Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Dependable Stream Data Management Vana Kalogeraki (UC Riverside) Dimitrios Gunopulos (UC Riverside) Ravi Sandhu (UT San Antonio) Bhavani Thuraisingham.

Similar presentations


Presentation on theme: "Secure Dependable Stream Data Management Vana Kalogeraki (UC Riverside) Dimitrios Gunopulos (UC Riverside) Ravi Sandhu (UT San Antonio) Bhavani Thuraisingham."— Presentation transcript:

1 Secure Dependable Stream Data Management Vana Kalogeraki (UC Riverside) Dimitrios Gunopulos (UC Riverside) Ravi Sandhu (UT San Antonio) Bhavani Thuraisingham (UT Dallas) May 2008

2 Outline l Dependable Information Management - Integrating Real-time and Security Policies l Secure Real-Time TMO - Apply RBAC and UCON models l Stream Data/Information Management - Overview, Data Manager, Security Policy, Directions l QoS-based Stream Execution Model

3 Dependable Sensor Information Management l Dependable sensor information management includes - secure sensor information management - fault tolerant sensor information - High integrity and high assurance computing - Real-time computing l Conflicts between different features - Security, Integrity, Fault Tolerance, Real-time Processing - E.g., A process may miss real-time deadlines when access control checks are made - Trade-offs between real-time processing and security - Need flexible security policies; real-time processing may be critical during a mission while security may be critical during non-operational times

4 Secure Dependable Information Management Example: Next Generation AWACS Technology provided by the project Hardware Display Processor & Refresh Channels Consoles (14) Navigation Sensors Data Links Data Analysis Programming Group (DAPG) Future App Future App Future App Multi-Sensor Tracks Sensor Detections MSI App Data Mgmt. Data Xchg. Infrastructure Services Security being considered after the system has been designed and prototypes implemented Challenge: Integrating real-time processing, security and fault tolerance Real-time Operating System

5 Secure Dependable Information Management: Directions l Challenge: How does a system ensure integrity, security, fault tolerant processing, and still meet timing constraints? l Develop flexible security policies; when is it more important to ensure real-time processing and ensure security? l Secure dependable models and architectures for the policies; Examine real-time algorithms – e.g., query and transaction processing l Research for databases as well as for applications; what assumptions do we need to make about operating systems, networks and middleware? l Developing dependable sensor objects

6 RBAC (Sandhu et al) and ABAC (Network Centric Enterprise Services) l RBAC - Access to information sources including structured and unstructured data both within the organization and external to the organization - Access based on roles - Hierarchy of roles: handling conflicts - Controlled dissemination and sharing of the data l ABAC (Attribute based access control) - User presents credentials - Depending on the user credentials user is granted access - Suitable for open web environments

7 UCON (Sandhu et al) l RBAC model is incorporated into UCON and useful for various applications - Authorization component l Obligations - Obligations are actions required to be performed before an access is permitted - Obligations can be used to determine whether an expensive knowledge search is required l Attribute Mutability - Used to control the scope of the knowledge search l Condition - Can be used for resource usage policies to be relaxed or tightened

8 UCON (Sandhu et al))

9 TMO (Kane Kim et al) l TMO model A TMO object ODSS 1 ODSS 2 Object Data Store (ODS) SpM1 Deadlines AA C SpM2 AA C SvM1 Concurrency Control SvM2 AAC: Autonomous Activation Condition Service Request Queue Remote TMO Clients Lock/Condition/CREW for Concurrent Access Time-triggered(TT) Spontaneous Methods(SpMs) Message-triggered(MT) Service Methods(SvMs) EAC Capability for accessing other TMOs and network environment including logical multicast channels and I/O devices

10 l Access Control mechanisms - Role Based Access Control (RBAC) model l Users (TMO objects) are associated with roles l Roles are associated with permissions (Write, Read, Execution, All) l A user has permission only if the user has an authorized role which is associated with that permission - Inadequate for distributed real-time system l Server side centralized model l Need constraints on temporal behaviors of spontaneous methods in TMO RT-RBAC (Jungin Kim and Thuraisingham)

11 RT-UCON (Jungin Kim and Thuraisingham) l Basic authorization components for access control in TMO Continuity: dynamic and seamless constraints Mutability: control the scope of access Conditions: control the amount of access, access time Obligations: pre-conditions for determining access decisions l Adequate for distributed real-time system Space and Time domain; Server and Client side control; Dynamic and Flexible l Implemented access control through a separated object l Checks access right, maintain access policies in the system ODS: stores static and dynamic access policies SpM: controls access policies in ODS SvM: handles access decision requests

