1. Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #3 Supporting Technologies: Information Management and Information Security January 18, 2005

2. Part I: Information Management l This unit gives an overview of various information management technologies. These technologies make use of data management technologies

3. Outline of Part I l Information Management Framework l Information Management Overview l Some Information Management Technologies l Knowledge Management

4. Revisiting the DM/IM/KM Framework Information Management Database Systems Information Retrieval Data Warehouse Security Distributed and Heterogeneous Database Security Object Database Security Privacy Secure Knowledge Digital Forensics Web Sensor Database Security Relational Database Security Inference Problem Secure Information Management Technologies Data Mining And Security Database Security Dependable Information Management Knowledge Management Information and Computer Security BiometricsSecure Digital Libraries Information Management Database Systems Information Retrieval Data Warehouse Security Distributed/ Federated Data Security Object/Multimedia Security PrivacySecure Knowledge Digital Forensics Web Sensor Database Security Relational Database Security Inference Problem Secure Information Management Technologies Data Mining And Security Database Security Dependable Information Management Knowledge Management Information and Computer Security BiometricsSecure Semantic Web Information Management Database Systems Information Retrieval Data Warehouse Security Distributed and Heterogeneous Database Security Object Database Security Privacy Secure Knowledge Digital Forensics Web Sensor Database Security Relational Database Security Inference Problem Secure Information Management Technologies Data Mining And Security Database Security Dependable Information Management Knowledge Management Information and Computer Security BiometricsSecure Digital Libraries Information Management Database Systems Information Retrieval Data Warehouse Security Distributed/ Federated Data Security Object/Multimedia Security PrivacySecure Knowledge Digital Forensics Web Sensor Database Security Relational Database Security Inference Problem Secure Information Management Technologies Data Mining And Security Database Security Dependable Information Management Knowledge Management Information and Computer Security BiometricsSecure Semantic Web Information Management Database Systems Information Retrieval Data Warehouse Security Distributed and Heterogeneous Database Security Object Database Security Privacy Secure Knowledge Digital Forensics Web Sensor Database Security Relational Database Security Inference Problem Secure Information Management Technologies Data Mining And Security Database Security Dependable Information Management Knowledge Management Information and Computer Security BiometricsSecure Digital Libraries Data Management Technologies Heterogeneous Database Management Relational Database Systems Secure Database Systems Data Warehouse Systems Peer-to-Peer Information Management Multimedia Information System Knowledge Portals Knowledge Creation and Acquisition Knowledge Mining Web Sensor Information Management Data Mining Semantic Web Expert systems and Reasoning under uncertainty Knowledge Sharing Information Management Knowledge Manipulation Distributed Databases Object Database Knowledge Models Knowledge Representation Knowledge Management Technologies Information Management Technologies Each layer builds on the technologies of the lower layers

5. What is Information Management? l Information management essentially analyzes the data and makes sense out of the data l Several technologies have to work together for effective information management - Data Warehousing: Extracting relevant data and putting this data into a repository for analysis - Data Mining: Extracting information from the data previously unknown - Multimedia: managing different media including text, images, video and audio - Web: managing the databases and libraries on the web

6. Data Warehouse Oracle DBMS for Employees Sybase DBMS for Projects Informix DBMS for Medical Data Warehouse: Data correlating Employees With Medical Benefits and Projects Could be any DBMS; Usually based on the relational data model Users Query the Warehouse

7. Multidimensional Data Model

8. Data Mining Knowledge Mining Knowledge Discovery in Databases Data Archaeology Data Dredging Database Mining Knowledge Extraction Data Pattern Processing Information Harvesting Siftware The process of discovering meaningful new correlations, patterns, and trends by sifting through large amounts of data, often previously unknown, using pattern recognition technologies and statistical and mathematical techniques (Thuraisingham 1998)

9. Multimedia Information Management Video Source Scene Change Detection Speaker Change Detection Silence Detection Commercial Detection Key Frame Selection Story Segmentation Named Entity Tagging Broadcast News Editor (BNE) Broadcast News Navigator (BNN) Video and Metadata Multimedia Database Management System Web-based Search/Browse by Program, Person, Location,... Imagery Audio Closed Caption Text Segregate Video Streams Analyze and Store Video and Metadata Story GIST Theme Frame Classifier Closed Caption Preprocess Correlation Token Detection Broadcast Detection

10. Extracting Relations from Text for Mining: An Example Text Corpus Repository Concept Extraction Association Rule Product Goal: Find Cooperating/ Combating Leaders in a territory

11. Image Processing: Example: Change Detection: l Trained Neural Network to predict “new” pixel from “old” pixel - Neural Networks good for multidimensional continuous data - Multiple nets gives range of “expected values” l Identified pixels where actual value substantially outside range of expected values - Anomaly if three or more bands (of seven) out of range l Identified groups of anomalous pixels

12. Semantic Web 0 Some Challenges: Interoperability between Layers; Security and Privacy cut across all layers; Integration of Services; Composability XML, XML Schemas Rules/Query Logic, Proof and Trust TRUSTTRUST Other Services RDF, Ontologies URI, UNICODE PRIVACYPRIVACY 0 Adapted from Tim Berners Lee’s description of the Semantic Web

