Transcript Example: Data Mining for the NBA - The University of Texas at Dallas

Data and Applications Security
Developments and Directions
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Introduction to the Course
August 24, 2009
Objective of the Unit
 This unit provides an overview of the course. The course describes
concepts, developments, challenges, and directions in data and
applications security. Topics include
- database security, distributed data management security, object
security, data warehouse security, data mining for security
applications, privacy, secure semantic web, secure digital
libraries, secure knowledge management and secure sensor
information management, biometrics
Outline of the Unit
 Outline of Course
 Course Work
 Course Rules
 Contact
 Appendix
Outline of the Course
 Unit #1: Introduction to Data and Applications
 Part I: Background
- Unit #2: Data Management
- Unit #3: Information Security
- Unit #4: Information Management
 Part II: Discretionary Security
- Unit #5: Concepts
- Unit #6: Policy Enforcement
 Part III: Mandatory Security
- Unit #7: Concepts
- Unit #8: Architectures
Outline of the Course (Continued)
 Part IV: Secure Relational Data Management
- Unit #9: Data Model
- Unit #10: Functions
- Unit #11: Prototypes and Products
 Part V: Inference Problem
- Unit #12: Concepts
- Unit #13: Constraint Processing
- Unit #14: Conceptual Structures
 Part VI: Secure Distributed Data Management
- Unit #15: Secure Distributed data management
- Unit #16: Secure Heterogeneous Data Integration
- Unit #17: Secure Federated Data Management
Outline of the Course (Continued)

Part VII: Secure Object Data Management
-
Unit #18: Secure Object Management
Unit #19: Secure Distributed Objects and Modeling Applications
Unit #20: Secure Multimedia Systems
MIDTERM

Part VIII: Data Warehousing, Data Mining and Security

(Oct 19-Oct 26)

Unit #21: Secure Data Warehousing
Unit #22: Data Mining for Security Applications
Unit #23: Privacy
Part IX: Secure Information Management
-
Unit #24: Secure Digital Libraries (Nov 9, 11)
Unit #25: Secure Semantic Web (web services, XML security) (Oct 28, Nov 2, Nov 4)
Unit #26: Secure Information and Knowledge Management
Outline of the Course (Continued)
 Part X: Emerging Technologies
- Unit #27: Secure Dependable Data Management (Nov 16)
- Unit #28: Secure Sensor and Wireless Data Management
- Unit #29: Other Emerging Technologies (Nov 18)
- Extra Topics (Nov 23, 25)

