DOC PREVIEW
UTD CS 7301 - Lecture #2 Supporting Technologies

This preview shows page 1-2-17-18-19-35-36 out of 36 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Building Trustworthy Semantic Webs Dr Bhavani Thuraisingham The University of Texas at Dallas Lecture 2 Supporting Technologies August 27 2008 Objective of the Unit This unit will provide an overview of the supporting technologies Outline of Part I Information Security Operating Systems Security Network Security Designing and Evaluating Systems Web Security Other Security Technologies Operating System Security Access Control Subjects are Processes and Objects are Files Subjects have Read Write Access to Objects E g Process P1 has read acces to File F1 and write access to File F2 Capabilities Processes must presses certain Capabilities Certificates to access certain files to execute certain programs E g Process P1 must have capability C to read file F Mandatory Security Bell and La Padula Security Policy Subjects have clearance levels Objects have sensitivity levels clearance and sensitivity levels are also called security levels Unclassified Confidential Secret TopSecret Compartments are also possible Compartments and Security levels form a partially ordered lattice Security Properties Simple Security Property Subject has READ access to an object of the subject s security level dominates that of the object Star Property Subject has WRITE access to an object if the subject s security level is dominated by that of the object Covert Channel Example Trojan horse at a higher level covertly passes data to a Trojan horse at a lower level Example File Lock Unlock problem Processes at Secret and Unclassified levels collude with one another When the Secret process lock a file and the Unclassified process finds the file locked a 1 bit is passed covertly When the Secret process unlocks the file and the Unclassified process finds it unlocked a 1 bit is passed covertly Over time the bits could contain sensitive data Network Security Security across all network layers E g Data Link Transport Session Presentation Application Network protocol security Ver5ification and validation of network protocols Intrusion detection and prevention Applying data mining techniques Encryption and Cryptography Access control and trust policies Other Measures Prevention from denial of service Secure routing Data Security Access Control Access Control policies were developed initially for file systems E g Read write policies for files Access control in databases started with the work in System R and Ingres Projects Access Control rules were defined for databases relations tuples attributes and elements SQL and QUEL languages were extended GRANT and REVOKE Statements Read access on EMP to User group A Where EMP Salary 30K and EMP Dept Security Query Modification Modify the query according to the access control rules Retrieve all employee information where salary 30K and Dept is not Security Steps to Designing a Secure System Requirements Informal Policy and model Formal security policy and model Security architecture Identify security critical components these components must be trusted Design of the system Verification and Validation Product Evaluation Orange Book Trusted Computer Systems Evaluation Criteria Classes C1 C2 B1 B2 B3 A1 and beyond C1 is the lowest level and A1 the highest level of assurance Formal methods are needed for A1 systems Interpretations of the Orange book for Networks Trusted Network Interpretation and Databases Trusted Database Interpretation Several companion documents Auditing Inference and Aggregation etc Many products are now evaluated using the federal Criteria Security Threats to Web E commerce Security Threats and Violations Access Control Violations Denial of Service Infrastructure Attacks Integrity Violations Fraud Sabotage Confidentiality Authentication Nonrepudiation Violations Approaches and Solutions End to end security Need to secure the clients servers networks operating systems transactions data and programming languages The various systems when put together have to be secure Composable properties for security Access control rules enforce security policies auditing intrusion detection Verification and validation Security solutions proposed by W3C and OMG Java Security Firewalls Digital signatures and Message Digests Cryptography Other Security Technologies Middleware Security Insider Threat Analysis Risk Management Trust and Economics Biometrics Secure Voting Machines Outline of Part II Data Management Concepts in database systems Types of database systems Distributed Data Management Heterogeneous database integration Federated data management Information Management An Example Database System Application Programs Database Management System Database Adapted from C J Date Addison Wesley 1990 Users Metadata Metadata describes the data in the database Example Database D consists of a relation EMP with attributes SS Name and Salary Metadatabase stores the metadata Could be physically stored with the database Metadatabase may also store constraints and administrative information Metadata is also referred to as the schema or data dictionary Functional Architecture Data Management User Interface Manager Schema Data Dictionary Manager metadata Query Manager Security Integrity Manager Transaction Manager Storage Management File Manager Disk Manager DBMS Design Issues Query Processing Optimization techniques Transaction Management Techniques for concurrency control and recovery Metadata Management Techniques for querying and updating the metadatabase Security Integrity Maintenance Techniques for processing integrity constraints and enforcing access control rules Storage management Access methods and index strategies for efficient access to the database Federated Data and Policy Management Data Policy for Federation Export Data Policy Export Data Policy Export Data Policy Component Data Policy for Agency A Component Data Policy for Agency C Component Data Policy for Agency B What is Information Management Information management essentially analyzes the data and makes sense out of the data Several technologies have to work together for effective information management Data Warehousing Extracting relevant data and putting this data into a repository for analysis Data Mining Extracting information from the data previously unknown Multimedia managing different media including text images video and audio Web managing the databases and libraries on the web Data Warehouse Users Query the Warehouse Oracle DBMS for Employees Data Warehouse Data correlating Employees With Medical Benefits and


View Full Document

UTD CS 7301 - Lecture #2 Supporting Technologies

Documents in this Course
Load more
Download Lecture #2 Supporting Technologies
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lecture #2 Supporting Technologies and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lecture #2 Supporting Technologies 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?