Secure Web Services and Cloud ComputingObjective of the UnitOutline of the UnitOutline of the CourseCourse WorkCourse RulesContactPapers to Read for Exam 1Index to Lectures for Exam #1Slide 10Papers to Read for March 23, 2012Papers to Read for March 30, 2012Papers to Read for April 6, 2012Papers to Read for April 13 (in addition to the last paper for April 6)Papers to Read for April 20Papers to Read for Exam #2Papers to Read for Exam #2Slide 18Slide 19Index to Lectures for Exam #2ConclusionWhat have we learned?Slide 23Slide 24AcknowledgementSecure Web Services and Cloud ComputingDr. Bhavani ThuraisinghamThe University of Texas at DallasIntroduction to the Course and Overview of Material covered in classJanuary 20, 2012 – May 4, 2012Objective of the UnitThis unit provides an overview of the course. The course describes concepts, developments, challenges, and directions in -Secure Web Services-Secure Semantic Web-Assured Cloud ComputingOutline of the UnitOutline of CourseCourse WorkCourse RulesContactIndex to lectures and preparation for exam #1Papers to read for lectures March 23, 30, April 6, 13, 20Index to lectures and preparation for exam #2Conclusion (what we have learned in class)Acknowledgement: -AFOSR for funding our research in assured cloud computing-NSF for funding our capacity building effort in cloud computingOutline of the CourseJanuary 20, 2012: Introduction, Background on Data Security, Introduction to Cyber SecurityJanuary 27 and February 3: Secure Web ServicesFebruary 10 and February 17: Secure Semantic WebFebruary 24 and March 2: Assured Cloud ComputingMarch 9: Exam #1After the Spring Break additional lectures on assured cloud computing and several papers for the students to read and present in classCourse WorkTwo exams each worth 20 points- March 9, May 4 (second class period)Programming project worth 14 points-April 27Two homework assignments prior to the mid-term: 8 points each-February 17, March 2Two term papers after the mid-term: 10 points each-March 30, April 20Two Surprise Quizzes: 5 points eachCourse RulesCourse attendance is mandatory; unless permission is obtained from instructor for missing a class with a valid reason (documentation needed for medical emergency for student or a close family member – e.g., spouse, parent, child). Attendance will be collected every lecture. 5 points will be deducted out of 100 for each lecture missed without approval. Each student will work individuallyLate assignments will not be accepted. All assignments have to be turned in just after the lecture on the due dateNo make up exams unless student can produce a medical certificate or give evidence of close family emergencyCopying material from other sources will not be permitted unless the source is properly referencedAny student who plagiarizes from other sources will be reported to the appropriate UTD authroitiesContactFor more information please contact-Dr. Bhavani Thuraisingham-Professor of Computer Science and-Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080-Phone: 972-883-4738-Fax: 972-883-2399-Email: [email protected]:http://www.utdallas.edu/~bxt043000/Papers to Read for Exam 11. Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M. Thuraisingham, Amar Gupta: Selective and Authentic Third-Party Distribution of XML Documents. IEEE Trans. Knowl. Data Eng. 16(10): 1263-1278 (2004)Index to Lectures for Exam #1Lecture 1: Introduction (this unit)Lecture 2: Security ModulesLecture 3: Data, Info and Knowledge ManagementLecture 4: Access ControlLecture 5: PoliciesLecture 6: Web Services and Security, OverviewLecture 7: Web Services and Security, DetailsLecture 8: Assignment #1Lecture 9: Secure sharing of digital evidence (XML Security)Lecture 10: Introduction to Semantic WebLecture 11: Trustworthy Semantic WebLecture 12: Inference ProblemLecture 13: Scalable access control (Dr. Tyrone) not includedIndex to Lectures for Exam #1Lecture 14: Assignment #2Lecture 15: Introduction to cloud and secure cloudLecture 16: Assured Cloud ComputingLecture 17: Tools for cloud computingLecture 18: Jena and HbaseLecture 19: Twitter StormLecture 20: NIST NVD (Jyothsna lecture)Papers to Read for March 23, 2012Wei She, I-Ling Yen, Bhavani M. Thuraisingham: Enhancing Security Modeling for Web Services Using Delegation and Pass-On. ICWS 2008: 545-552 Wei She, I-Ling Yen, Bhavani M. Thuraisingham, Elisa Bertino: The SCIFC Model for Information Flow Control in Web Service Composition. ICWS 2009: 1-8Cloud Identity Managementhttp://cis.cau.edu/cms/files/CIS509-OAUTH/cloud-computing-identity-management.pdfEric Olden IEEE Computer March 2011http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5719572Papers to Read for March 30, 20121. KAoS Policy and Domain Services: Toward a Description-Logic Approach to Policy Representation, Deconfliction, and Enforcementhttp://www4.wiwiss.fu-berlin.de/bizer/SWTSGuide/KAoS/KAoS_Policy_03.pdf2. http://groups.csail.mit.edu/dig/Rein/rein-paper.pdfRein Policy Framework for the Semantic Web. Decentralized framework for representing and reasoning over distributed policies in the Semantic Web using Rei and CWM. Lalana Kagal and Tim Berners-Lee.3. Barbara Carminati, Elena Ferrari, Raymond Heatherly, Murat Kantarcioglu, Bhavani M. Thuraisingham: A semantic web based framework for social network access control. SACMAT 2009: 177-1864. Timothy W. Finin, Anupam Joshi, Lalana Kagal, Jianwei Niu, Ravi S. Sandhu, William H. Winsborough, Bhavani M. Thuraisingham: ROWLBAC: representing role based access control in OWL. SACMAT 2008: 73-82Papers to Read for April 6, 2012http://www.cl.cam.ac.uk/research/srg/netos/papers/2003-xensosp.pdfhttp://www.cl.cam.ac.uk/research/srg/netos/papers/2004-oasis-ngio.pdfhttp://www.fujitsu.com/downloads/MAG/vol46-4/paper09.pdf http://www.eecs.berkeley.edu/~elaines/docs/ccsw.pdfhttp://delivery.acm.org/10.1145/2050000/2046665/p15-brown.pdf?ip=129.110.241.91&acc=ACTIVE%20SERVICE&CFID=75242210&CFTOKEN=69399126&__acm__=1333321759_25edce9244a170683f6ea888814e192e (paper discussed on April 13)Papers to Read for April 13 (in addition to the last paper for April 6)http://www.sec.in.tum.de/assets/lehre/ss09/seminar_virtualisierung/Secure_Hypervisors_S-Vogl.pdf (Secure
View Full Document