12 Secure CAMIN (Jungin Kim and Thuraisingham) l Mission: Defend target objects both in the sea and on the land from the hostile objects in the sky l Access control checks policies and security levels l Some malicious objects are added

13 Secure Sensor/Stream Information Management l Sensor network consists of a collection of autonomous and interconnected sensors that continuously sense and store information about some local phenomena - May be employed in battle fields, seismic zones, pavements l Data streams emanate from sensors; for geospatial applications these data streams could contain continuous data of maps, images, etc. Data has to be fused and aggregated l Continuous queries are posed, responses analyzed possibly in real- time, some streams discarded while rest may be stored l Recent developments in sensor information management include sensor database systems, sensor data mining, distributed data management, layered architectures for sensor nets, storage methods, data fusion and aggregation l Secure sensor data/information management has received very little attention; need a research agenda

14 Secure Sensor/Stream Information Management: Data Manager

15 Policy Specification and Enforcement: Elena Ferrari and Barbara Carminati et al l Example: Aurora Stream Model develop by Stonebraker et al l Model Operators - Filter: Select on streams based on predicates; results is a sequence of streams - Map: Project onto attributes by applying certain functions - Aggregate: Aggregate/fuse streams l Secure Model Operators - Secure Filter: Form of secure selection where access to resulting streams are controlled - Secure Map: Access to resulting attributes are controlled - Secure Aggregation: Access to resulting stream is controlled - Access to original streams are controlled but not to the results

16 Secure Sensor/Stream Information Management: Inference/Aggregation Control

17 Secure Sensor/Stream Information Management: Security Policy Integration (MURI Project) Export Engine Component Data System for Agency A Federated Data Management Export Engine Component Data System For Agency C Component Data System for Agency B Export Engine Federated Privacy Controller Privacy Controller Privacy Controller Privacy Controller Export Policy Component Policy for Sensor A Integrated Policy for the Sensor Network Export Policy Component Policy for Sensor C Component Policy for Sensor B Export Policy Generic Policy for A Generic Policy for B Generic Policy for C Additional security constraints for Inference Control Export Engine Component Data System for Agency A Federated Data Management Export Engine Component Data System For Agency C Component Data System for Agency B Export Engine Federated Privacy Controller Privacy Controller Privacy Controller Privacy Controller Export Policy Component Policy for Sensor A Integrated Policy for the Sensor Network Export Policy Component Policy for Sensor C Component Policy for Sensor B Export Policy Generic Policy for A Generic Policy for B Generic Policy for C Additional security constraints for Inference Control

18 Real-time Knowledge Discovery (RT-KDD) l How does a data mining technique meet the timing constraint? - E.g., if an association rule mining algorithm has a 5 minutes constraint, then should it output as many rules as possible within 5 minutes - How does this affect the accuracy of the results? - Will there be an increase in false positives and negatives? l Approximate data mining - Are there techniques analogous to techniques in approximate query processing - Are incomplete results better than no results l What are the applications for RT-KDD - Give the results to the first responder/law enforcement official in 5 minutes so that he can take appropriate actions l Secure RT-KDD?

19 Secure Sensor/Stream Information Management: Directions l Individual sensors may be compromised and attacked; need techniques for detecting, managing and recovering from such attacks l Aggregated sensor data may be sensitive; need secure storage sites for aggregated data; variation of the inference and aggregation problem? l Security has to be incorporated into sensor database management - Policies, models, architectures, queries, etc. l Evaluate costs for incorporating security especially when the sensor data has to be fused, aggregated and perhaps mined in real-time l Data may be emanating from sensors and other devices at multiple locations - Data may pertain to individuals (e.g. video information, images, surveillance information, etc.); Data may be mined to extract useful information; Need to maintain privacy

20 Secure Stream based Execution Model: Integrate Kalogeraki stream model with UCON l QoS based Infrastructure support for hosting stream based applications l Component Discovery - Data summarization and dissemination to propagate components and resource information to the appropriate nodes - Bloom filter data structure based techniques l QoS aware composition - For each application request the user specifies the data source, application graph (describing the application components and their invocations) and real-0time requirements l Apply UCON model as the basis for security - Integrate concepts from RT-UCON with stream based policies l Our approach: Specify security policies and prove that the resulting system is secure


Download ppt "Secure Dependable Stream Data Management Vana Kalogeraki (UC Riverside) Dimitrios Gunopulos (UC Riverside) Ravi Sandhu (UT San Antonio) Bhavani Thuraisingham."

Similar presentations


Ads by Google