Example: Data Mining for the NBA - The University of Texas at Dallas

Download Report

Transcript Example: Data Mining for the NBA - The University of Texas at Dallas

Data and Applications Security
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Lecture #1
Introduction to Data and Applications Security
August 29, 2014
Outline
 Data and Applications Security
-
Developments and Directions
 Secure Semantic Web
-
XML Security; Other directions
 Some Emerging Secure DAS Technologies
-
Secure Sensor Information Management; Secure Dependable
Information Management
 Some Directions for Privacy Research
-
Data Mining for handling security problems; Privacy vs. National
Security; Privacy Constraint Processing; Foundations of the Privacy
Problem
 What are the Challenges?
Developments in Data and Applications
Security: 1975 - Present
 Access Control for Systems R and Ingres (mid 1970s)
 Multilevel secure database systems (1980 – present)
- Relational database systems: research prototypes and products;
Distributed database systems: research prototypes and some
operational systems; Object data systems; Inference problem
and deductive database system; Transactions
 Recent developments in Secure Data Management (1996 – Present)
- Secure data warehousing, Role-based access control (RBAC); Ecommerce; XML security and Secure Semantic Web; Data
mining for intrusion detection and national security; Privacy;
Dependable data management; Secure knowledge management
and collaboration
Developments in Data and Applications
Security: Multilevel Secure Databases - I
 Air Force Summer Study in 1982
 Early systems based on Integrity Lock approach
 Systems in the mid to late 1980s, early 90s
- E.g., Seaview by SRI, Lock Data Views by Honeywell, ASD and
ASD Views by TRW
- Prototypes and commercial products
- Trusted Database Interpretation and Evaluation of Commercial
Products
 Secure Distributed Databases (late 80s to mid 90s)
- Architectures; Algorithms and Prototype for distributed query
processing; Simulation of distributed transaction management
and concurrency control algorithms; Secure federated data
management
Developments in Data and Applications
Security: Multilevel Secure Databases - II
 Inference Problem (mid 80s to mid 90s)
- Unsolvability of the inference problem; Security constraint
processing during query, update and database design
operations; Semantic models and conceptual structures
 Secure Object Databases and Systems (late 80s to mid 90s)
- Secure object models; Distributed object systems security;
Object modeling for designing secure applications; Secure
multimedia data management
 Secure Transactions (1990s)
- Single Level/ Multilevel Transactions; Secure recovery and
commit protocols
Some Directions and Challenges for Data and
Applications Security - I
 Secure semantic web
- Security models
 Secure Information Integration
- How do you securely integrate numerous and
heterogeneous data sources on the web and otherwise
 Secure Sensor Information Management
- Fusing and managing data/information from distributed
and autonomous sensors
 Secure Dependable Information Management
- Integrating Security, Real-time Processing and Fault
Tolerance
 Data Sharing vs. Privacy
- Federated database architectures?
Some Directions and Challenges for Data and
Applications Security - II
 Data mining and knowledge discovery for intrusion detection
- Need realistic models; real-time data mining
 Secure knowledge management
- Protect the assets and intellectual rights of an organization
 Information assurance, Infrastructure protection, Access
Control
- Insider cyber-threat analysis, Protecting national databases,
Role-based access control for emerging applications
 Security for emerging applications
- Geospatial, Biomedical, E-Commerce, etc.
 Other Directions
- Trust and Economics, Trust Management/Negotiation, Secure
Peer-to-peer computing,
Coalition Data and Policy Sharing
Data/Policy for Federation
Export
Data/Policy
Export
Data/Policy
Export
Data/Policy
Component
Data/Policy for
Agency A
Component
Data/Policy for
Agency C
Component
Data/Policy for
Agency B
Other topics to be covered by course
 Secure Cloud Computing
 Secure Social Media
 Mobile code security
 Vulnerability Analysis
 Infrastructure security
 Healthcare Security
 Financial Security