Data and Applications Security Developments and Directions

Slides:



Advertisements
Similar presentations
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Secure Knowledge Management: and.
Advertisements

Building Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Semantic web technologies for secure interoperability and.
Introduction to Data, Information and Knowledge Management Dr. Bhavani Thuraisingham The University of Texas at Dallas Data, Information and Knowledge.
Data Management Information Management Knowledge Management Data and Applications Security Challenges Bhavani Thuraisingham October 2006.
Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Inference Problem - II.
1 By Paul Murray Claire McQuade Kashif Rafiq David Miller.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January.
Information and Security Analytics Lecture #1 Unit #1: Data Management: Overview Dr. Bhavani Thuraisingham May 27, 2010.
Dr. Bhavani Thuraisingham September 2006 Building Trustworthy Semantic Webs Lecture #5 ] XML and XML Security.
Dr. Bhavani Thuraisingham September 24, 2008 Building Trustworthy Semantic Webs Lecture #9: RDF and RDF Security.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Security for Distributed Data Management.
Lecturer : Assoc. Prof. Dang Tran Khah Presenter: Tran Thach Lam 1.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #3 Access Control in Data.
Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Inference Problem March 4, 2011.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Supporting Technologies.
Erik Jonsson School of Engineering and Computer Science The University of Texas at Dallas Cyber Security Research on Engineering Solutions Dr. Bhavani.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Security for Distributed Data Management.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #2 Supporting Technologies:
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #11 Secure Heterogeneous.
CHAPTER 25 - Distributed Databases and Client–Server Architectures
Data and Applications Security Developments and Directions
REV 00 Chapter 2 Database Environment DDC DATABASE SYSTEM.
Data and Applications Security
REV 00 Chapter 2 Database Environment DDC DATABASE SYSTEM.
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Building Trustworthy Semantic Webs
Distributed Databases
Data and Applications Security
Introduction to Data, Information and Knowledge Management
Data and Applications Security Developments and Directions
Distributed Databases
Information and Security Analytics
Analyzing and Securing Social Networks
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Building Trustworthy Semantic Webs
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Access Control in Data Management Systems
Data and Applications Security Developments and Directions
Trustworthy Semantic Web
Distributed Database Management System
Data and Applications Security
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security
Data and Applications Security Developments and Directions
Data and Applications Security
Presentation transcript:

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Security for Distributed Data Management Lecture #9 February 13, 2006

Outline Distributed Database Systems Architecture, Data Distribution, Functions Security Issues Discretionary Security, Multilevel Security Secure Heterogeneous and Federated Systems Some Comments Assumption: Network is secure; focusing on securing the data

Distributed Architecture Communication Network Distributed Processor 1 DBMS 1 Data- base 1 base 3 base 2 DBMS 2 DBMS 3 Processor 2 Processor 3 Site 1 Site 2 Site 3

Data Distribution S I T E 1 E M P 1 D E P T 1 S S # N a m e S a l a r y D # D # D n a m e M G R 1 J o h n 2 1 1 C . S c i . J a n e 2 P a u l 3 2 3 J a m e s 4 2 3 E n g l i s h D a v i d 4 J i l l 5 2 5 M a r y 6 1 4 F r e n c h P e t e r 6 J a n e 7 2 S I T E 2 E M P 2 D E P T 2 S S # N a m e S a l a r y D # D # D n a m e M G R 9 M a t h e w 7 5 5 M a t h J o h n 7 D a v i d 8 3 P h y s i c s P a u l 8 P e t e r 9 4 2

Distributed Database Functions Distributed Query Processing Optimization techniques across the databases Distributed Transaction Management Techniques for distributed concurrency control and recovery Distributed Metadata Management Techniques for managing the distributed metadata Distributed Security/Integrity Maintenance Techniques for processing integrity constraints and enforcing access control rules across the databases

Secure Distributed Architecture

Discretionary Security Mechanism

Security Policy Integration

Views for Security

Secure Distributed Database Functions

Architecture for Multilevel Security

Multilevel Distributed Data Model

MLS/DDBMS Functions

Distributed Inference Controller

Interoperability of Heterogeneous Database Systems Database System A Database System B (Relational) (Object- Oriented) Network Transparent access to heterogeneous databases - both users and application programs; Query, Transaction processing Database System C (Legacy)

Technical Issues on the Interoperability of Heterogeneous Database Systems Heterogeneity with respect to data models, schema, query processing, query languages, transaction management, semantics, integrity, and security policies Federated database management Collection of cooperating, autonomous, and possibly heterogeneous component database systems, each belonging to one or more federations Interoperability based on client-server architectures

Federated Database Management Database System A Database System B Federation F1 Cooperating database systems yet maintaining some degree of autonomy Federation F2 Database System C

Schema Integration and Transformation in a Federated Environment Component Schema for Component A for Component B for Component C Generic Schema Export Schema Export Schema I Federated Schema for FDS - 1 for FDS - 2 External Schema 1.2 Schema 2.1 Schema 2.2 Schema 1.1 Export Schema II Adapted from Sheth and Larson, ACM Computing Surveys, September 1990

Client-Server Architecture: Example from Vendor A Client from Vendor B Network Server from Vendor C Server from Vendor D Database Database

Security Issues Transforming secure data models Secure architectures: Heterogeneous and federated data management Security impact on schema/data/policy integration Incomparable/Overlapping security levels Inference Control Secure client-server computing

Transforming Secure Data Models EMP: Level = Secret SS# Ename Salary D# 1 John 20K 10 2 Paul 30K 20 3 Mary 40K Class EMP is Secret It has 3 instances: John, Paul and Mary DEPT Class DEPT is Unclassified It has 2 instances Math and Physics Math is Unclassified Physics is Confidential Level D# Dname Mgr 10 Math Smith U 20 Physics Jones C

Security Architecture: Heterogeneous data management

Security Architecture: Federated data management

Federated Data and Policy Management Data/Policy for Federation Export Export Data/Policy Data/Policy Export Data/Policy Component Component Data/Policy for Data/Policy for Agency A Agency C Component Data/Policy for Agency B

Incomparable Security Levels

Overlapping Security Levels

Inference Control

Secure Client-Server Computing

Comments Techniques for centralize data management have to be extended for a distributed/heterogeneous/federated environment Access control enforced across databases Inference control across databases Web will continue to impact the development of secure distributed data managers Network security is critical