1. Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #26 Emerging Technologies in Data and Applications Security April 14, 2005

2. Outline l Digital Identity Management l Identity Theft Management l Digital Forensics l Digital Watermarking l Risk Analysis l Economic Analysis l Secure Electronic Voting Machines l Biometrics l Other Applications

3. Digital Identity Management l Digital identity is the identity that a user has to access an electronic resource l A person could have multiple identities - A physician could have an identity to access medical resources and another to access his bank accounts l Digital identity management is about managing the multiple identities - Manage databases that store and retrieve identities - Resolve conflicts and heterogeneity - Make associations - Provide security l Ontology management for identity management is an emerging research area

4. Digital Identity Management - II l Federated Identity Management - Corporations work with each other across organizational boundaries with the concept of federated identity - Each corporation has its own identity and may belong to multiple federations - Individual identity management within an organization and federated identity management across organizations l Technologies for identity management - Database management, data mining, ontology management, federated computing

5. Identity Theft Management l Need for secure identity management - Ease the burden of managing numerous identities - Prevent misuse of identity: preventing identity theft l Identity theft is stealing another person’s digital identity l Techniques for preventing identity thefts include - Access control, Encryption, Digital Signatures - A merchant encrypts the data and signs with the public key of the recipient - Recipient decrypts with his private key

6. Digital Forensics l Digital forensics is about the investigation of Cyber crime l Follows the procedures established for Forensic medicine l The steps include the following: - When a computer crime occurs, law enforcement officials who are cyber crime experts gather every piece of evidence including information from the crime scene (i.e. from the computer) - Gather profiles of terrorists - Use history information - Carry pout analysis

7. Digital Forensics - II l Digital Forensics Techniques - Intrusion detection - Data Mining - Analyzing log files - Use criminal profiling and develop a psychological profiling - Analyze email messages l Lawyers, Psychologists, Sociologists, Crime investigators and Technologists have to worm together l International Journal of Digital Evidence is a useful source

8. Steganography and Digital Watermarking l Steganography is about hiding information within other information - E.g., hidden information is the message that terrorist may be sending to their pees in different parts of the worlds - Information may be hidden in valid texts, images, films etc. - Difficult to be detected by the unsuspecting human l Steganalysis is about developing techniques that can analyze text, images, video and detect hidden messages - May use data mining techniques to detect hidden patters l Steganograophy makes the task of the Cyber crime expert difficult as he/she ahs to analyze for hidden information - Communication protocols are being developed

9. Steganography and Digital Watermarking - II l Digital water marking is about inserting information without being detected for valid purposes - It has applications in copyright protection - A manufacturer may use digital watermarking to copyright a particular music or video without being noticed - When music is copies and copyright is violated, one can detect two the real owner is by examining the copyright embedded in the music or video

10. Risk Analysis l Analyzing risks - Before installing a secure system or a network one needs to conduct a risk analysis study - What are the threats? What are the risks? l Various types of risk analysis methods - Quantitative approach: Events are ranked in the order of risks and decisions are made based on then risks Qualitative approach: estimates are used for risks

11. Economics Analysis l Security vs Cost - If risks are high and damage is significant then it may be worth the cost of incorporating security - If risks and damage are not high, then security may be an additional cost burden l Economists and technologists need to work together - Develop cost models - Cost vs. Risk/Threat study

12. Secure Electronic Voting Machines l We are slowly migrating to electronic voting machines l Current electronic machines have many security vulnerabilities l A person can log into the system multiple times from different parts of the country and cast his/her vote l Insufficient techniques for ensuring that a person can vote only once l The systems may be attacked and compromised l Solutions are being developed l Johns Hopkins University is one of the leaders in the field of secure electronic voting machines

13. Biometrics l Early Identication and Authentication (I&A) systems, were based on passwords l Recently physical characteristics of a person are being sued for identification - Fingerprinting - Facial features - Iris scans - Blood circulation - Facial expressions l Biometrics techniques will provide access not only to computers but also to building and homes l Other Applications

14. Biometric Technologies l Pattern recognition l Machine learning l Statistical reasoning l Multimedia/Image processing and management l Managing biometric databases l Information retrieval l Pattern matching l Searching l Ontology management l Data mining

15. Data Mining for Biometrics l Determine the data to be analyzed - Data may be stored in biometric databases - Data may be text, images, video, etc. l Data may be grouped using classification techniques l As new data arrives determine the group this data belongs to - Pattern matching, Classification l Determine what the new data is depending on the prior examples and experiments l Determine whether the new data is abnormal or normal behavior l Challenge: False positives, False negatives

16. Secure Biometrics l Biometrics systems have to be secure l Need to study the attacks for biometrics systems l Facial features may be modified: - E.g., One can access by inserting another person’s features - Attacks on biometric databases is a major concern l Challenge is to develop a secure biometric systems

17. Secure Biometrics - II l Security policy for as biometric system - Application specific and applicatyion independent policies - Security constraints l Security model for a biometrics systems - Determine the operations to be performed - Need to include both text, images and video/animation l Architecure foe a biometric system - Need to idenify securiy critical components - Reference monitor l Detecting intrusions in a biometric system

18. Other Applications l Email security - Encryption - Filtering - Data mining l Benchmarking - Benchmarks for secure queries and transactions l Simulation and performance studies l Security for machine translation and text summarization l Covert channel analysis l Robotics security - Need to ensure policies are enforced correctly when operating robots