Introduction - The University of Texas at Dallas
Download
Report
Transcript Introduction - The University of Texas at Dallas
Data and Applications Security
Developments and Directions
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Introduction to the Course
August 30, 2013
Objective of the Unit
This unit provides an overview of the course. The course describes
concepts, developments, challenges, and directions in data and
applications security. Topics include
- database security, distributed data management security, object
security, data warehouse security, data mining for security
applications, privacy, secure semantic web, secure digital
libraries, secure knowledge management and secure sensor
information management, biometrics
Outline of the Unit
Outline of Course
Course Work
Course Rules
Contact
Appendix
Outline of the Course
Unit #1: Introduction to Data and Applications
Part I: Background
- Unit #2: Data Management
- Unit #3: Information Security
- Unit #4: Information Management
Part II: Discretionary Security
- Unit #5: Concepts
- Unit #6: Policy Enforcement
Part III: Mandatory Security
- Unit #7: Concepts
- Unit #8: Architectures
including Semantic Web
Outline of the Course (Continued)
Part IV: Secure Relational Data Management
- Unit #9: Data Model
- Unit #10: Functions
- Unit #11: Prototypes and Products
Part V: Inference Problem
- Unit #12: Concepts
- Unit #13: Constraint Processing
- Unit #14: Conceptual Structures
Part VI: Secure Distributed Data Management
- Unit #15: Secure Distributed data management
- Unit #16: Secure Heterogeneous Data Integration
- Unit #17: Secure Federated Data Management
Outline of the Course (Continued)
Part VII: Secure Object Data Management
-
Unit #18: Secure Object Management
Unit #19: Secure Distributed Objects and Modeling Applications
Unit #20: Secure Multimedia Systems
Part VIII: Data Warehousing, Data Mining and Security
-
Unit #21: Secure Data Warehousing
Unit #22: Data Mining for Security Applications
Unit #23: Privacy
Additional Lectures:
Insider Threat Detection
Reactively Adaptive Malware
Outline of the Course (Continued)
Part IX: Secure Information Management (Oct 25, Nov 1, Nov 8)
-
Unit #24: Secure Digital Libraries
Unit #25: Secure Semantic Web (web services, XML security)
Unit #26: Secure Information and Knowledge Management
Additional Topics
Secure Web Services and identity management
Social Network Security and Privacy
Secure cloud computing and secure cloud query processing
Part X: Dependable data management and forensics (Nov 15)
-
Unit #27: Secure Dependable Data Management
Unit #28: Secure Sensor and Wireless Data Management
Unit #29: Other Technologies, e.g., digital forensics, biometrics, etc.
Outline of the Course (Continued)
Part XI: Emerging Technologies (November 22)
-
TBD
Unit #30 Conclusion to the Course
Tentative Schedule
August 30: Introduction
September 6: Policies and Access Control
September 13: Multilevel Data Management
September 20: Inference Problem
September 27: Secure Distributed Data Management; Intro to Semantic Web
October 4: Secure Objects, Data Warehousing, Data Mining, Security
October 11: Data Mining for Malware Detection, Privacy, Review for Exam
October 18: Exam #1
October 25: Secure web services, Secure semantic web and XML security
November 1: Secure Cloud Computing
November 8: Secure Knowledge Management and Social Networking
November 15: Secure Dependable Data Management, Digital Forensics
November 22: Mobile phone security and special topics
November 29: Holiday
December 6: Selected project presentations and review
December 13: Exam #2: 11am – 1:45pm
Tentative Schedule (new dates in red)
Assignment #1 due date: September 20, 2013
Assignment #2: due date: September 27, 2013
Term paper #1: October 11, 2013
Exam #1: October 18, 2013
Assignment #3: October 25, 2013 (November 1, 2013)
Assignment #4: November 1: 2013 (November 8, 2013)
Term paper #2: November 8, 2013 (November 15, 2013)
Project: November 22, 2013 (December 2, 2013)
Exam #2TBD
Course Work
Two term papers; each worth 8 points
Two exams each worth 24 points
Programming project worth 12 points
Four homework assignments each worth 6 points
Total 100 points
Course Book: Database and Applications Security:
Integration Data Management and Information Security,
Bhavani Thuraisingham, CRC Press, 2005
Will also include papers as reading material
Some Topics for Papers: Any topic in data and
applications security
XML Security (will be discussed on October 25)
Inference Problem
Privacy
Secure Biometrics (after exam #1)
Intrusion Detection
E-Commerce Security (will be discussed after exam #1)
Secure Sensor Information Management (after exam #1)
Secure Distributed Systems
Secure Semantic Web (after exam #1)
Secure Data Warehousing
Insider Threat Analysis
Secure Multimedia/geospatial Systems
Malware detection
Policies and access control
Designs of multilevel secure databases
Term Papers: Example Format
Abstract
Introduction
Background on the Topic
Survey of various techniques, designs etc, (e.g., access
control policies, inference control methods)
Analyze the techniques, designs etc. and give your opinions
Directions for further work
Summary and Conclusions
References
Term Papers: Example Format - II
Abstract
Introduction
Background on the Topic and Related Work
Discuss strengths and weaknesses of others’ work
Give your own design and say why it is better
Directions for further work
Summary and Conclusions
References
Project Report Format
Overview of the Project
Design of the System
Input/Output
Future Enhancements
References
Some Project Topics
Quivery Modification on XML Documents
Access control for web systems
Intrusion detection system
Access control for multimedia systems
- E.g., access control for image, video
Role-based access control system
Access control for object systems
Secure data warehouse
Course Rules
Course attendance is mandatory; unless permission is obtained
from instructor for missing a class with a valid reason
(documentation needed for medical emergency for student or a
close family member – e.g., spouse, parent, child). Attendance will
be collected every lecture. 3 points will be deducted out of 100 for
each lecture missed without approval.
