Transcript Example: Data Mining for the NBA - The University of Texas at Dallas

Information Security Analytics
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Introduction to the Course
Course Outline
 June 1: Introduction to Security, Data and Applications Security
 June 8: Security Governance and Risks / Data mining overview
 June 15: Access Control / Access control and policy for data
management
 June 22: Security architecture / Access control for web services and
the cloud
 June 29: Cryptography / Secure XML Publishing
 July 6: Network Security / Physical Security /Review for exam
 July 13: Exam #1
 July 20: Applications Security / Secure Data Architectures; Insider
Threat Detection/
 July 27: Legal Aspects, Forensics
 August 3: Operations Security, Disaster Planning
 August 10: Special Topics, Exam #2
Text Book
 CISSP All-in-One Exam Guide, Fifth Edition
 Author: Shon Harris
 Hardcover: 1216 pages
 Publisher: McGraw-Hill Osborne Media; 5 edition (January 15, 2010)
 Language: English
 ISBN-10: 0071602178
 ISBN-13: 978-0071602174
Course Rules
 Unless special permission is obtained from the instructor, each
student will work individually.
 Copying material from other sources will not be permitted unless the
source is properly referenced.
 Any student who plagiarizes from other sources will be reported to
the Computer Science department and any other committees as
advised by the department
 No copying of anything from a paper except for about 10 words in
quotes. No copying of figure even if it is attributed. You have to draw
all figures.
 COURSE ATTENDANCE IS MANDATORY
Course Plan
 Exam #1: 20 points – July 13
 Exam #2: 20 points - August 10
 Two term papers 10 points each: Total 20 points
- July 6, July 27
 Programming project : 20 points
- August 3
 Two Assignments: 10 points each: Total: 20 points
- June 30 – July3, July 20
Assignment #1
 Explain with examples the following
- Discretionary access control
- Mandatory access control
- Role-based access control (RBAC)
- Privacy aware role based access control
- Temporal role based access control
- Risk aware role-based access control
- Attribute-based access control
- Usage control (UCON)
Term Paper #1
 Write paper on Identity Management for Cloud Computing
- Identity Management
- Cloud Computing security challenges
- Apply identity management to cloud computing
- Directions
Assignment #2
 Suppose you are give the assignment of the Chief Security Officer of
a major bank (e.g., Bank of America) or a Major hospital (e.g.,
Massachusetts General)
 Discuss the steps you need to take with respect to the following (you
need to keep the following in mining: Confidentiality, Integrity and
Availability;; you also need to understand the requirements of
banking or healthcare applications and the policies may be:
- Information classification
- Risk analysis
- Secure networks
- Secure data management
- Secure applications
Term Paper #2
 Write paper on any topic discussed in class (that is, any of the 10
CISSP modules)
Contact
 For more information please contact
- Dr. Bhavani Thuraisingham
- Professor of Computer Science and
- Director of Cyber Security Research Center Erik Jonsson School
of Engineering and Computer Science EC31, The University of
Texas at Dallas Richardson, TX 75080
- Phone: 972-883-4738
- Fax: 972-883-2399
- Email: [email protected]
- URL:
- http://www.utdallas.edu/~bxt043000/
Project
 Software
 Design document
- Project description
- Architecture (prefer with a picture) and description (software –
e.g., Oracle, Jena etc.)
- Results
- Analysis
- Potential improvements
- References
Paper: Original – you can use material from
sources, reword (redraw) and give reference
 Abstract
 Introduction
 Body of the paper
- Comparing different approaches and analyzing
- Discuss your approach,
- Survey
 Conclusions
 References
- ([1]. [2], - - -[THUR99].
- Embed the reference also within the text.
- E.g., Tim Berners Lee has defined the semantic web to be -[2].
--
Index to Exam #1
 Lecture 1: Introduction to Info Systems Security
 Lecture 2: Data Mining for Malware Detection* (1)
 Lecture 3: Governance and Risk ** (2)
 Lecture 4: Data Mining Overview
 Lecture 5: Access Control* (1)
 Lecture 6: Access Control and Policy for data * (1)
 Lecture 7: Security Architecture* (1)
 Lecture 8: Secure Web Services* (1)
 Lecture 9: Secure Cloud* (1)
 Lecture 10: Cryptography* (1)
 Lecture #11: Secure publication of XML data * (1)
Extra credit: One or two questions on any one of the above
Papers to Read for Exam #1
 Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M.
Thuraisingham, Amar Gupta: Selective and Authentic Third-Party
Distribution of XML Documents. IEEE Trans. Knowl. Data Eng.
16(10): 1263-1278 (2004)
 Expert on Cloud technologies
 Vaibhav Khadilkar
 [email protected]
Index to Exam #2
 Lecture 12: Network Security
 Lecture 13: Physical Security
 Lecture 14: Assured Cloud Computing (extra credit)
 Lecture 15: Data and Applications Security
 Lecture 16: Multilevel Secure Data Management
 Lecture 17: Insider Threat
 Lecture 18: Business Continuity Planning
 Lecture 19: Operations Security
 Lecture 20: Legal Aspects
 Lecture 21 Digital Forensics
 Lecture 22: Privacy
 Lecture 23: NIST/NVD Lecture (extra credit)