13. Semantic Web Technologies l Web Database/Information Management - Information retrieval and Digital Libraries l XML, RDF and Ontologies - Representation information l Information Interoperability - Integrating heterogeneous data and information sources l Intelligent agents - Agents for locating resources, managing resources, querying resources and understanding web pages l Semantic Grids - Integrating semantic web with grid computing technologies

14. Information Management for Collaboration

15. Some Emerging Information Management Technologies l Visualization - Visualization tools enable the user to better understand the information l Peer-to-Peer Information Management - Peers communicate with each other, share resources and carry out tasks l Sensor and Wireless Information Management - Autonomous sensors cooperating with one another, gathering data, fusing data and analyzing the data - Integrating wireless technologies with semantic web technologies

16. What is Knowledge Management? l Knowledge management, or KM, is the process through which organizations generate value from their intellectual property and knowledge-based assets l KM involves the creation, dissemination, and utilization of knowledge l Reference: http://www.commerce-database.com/knowledge- management.htm?source=google

17. Knowledge Management Components Components: Strategies Processes Metrics Cycle: Knowledge, Creation Sharing, Measurement And Improvement Technologies: Expert systems Collaboration Training Web Components of Knowledge Management: Components, Cycle and Technologies

18. IdentificationCreation Diffusion - Tacit, Explicit IntegrationModification Action Organizational Learning Process Metrics Source: Reinhardt and Pawlowsky Incentives also see: Tools in Organizational Learning http://duplox.wz-berlin.de/oldb/forslin.html

19. Part II: Information Security l This unit gives an overview of various information security technologies

20. Outline of Part II l Operating Systems Security l Network Security l Designing and Evaluating Systems l Web Security l Other Security Technologies

21. Operating System Security l Access Control - Subjects are Processes and Objects are Files - Subjects have Read/Write Access to Objects - E.g., Process P1 has read acces to File F1 and write access to File F2 l Capabilities - Processes must presses certain Capabilities / Certificates to access certain files to execute certain programs - E.g., Process P1 must have capability C to read file F

22. Mandatory Security l Bell and La Padula Security Policy - Subjects have clearance levels, Objects have sensitivity levels; clearance and sensitivity levels are also called security levels - Unclassified < Confidential < Secret < TopSecret - Compartments are also possible - Compartments and Security levels form a partially ordered lattice l Security Properties - Simple Security Property: Subject has READ access to an object of the subject’s security level dominates that of the objects - Star (*) Property: Subject has WRITE access to an object if the subject’s security level is dominated by that of the objects\

23. Covert Channel Example l Trojan horse at a higher level covertly passes data to a Trojan horse at a lower level l Example: - File Lock/Unlock problem - Processes at Secret and Unclassified levels collude with one another - When the Secret process lock a file and the Unclassified process finds the file locked, a 1 bit is passed covertly - When the Secret process unlocks the file and the Unclassified process finds it unlocked, a 1 bit is passed covertly - Over time the bits could contain sensitive data

24. Network Security l Security across all network layers - E.g., Data Link, Transport, Session, Presentation, Application l Network protocol security - Ver5ification and validation of network protocols l Intrusion detection and prevention - Applying data mining techniques l Encryption and Cryptography l Access control and trust policies l Other Measures - Prevention from denial of service, Secure routing, - - -

25. Steps to Designing a Secure System l Requirements, Informal Policy and model l Formal security policy and model l Security architecture - Identify security critical components; these components must be trusted l Design of the system l Verification and Validation

26. Product Evaluation l Orange Book - Trusted Computer Systems Evaluation Criteria l Classes C1, C2, B1, B2, B3, A1 and beyond - C1 is the lowest level and A1 the highest level of assurance - Formal methods are needed for A1 systems l Interpretations of the Orange book for Networks (Trusted Network Interpretation) and Databases (Trusted Database Interpretation) l Several companion documents - Auditing, Inference and Aggregation, etc. l Many products are now evaluated using the federal Criteria

27. Security Threats to Web/E-commerce

28. Approaches and Solutions l End-to-end security - Need to secure the clients, servers, networks, operating systems, transactions, data, and programming languages - The various systems when put together have to be secure l Composable properties for security l Access control rules, enforce security policies, auditing, intrusion detection l Verification and validation l Security solutions proposed by W3C and OMG l Java Security l Firewalls l Digital signatures and Message Digests, Cryptography

29. E-Commerce Transactions l E-commerce functions are carried out as transactions - Banking and trading on the internet - Each data transaction could contain many tasks l Database transactions may be built on top of the data transaction service - Database transactions are needed for multiuser access to web databases - Need to enforce concurrency control and recovery techniques

30. Types of Transaction Systems l Stored Account Payment - e.g., Credit and debit card transactions - Electronic payment systems - Examples: First Virtual, CyberCash, Secure Electronic Transaction l Stored Value Payment - Uses bearer certificates - Modeled after hard cash l Goal is to replace hard cash with e-cash - Examples: E-cash, Cybercoin, Smart cards

31. What is E-Cash? l Electronic Cash is stored in a hardware token l Token may be loaded with money - Digital cash from the bank l Buyer can make payments to seller’s token (offline) l Buyer can pay to seller’s bank (online) l Both cases agree upon protocols l Both parties may use some sort of cryptographic key mechanism to improve security

32. Other Security Technologies l Data and Applications Security l Middleware Security l Insider Threat Analysis l Risk Management l Trust and Economics l Biometrics