Each student will work individually
Late assignments will not be accepted. All assignments have to be
turned in just after the lecture on the due date
No make up exams unless student can produce a medical certificate
or give evidence of close family emergency
Copying material from other sources will not be permitted unless the
source is properly referenced
Any student who plagiarizes from other sources will be reported to
the appropriate UTD authroities
Assignment #1, 2, 3, 4
Assignment #1: Posted in Lecture 8
Assignment #2 Posted in Lecture 11
Assignment #3: Posted in Lecture 19
Assignment #4: Posted in Lecture 24
Papers to Read for Exam #1
- RBAC: Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein,
-
-
Charles E. Youman: Role-Based Access Control Models. IEEE
Computer 29(2): 38-47 (1996)
UCON: Jaehong Park, Ravi S. Sandhu: The UCONABC usage
control model. ACM Trans. Inf. Syst. Secur. 7(1): 128-174
(2004) - first 20 pages
DCON: Roshan K. Thomas, Ravi S. Sandhu: Towards a Multidimensional Characterization of Dissemination Control.
POLICY 2004: 197-200 (IEEE)
Bhavani M. Thuraisingham: Mandatory Security in ObjectOriented Database Systems. OOPSLA 1989: 203-210
Bhavani M. Thuraisingham, William Ford: Security Constraints
in a Multilevel Secure Distributed Database Management
System. IEEE Trans. Knowl. Data Eng. 7(2): 274-293 (1995)
(distributed inference control)
Papers to Read for Exam #1
- Rakesh Agrawal, Ramakrishnan Srikant: Privacy-Preserving
-
-
Data Mining. SIGMOD Conference 2000: 439-450
Elisa Bertino, Bhavani M. Thuraisingham, Michael
Gertz, Maria Luisa Damiani: Security and privacy for
geospatial data: concepts and research directions. SPRINGL
2008: 6-19
Mohammad M. Masud, Latifur Khan, Bhavani M.
Thuraisingham: A Hybrid Model to Detect Malicious
Executables. ICC 2007: 1443-1448
Pallabi Parveen, Nate McDaniel, Varun S. Hariharan, Bhavani
M. Thuraisingham, Latifur Khan: Unsupervised Ensemble
Based Learning for Insider Threat
Detection SocialCom/PASSAT 2012: 718-727
Bhavani M. Thuraisingham: Data Mining, National Security,
Privacy and Civil Liberties. SIGKDD Explorations 4(2): 1-5
(2002)
Suggested papers for Malware detection
- Mohammad M. Masud, Latifur Khan, Bhavani M. Thuraisingham: EMail Worm Detection Using Data Mining. IJISP 1(4): 47-61 (2007)
- Mohammad M. Masud, Latifur Khan, Bhavani M.
Thuraisingham, Xinran Wang, Peng Liu, Sencun Zhu: Detecting
Remote Exploits Using Data Mining. IFIP Int. Conf. Digital Forensics
2008: 177-189
- Latifur Khan, Mamoun Awad, Bhavani M. Thuraisingham: A new
intrusion detection system using support vector machines and
hierarchical clustering. VLDB J. 16(4): 507-521 (2007)
Index to Lectures for Exam #1
Introduction to course
Lecture 1: Introduction to data and applications security
Lecture 2: Cyber security modules (extra credit)
Lecture 3: Access control
Lecture 4: Malware (extra credit)
Lecture 5: Data Mining (will not be included)
Lecture 6: Data and application development security
Lecture 7: Multilevel secure data management
Lecture 8: Assignment #1
Lecture 9: Inference problem – 1
Lecture 10: Inference problem – 2
Lecture 11: Assignment #2
Index to Lectures for Exam #1
Lecture 12: Unsupervised ensemble based learning for
insider threat
Lecture 13: Secure distributed data management (will
include information sharing)
Lecture 14: Intro to semantic web (not included in exam)
Lecture 15: Secure object
Lecture 16: Data warehouse, data mining security
Lecture 17: Data mining for malware detection
Lecture 18: Privacy
Lecture 19: Assignment #3
Note: Inference problem or secure distributed data will also
distributed inference control
Papers to Read for Exam #2 (Cloud)
- Bhavani M. Thuraisingham, Vaibhav Khadilkar, Anuj Gupta, Murat
-
-
Kantarcioglu, Latifur Khan: Secure data storage and retrieval in
the cloud. CollaborateCom 2010:1-8 (Relational HIVE + XACML)
Mohammad Farhan Husain, Latifur Khan, Murat
Kantarcioglu, Bhavani M. Thuraisingham:Data Intensive Query
Processing for Large RDF Graphs Using Cloud Computing
Tools.IEEE CLOUD 2010: 1-10 (background paper, not for
exam))
Arindam Khaled, Mohammad Farhan Husain, Latifur Khan, Kevin
W. Hamlen, Bhavani M. Thuraisingham: A Token-Based Access
Control System for RDF Data in the Clouds.CloudCom 2010:
104-111 (RDF + XACML))
Tyrone Cadenhead, Murat Kantarcioglu, Vaibhav
Khadilkar, Bhavani M. Thuraisingham: Design and Implementation
of a Cloud-Based Assured Information Sharing System. MMMACNS 2012:36-50 (RDF Only for data and policies)
Papers to Read for Exam #2 (Misc)
- Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M.