Social network
 Unit #30 Conclusion to the Course
 Guest Lectures Some guest lectures may be included
 Some other topics (Nov 30)
 Review for finals (Dec 2)
Course Work
 Three term papers; each worth 9 points
 Two exams each worth 15 points
- Mid-term and Final exams
 Programming project worth 15 points
- Due day; the day of the final exam
 Four homework assignments each worth 7 points
- Due dates: will be announced
 Total 100 points
 Course Book: Database and Applications Security:
Integration Data Management and Information Security,
Bhavani Thuraisingham, CRC Press, 2005
 Will also include papers as reading material
Some Topics for Papers
 XML Security
 Inference Problem
 Privacy
 Secure Biometrics
 Intrusion Detection
 E-Commerce Security
 Secure Sensor Information Management
 Secure Distributed Systems
 Secure Semantic Web
 Secure Data Warehousing
 Insider Threat Analysis
 Secure Multimedia Systems
Term Papers: Example Format
 Abstract
 Introduction
 Background on the Topic
 Survey of various techniques, designs etc,
 Analyze the techniques, designs etc. and give your opinions
 Directions for further work
 Summary and Conclusions
 References
Term Papers: Example Format - II
 Abstract
 Introduction
 Background on the Topic and Related Work
 Discuss strengths and weaknesses of your work and others’
work
 Give your own design
 Directions for further work
 Summary and Conclusions
 References
Project Report Format
 Overview of the Project
 Design of the System
 Input/Output
 Future Enhancements
 References
Some Project Topics
 Quivery Modification on XML Documents
 Access control for web systems
 Intrusion detection system
 Access control for multimedia systems
- E.g., access control for image, video
 Role-based access control system
 Access control for object systems
 Secure data warehouse
Course Rules
 Unless special permission is obtained from the instructor, each
student will work individually
 Late assignments will not be accepted. All assignments have to be
turned in just after the lecture on the due date
 No make up exams unless student can produce a medical certificate
or give evidence of close family emergency
 Copying material from other sources will not be permitted unless the
source is properly referenced
 Any student who plagiarizes from other sources will be reported to
the Computer Science department and any other committees as
advices by the department
 Students must attend every class. If a student is unable to attend,
approval from the instructor is needed unless it is an emergency. If
this is no followed, a student can either be dismissed from class or
points deducted from the scores. Exact policy will be announced by
August 31 in class
Contact
 For more information please contact
- Dr. Bhavani Thuraisingham
- Professor of Computer Science and
- Director of Cyber Security Research Center Erik Jonsson School
of Engineering and Computer Science EC31, The University of
Texas at Dallas Richardson, TX 75080
- Phone: 972-883-4738
- Fax: 972-883-2399
- Email: [email protected]
- URL:http://www.utdallas.edu/~bxt043000/
Due Dates of Assignments/Term papers, etc.
September 2, 2009, Updated Oct 7, October 19
 Assignment #1: September 14, 2009
 Term Paper #1: September 21, 2009
 Assignment #2 will be given on September 14, 2009 and due date is
September 28, 2009
- Assignment #2 was given on Sept 30th and due date is October 12th
 Mid-term exam – either October 5 or October 14
- Exam is October 14
 Term Paper #2 is due: Due November 2, Due November 9th
 Term Paper #3: November 25
 Assignment #3: Given Oct 12th , Due Oct 26th (Given Oct 19, Due Nov 4)
 Assignment #4: Given November 16, Due November 23rd
 Final exam – will be determined around September 14: December 7th
 Programming project: December 2nd
New Policy: Effective October 7, 2009
 A student must inform me if he/she is missing a class ahead
of time
 Otherwise the student must have a valid reason such as
emergency illness. The student must then present a medical
certificate from his/her physician
 If a student misses class without a valid reason and/or does
not inform me ahead of time, then for each class missed, the
student has to write an extra term paper.
 If the student does not write this term paper, or the term paper
is not of the quality of the regular term paper the student
submits, then 4 points will be detected from the final score for
each term paper not written for missing a class.
Papers to Read for Mid-term exam
-
Vijayalakshmi Atluri, Soon Ae Chun: An Authorization Model for Geospatial Data. IEEE Trans. Dependable
Sec. Comput. 1(4): 238-254 (2004)
-
Elisa Bertino, Bhavani M. Thuraisingham, Michael Gertz, Maria Luisa Damiani: Security and privacy for
geospatial data: concepts and research directions. SPRINGL 2008:6-19
-
RBAC: Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, Charles E. Youman: Role-Based Access Control
Models. IEEE Computer 29(2): 38-47 (1996)
-
UCON: Jaehong Park, Ravi S. Sandhu: The UCONABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1):
128-174 (2004) - first 20 pages
-
DCON: Roshan K. Thomas, Ravi S. Sandhu: Towards a Multi-dimensional Characterization of Dissemination
Control. POLICY 2004: 197-200 (IEEE)
-
Bhavani M. Thuraisingham, William Ford: Security Constraints in a Multilevel Secure Distributed Database
Management System. IEEE Trans. Knowl. Data Eng. 7
-
Bhavani M. Thuraisingham: Mandatory Security in Object-Oriented Database Systems. OOPSLA 1989: 203-210
TNL: an XML-based language for trust negotiations
Bertino, E.; Ferrari, E.; Squicciarini, A.; Policies for Distributed Systems and Networks, 2003. Proceedings.
POLICY 2003. IEEE 4th International Workshop on, IEEE
Papers to Read for Exam #2
- Barbara Carminati, Elena Ferrari, Raymond Heatherly, Murat
Kantarcioglu, Bhavani M. Thuraisingham: A semantic web based
framework for social network access control. SACMAT 2009: 177186
- Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M.
Thuraisingham, Amar Gupta: Selective and Authentic Third-Party
Distribution of XML Documents. IEEE Trans. Knowl. Data Eng.
16(10): 1263-1278 (2004)