theft
 Identity theft is stealing another person’s digital identity
 Techniques for preventing identity thefts include
- Access control, Encryption, Digital Signatures
- A merchant encrypts the data and signs with the public
-
key of the recipient
Recipient decrypts with his private key
Digital Forensics
 Digital forensics is about the investigation of Cyber crime
 Follows the procedures established for Forensic medicine
 The steps include the following:
- When a computer crime occurs, law enforcement officials
-
who are cyber crime experts gather every piece of
evidence including information from the crime scene (i.e.
from the computer)
Gather profiles of terrorists
Use history information
Carry pout analysis
Digital Forensics - II
 Digital Forensics Techniques
- Intrusion detection
- Data Mining
- Analyzing log files
- Use criminal profiling and develop a psychological
profiling
- Analyze email messages
 Lawyers, Psychologists, Sociologists, Crime investigators
and Technologists have to worm together
 International Journal of Digital Evidence is a useful source
Steganography and Digital Watermarking
 Steganography is about hiding information within other
information
- E.g., hidden information is the message that terrorist may
be sending to their pees in different parts of the worlds
- Information may be hidden in valid texts, images, films
etc.
- Difficult to be detected by the unsuspecting human
 Steganalysis is about developing techniques that can analyze
text, images, video and detect hidden messages
- May use data mining techniques to detect hidden patters
 Steganograophy makes the task of the Cyber crime expert
difficult as he/she ahs to analyze for hidden information
- Communication protocols are being developed
Steganography and Digital Watermarking - II
 Digital water marking is about inserting information without
being detected for valid purposes
- It has applications in copyright protection
- A manufacturer may use digital watermarking to copyright
a particular music or video without being noticed
- When music is copies and copyright is violated, one can
detect two the real owner is by examining the copyright
embedded in the music or video
Risk Analysis
 Analyzing risks
- Before installing a secure system or a network one needs
to conduct a risk analysis study
- What are the threats? What are the risks?
 Various types of risk analysis methods
Quantitative approach: Events are ranked in the order of
risks and decisions are made based on then risks
Qualitative approach: estimates are used for risks
 Security vs Cost
- If risks are high and damage is significant then it may be
worth the cost of incorporating security
- If risks and damage are not high, then security may be an
additional cost burden
-
Encryption:
Secure Web Service Architecture
Confidentiality, Authenticity, Integrity
BusinessEntity
<dsig:Signature>
tModel
Query
UDDI
BusinessService
PublisherAssertion
BusinessService
Service
requestor
Owner encrypts
documents with his/her
private key; Use of
Merkle Signatures for
further protection
Service
provider
BindingTemplate
Biometrics
 Early Identication and Authentication (I&A) systems, were
based on passwords
 Recently physical characteristics of a person are being sued
for identification
- Fingerprinting
- Facial features
- Iris scans
- Blood circulation
- Facial expressions
 Biometrics techniques will provide access not only to
computers but also to building and homes
 Other Applications
Biometric Technologies
 Pattern recognition
 Machine learning
 Statistical reasoning
 Multimedia/Image processing and management
 Managing biometric databases
 Information retrieval
 Pattern matching
 Searching
 Ontology management
 Data mining
Secure Biometrics
 Biometrics systems have to be secure
 Need to study the attacks for biometrics systems
 Facial features may be modified:
- E.g., One can access by inserting another person’s
features
Attacks on biometric databases is a major concern
 Challenge is to develop a secure biometric systems
- Policy, Model, Architecture
- Need to maintain privacy of the individuals as appropriate
-
Relationships between Dependability, Confidentiality,
Privacy, Trust
Privacy
Confidentiality
Dependability
Trust
Dependability: Security,
Privacy, Trust, Real-time
Processing, Fault Tolerance;
also sometimes referred to as
“Trustworthiness”
Confidentiality: Preventing the
release of unauthorized
information considered sensitive
Privacy: Preventing the release
of unauthorized information
about individuals considered
sensitive
Trust: Confidence one has that an individual will give him/her correct information
or an individual will protect sensitive information
Some Privacy concerns
 Medical and Healthcare
- Employers, marketers, or others knowing of private medical
concerns
 Security
- Allowing access to individual’s travel and spending data
- Allowing access to web surfing behavior
 Marketing, Sales, and Finance
- Allowing access to individual’s purchases
Data Mining as a Threat to Privacy
 Data mining gives us “facts” that are not obvious to human analysts



of the data
Can general trends across individuals be determined without
revealing information about individuals?
Data Mining is a critical application for National Security and
Intrusion Detection
Possible threats due to data mining:
Combine collections of data and infer information that is private
 Disease information from prescription data
 Military Action from Pizza delivery to pentagon
Need to protect the associations and correlations between the data
that are sensitive or private
-

Some Privacy Problems and Potential Solutions
 Problem: Privacy violations that result due to data mining
- Potential solution: Privacy-preserving data mining
 Problem: Privacy violations that result due to the Inference problem
- Inference is the process of deducing sensitive information from
the legitimate responses received to user queries
- Potential solution: Privacy Constraint Processing
 Problem: Privacy violations due to un-encrypted data
- Potential solution: Encryption at different levels
 Problem: Privacy violation due to poor system design
- Potential solution: Develop methodology for designing privacyenhanced systems
Some Directions:
Privacy Preserving Data Mining
 Prevent useful results from mining
- Introduce “cover stories” to give “false” results
- Only make a sample of data available so that an adversary is
unable to come up with useful rules and predictive functions
 Randomization
- Introduce random values into the data and/or results
- Challenge is to introduce random values without significantly
affecting the data mining results
- Give range of values for results instead of exact values
 Secure Multi-party Computation
- Each party knows its own inputs; encryption techniques used to
compute final results
Platform for Privacy Preferences (P3P):
What is it?
 P3P is an emerging industry standard that enables web sites
t9o express their privacy practices in a standard format
 The format of the policies can be automatically retrieved and
understood by user agents
 It is a product of W3C; World wide web consortium
www.w3c.org
 When a user enters a web site, the privacy policies of the web
site is conveyed to the user
 If the privacy policies are different from user preferences, the
user is notified
 User can then decide how to proceed
 Being Adopted by the Semantic Web Community
Layered Architecture for Dependable
Semantic Web
0Adapted from Tim Berners Lee’s description of the Semantic Web
S
E
C
U
R
I
T
Y
P
R
I
V
A
C
Y
Logic, Proof and Trust
Rules/Query
RDF, Ontologies
Other
Services
XML, XML Schemas
URI, UNICODE
0 Some Challenges: Interoperability between Layers; Security and
Privacy cut across all layers; Integration of Services; Composability
Rule Processing
Technology
By W3C
Interface to the Semantic Web
Inference Engine/
Rules Processor
Policies
Ontologies
Rules
Semantic Web
Engine
XML, RDF
Documents
Web Pages,
Databases
Vision for Cyber Security:
Securing the Semantic Web
Core Semantic Web Technologies:
Systems, Networks, Agents, AI, Machine
Learning, Data Mining, Languages, Software
Engineering, Information Integration
Need research to bring together the above
technologies
Directions:
Security/Trust/Privacy,
Integrate sensor
technologies, Pervasive
computing, Social impact
Domain specific
semantic webs:
DoD, Intelligence,
Medical, Treasury,- - -
0 Some Challenges: Secure Semantic Interoperability; Secure
Information Integration; Integrating Pervasive computing and sensors