-
-
Thuraisingham, Amar Gupta: Selective and Authentic ThirdParty Distribution of XML Documents. IEEE Trans. Knowl.
Data Eng. 16(10): 1263-1278 (2004) (October 25/Nov 1) – the
proofs are not necessary – up to section 6
Elisa Bertino, Latifur R. Khan, Ravi S. Sandhu, Bhavani M.
Thuraisingham: Secure knowledge management:
confidentiality, trust, and privacy. IEEE Transactions on
Systems, Man, and Cybernetics, Part A (TSMC) 36(3):429-438
(2006)
David W. Chadwick, George Inman: Attribute Aggregation in
Federated Identity Management. IEEE Computer 42(5): 3340 (2009) (November 1, 2013)
Jungin Kim, Bhavani M. Thuraisingham: Dependable and
Secure TMO Scheme. ISORC 2006: 133-140
Papers to Read for Exam #2 (Social Networks)
- Barbara Carminati, Elena Ferrari, Raymond Heatherly, Murat
-
Kantarcioglu,Bhavani M. Thuraisingham: A semantic web
based framework for social network access control. SACMAT
2009:177-186
Raymond Heatherly, Murat Kantarcioglu, Bhavani M.
Thuraisingham: Preventing Private Information Inference
Attacks on Social Networks. IEEE Trans. Knowl. Data Eng.
(TKDE) 25(8):1849-1862 (2013) (just understand the basic
concepts in this paper; math detailed are not necessary)
Some Suggested Papers
(Not included for Exam #2)
- Tyrone Cadenhead, Vaibhav Khadilkar, Murat Kantarcioglu, Bhavani
M. Thuraisingham: Transforming provenance using
redaction. SACMAT 2011:93-102
- Tyrone Cadenhead, Vaibhav Khadilkar, Murat Kantarcioglu, Bhavani
M. Thuraisingham: A language for provenance access
control. CODASPY 2011:133-144
- Timothy W. Finin, Anupam Joshi, Lalana Kagal, Jianwei Niu, Ravi S.
Sandhu, William H. Winsborough, Bhavani M. Thuraisingham:
ROWLBAC: representing role based access control inOWL. SACMAT
2008:73-82
- Secure Biometrics
- http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.71.811
0&rep=rep1&type=pdf
Index to Lectures for Exam #2
Lecture 20 – Secure web services
Lecture 21 – Trustworthy semantic web
Lecture 22 – Secure third party publication
Lecture 23 – Secure Cloud
Lecture 24 – Assignment #4
Lecture 25 – Data intensive query processing + security
Lecture 26 – Attribute aggregation in federated identity
Lecture 27 – Secure knowledge management
Lecture 28 – Semantic web and social networks
Lecture 29 – Security and privacy for social networks
Lecture 30 – Virtualization and security
Lecture 31 – Secure Dependable data management
Index to Lectures for Exam #2
Lecture 32 - Hadoop/MapReduce
Lecture 33 – Digital Forensics / Biometrics
Lecture 34 – Cloud-based Assured Information Sharing
Lecture 35 – ROWLBAC = RBAC + OWL
Lecture 36 – Data Provenance
Lecture 37 – Database Vulnerabilities
Lecture 38 – Data, Information and Knowledge Management
Lecture 39 – Big Data, No-SQL
Lecture 40 – Mission Assurance – Building Trusted
Applications from Untrusted Systems
Contacts: Instructor
- Dr. Bhavani Thuraisingham
- Louis Beecherl Distinguished Professor of Computer Science
- Executive Director of the Cyber Security Research and
Education Institute
- Erik Jonsson School of Engineering and Computer Science
- The University of Texas at Dallas Richardson, TX 75080
- Phone: 972-883-4738
- Fax: 972-883-2399
- Email: [email protected]
- URL:http://www.utdallas.edu/~bxt043000/
Contacts: Teaching Assistant
Mohammed Iftekhar
[email protected]
Teaching Assistant
Computer Science
PhD, Computer Science
Erik Jonsson Sch of Engr & Com