Data and Applications Security Developments and DirectionsOutline of the UnitReferencesWhat is Knowledge ManagementKnowledge Management ComponentsSlide 6Aspects of Secure Knowledge Management (SKM)SKM: Strategies, Processes, Metrics, TechniquesSlide 9Slide 10Security Policy Issues for Knowledge ManagementSecure Knowledge Management ArchitectureSKM for CoalitionsSKM Coalition ArchitectureSKM TechnologiesDirections for SKMWeb SecurityAttacks to Web SecuritySecure Web ComponentsE-Commerce TransactionsTypes of Transaction SystemsBuilding Database TransactionsSecure Digital LibrariesSlide 24Secure Web DatabasesDirections for Web SecurityData and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasLecture #23Secure Knowledge Management: and Web SecurityMarch 31, 2008Outline of the UnitBackground on Knowledge ManagementSecure Knowledge ManagementConfidentiality, Privacy and TrustIntegrated SystemSecure Knowledge Management TechnologiesWeb Security and Digital LibrariesDirectionsReferencesProceedings Secure Knowledge Management Workshop-Secure Knowledge Management Workshop, Buffalo, NY, September 2004-http://www.cse.buffalo.edu/caeiae/skm2004/Secure Knowledge Management-Bertino, Khan, Sandhu and Thuraisingham-IEEE Transactions on Systems man and Cybernetics-This lecture is based on the above paperWhat is Knowledge ManagementKnowledge management, or KM, is the process through which organizations generate value from their intellectual property and knowledge-based assets KM involves the creation, dissemination, and utilization of knowledgeReference: http://www.commerce-database.com/knowledge-management.htm?source=googleKnowledge Management ComponentsComponents:StrategiesProcessesMetricsCycle:Knowledge, CreationSharing, Measurement And ImprovementTechnologies:Expert systemsCollaborationTrainingWebComponents ofKnowledge Management: Components,Cycle and TechnologiesIdentification CreationDiffusion - Tacit, ExplicitIntegration ModificationActionOrganizational Learning ProcessMetricsSource: Reinhardt and PawlowskyIncentivesAspects of Secure Knowledge Management (SKM)Protecting the intellectual property of an organizationAccess control including role-based access controlSecurity for process/activity management and workflow-Users must have certain credentials to carry out an activityComposing multiple security policies across organizationsSecurity for knowledge management strategies and processesRisk management and economic tradeoffsDigital rights management and trust negotiationSKM: Strategies, Processes, Metrics, TechniquesSecurity Strategies:-Policies and procedures for sharing data-Protecting intellectual property-Should be tightly integrated with business strategySecurity processes-Secure workflow-Processes for contracting, purchasing, order management, etc.Metrics-What is impact of security on number of documents published and other metrics gatheredTechniques-Access control, Trust managementSecurityStrategies: Policies,Plans, andProceduresSecurity Processes:Processes forWorkflow, Order Management, Contracting, - - -Technologies:Privacy PreservingData Mining, Secure Semantic WebComponents ofAspects ofSecure Knowledge ManagementSecurityMetrics:Security impact onMetrics gathered for data sharingSecurityTechniques:Access Control,Trust Management,- - - -SKM: Strategies, Processes, Metrics, TechniquesIdentification CreationDiffusion - Tacit, ExplicitIntegration ModificationActionSecurity Impact on Organizational Learning ProcessMetricsWhat are the restrictionsOn knowledge sharingBy incorporating securityIncentivesSecurity Policy Issues for Knowledge Management Defining Policies during Knowledge CreationRepresenting policies during knowledge managementEnforcing policies during knowledge manipulation and disseminationSecure Knowledge Management ArchitectureKnowledge Creation and Acquisition ManagerKnowledge RepresentationManagerKnowledge Manipulation And SustainmentManagerKnowledge Dissemination and TransferManagerDefine Security Policies Represent Security PoliciesEnforce Security Policies for accessEnforce Security Policies for disseminationSKM for CoalitionsOrganizations for federations and coalitions work together to solve a problem-Universities, Commercial corporation, Government agenciesChallenges is to share data/information and at the same time ensure security and autonomy for the individual organizationsHow can knowledge be shared across coalitions?SKM Coalition ArchitectureExportKnowledgeComponentKnowledge for Agency AKnowledge for CoalitionExportKnowledgeComponentKnowledge for Agency CComponentKnowledge for Agency BExportKnowledgeSKM TechnologiesData Mining-Mining the information and determine resources without violating securitySecure Semantic Web-Secure knowledge sharingSecure Annotation Management-Managing annotations about expertise and resources Secure content management-Markup technologies and related aspects for managing contentSecure multimedia information managementDirections for SKMWe have identified high level aspects of SKM-Strategies, Processes. Metrics, techniques, Technologies, ArchitectureNeed to investigate security issues-RBAC, UCON, Trust etc.CS departments should collaborate with business schools on KM and SKMWeb SecurityEnd-to-end security-Need to secure the clients, servers, networks, operating systems, transactions, data, and programming languages-The various systems when put together have to be secureComposable properties for securityAccess control rules, enforce security policies, auditing, intrusion detectionVerification and validationSecurity solutions proposed by W3C and OMGJava SecurityFirewallsDigital signatures and Message Digests, CryptographyAttacks to Web Security SecurityThreats andViolationsAccessControlViolationsIntegrityViolationsFraudDenial ofService/InfrastructureAttacksSabotageConfidentialityAuthenticationNonrepudiationViolationsSecure Web Components SecureWebComponentsSecureClientsSecureServersSecureMiddlewareSecureNetworksSecureDatabasesSecureProtocolsE-Commerce TransactionsE-commerce functions are carried out as transactions-Banking and trading on the internet-Each data transaction could contain many tasksDatabase transactions may be built on top of the data transaction service-Database transactions are needed for multiuser access to web
View Full Document