Lecture12 - The University of Texas at Dallas

Download Report

Transcript Lecture12 - The University of Texas at Dallas

Trustworthy Semantic Web
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Inference Problem
February 2012
History
 Statistical databases (1970s – present)
 Inference problem in databases (early 1980s - present)
 Inference problem in MLS/DBMS (late 1980s – present)
 Unsolvability results (1990)
 Logic for secure databases (1990)
 Semantic data model applications (late 1980s - present)
 Emerging applications (1990s – present)
 Privacy (2000 – present)
Statistical Databases
 Census Bureau has been focusing for decades on statistical
inference and statistical database
 Collections of data such as sums and averages may be given out
but not the individual data elements
 Techniques include
- Perturbation where results are modified
- Randomization where random samples are used to compute
summaries
 Techniques are being used now for privacy preserving data mining
Security Constraints / Access Control Rules /
Policies
 Simple Constraint: John cannot access the attribute Salary of
relation EMP
 Content-based constraint: If relation MISS contains information
about missions in the Middle East, then John cannot access MISS
 Association-based Constraint: Ship’s location and mission taken
together cannot be accessed by John; individually each attribute can
be accessed by John
 Release constraint: After X is released Y cannot be accessed by
John
 Aggregate Constraint: Ten or more tuples taken together cannot be
accessed by John
 Dynamic Constraint: After the Mission, information about the
mission can be accessed by John
Security Constraints/Policies for Healthcare
 Simple Constraint: Only doctors can access medical records
 Content-based constraint: If the patient has Aids then this
information is private
 Association-based Constraint: Names and medical records taken
together is private
 Release constraint: After medical records are released, names
cannot be released
 Aggregate Constraint: The collection of patients is private,
individually public
 Dynamic Constraint: After the patient dies, information about him
becomes public
Inference Problem in MLS/DBMS
 Inference is the process of forming conclusions from premises
 If the conclusions are unauthorized, it becomes a problem
 Inference problem in a multilevel environment
 Aggregation problem is a special case of the inference
problem - collections of data elements is Secret but the
individual elements are Unclassified
 Association problem: attributes A and B taken together is
Secret - individually they are Unclassified
Revisiting Security Constraints / Policies
 Simple Constraint: Mission attribute of SHIP is Secret
 Content-based constraint: If relation MISSION contains information
about missions in Europe, then MISSION is Secret
 Association-based Constraint: Ship’s location and mission taken
together is Secret; individually each attribute is Unclassified
 Release constraint: After X is released Y is Secret
 Aggregate Constraint: Ten or more tuples taken together is Secret
 Dynamic Constraint: After the Mission, information about the
mission is Unclassified
 Logical Constraint: A Implies B; therefore if B is Secret then A must
be at least Secret
Enforcement of Security Constraints
User Interface Manager
Security
Constraints
Constraint
Manager
Query Processor:
Constraints during
query and release
operations
Update
Processor:
Database Design
Tool
Constraints during
database design
operation
Constraints
during
update
operation
Data Manager
Database
Query Algorithms
 Query is modified according to the constraints
 Release database is examined as to what has been released
 Query is processed and response assembled
 Release database is examined to determine whether the response
should be released
 Result is given to the user
 Portions of the query processor are trusted
Update Algorithms
 Certain constraints are examined during update operation
 Example: Content-based constraints
 The security level of the data is computed
 Data is entered at the appropriate level
 Certain parts of the Update Processor are trusted
Database Design Algorithms
 Certain constraints are examined during the database design time
- Example: Simple, Association and Logical Constraints
 Schema are assigned security levels
 Database is partitioned accordingly
 Example:
- If Ships location and mission taken together is Secret, then
SHIP (S#, Sname) is Unclassified,
LOC-MISS(S#, Location, Mission) is Secret
LOC(Location) is Unclassified
- MISS(Mission) is Unclassified
Example Security-Enhanced Semantic Web
Technology
to be developed
by project
Interface to the Security-Enhanced
Semantic Web
Inference Engine/
Inference Controller
Security Policies
Ontologies
Rules
Semantic Web
Engine
RDF, OWL
Documents
Web Pages,
Databases