Data and Applications Security Developments and DirectionsObjective of the UnitOutline of the UnitOutline of the CourseOutline of the Course (Continued)Slide 6Slide 7Course WorkSlide 9Some Topics for PapersTerm Papers: Example FormatTerm Papers: Example Format - IIProject Report FormatSome Project TopicsIndex to LecturesSlide 16Index to Lectures for Exam 2Index to Lectures for Exam 2Papers to read for exam #1Papers to read for exam #2Course RulesContactData and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasIntroduction to the CourseAugust 24, 2011Objective of the UnitThis unit provides an overview of the course. The course describes concepts, developments, challenges, and directions in data and applications security. Topics include -database security, distributed data management security, object security, data warehouse security, data mining for security applications, privacy, secure semantic web, secure digital libraries, secure knowledge management and secure sensor information management, biometricsOutline of the UnitOutline of CourseCourse WorkCourse RulesContactAppendixOutline of the CourseUnit #1: Introduction to Data and Applications Part I: Background-Unit #2: Data Management-Unit #3: Information Security-Unit #4: Information Management Part II: Discretionary Security-Unit #5: Concepts-Unit #6: Policy EnforcementPart III: Mandatory Security-Unit #7: Concepts-Unit #8: ArchitecturesOutline of the Course (Continued)Part IV: Secure Relational Data Management-Unit #9: Data Model-Unit #10: Functions-Unit #11: Prototypes and ProductsPart V: Inference Problem-Unit #12: Concepts-Unit #13: Constraint Processing-Unit #14: Conceptual StructuresPart VI: Secure Distributed Data Management-Unit #15: Secure Distributed data management-Unit #16: Secure Heterogeneous Data Integration-Unit #17: Secure Federated Data ManagementOutline of the Course (Continued)Part VII: Secure Object Data Management-Unit #18: Secure Object Management-Unit #19: Secure Distributed Objects and Modeling Applications-Unit #20: Secure Multimedia SystemsPart VIII: Data Warehousing, Data Mining and Security -Unit #21: Secure Data Warehousing-Unit #22: Data Mining for Security Applications-Unit #23: PrivacyPart IX: Secure Information Management-Unit #24: Secure Digital Libraries -Unit #25: Secure Semantic Web (web services, XML security) -Unit #26: Secure Information and Knowledge ManagementOutline of the Course (Continued)Part X: Emerging Technologies -Unit #27: Secure Dependable Data Management-Unit #28: Secure Sensor and Wireless Data Management -Unit #29: Other Emerging TechnologiesUnit #30 Conclusion to the CourseGuest Lectures Some guest lectures may be included Some other topicsReview for finalsCourse WorkOne term paper; each worth 10 points-November 16Two exams each worth 20 points-Exam #1: October 19-Exam #2: As scheduled by UTD; December 9, 2011Programming project worth 12 points: December 5Four homework assignments each worth 6 points -September 28; October 12; November 9; November 30Total 86 pointsMay be given a surprise quiz (4 points)Total 90Course WorkCourse Book: Database and Applications Security: Integration Data Management and Information Security, Bhavani Thuraisingham, CRC Press, 2005Will also include papers as reading materialSome Topics for PapersXML SecurityInference ProblemPrivacySecure BiometricsIntrusion DetectionE-Commerce SecuritySecure Sensor Information ManagementSecure Distributed SystemsSecure Semantic WebSecure Data WarehousingInsider Threat AnalysisSecure Multimedia SystemsTerm Papers: Example FormatAbstractIntroductionBackground on the TopicSurvey of various techniques, designs etc,Analyze the techniques, designs etc. and give your opinionsDirections for further workSummary and ConclusionsReferencesTerm Papers: Example Format - IIAbstractIntroductionBackground on the Topic and Related WorkDiscuss strengths and weaknesses of your work and others’ workGive your own designDirections for further workSummary and ConclusionsReferencesProject Report FormatOverview of the ProjectDesign of the SystemInput/Output Future EnhancementsReferencesSome Project TopicsQuivery Modification on XML DocumentsAccess control for web systemsIntrusion detection systemAccess control for multimedia systems -E.g., access control for image, videoRole-based access control systemAccess control for object systemsSecure data warehouseIndex to LecturesLecture 1: August 24, 2011; This lecture gives an introduction to data and applications securityLecture 2: August 29: Secure data storage and retrieval in a cloud (skip for exam 1)Lecture 3: Aug 31: Cyber SecurityLecture 4: Sept 7: Access control in data management systemsLecture 5: Sept 7: PoliciesLecture 6: Sept 12: Data mining for malware detectionLecture 7: Sept 14: Multilevel secure data managementLecture 8: Sept 14: Assignment #1Lecture 9: Sept 19: Completed lecture 7; started on Inference Problem – 1Lecture 10: Sept 21: Novel class detectionIndex to LecturesSept 26th Continuation of Inference problem (Lecture 9) Lecture 11: Sept 28: NIST NVD lecture was given that day; but lecture posted is Inference problem – II which was covered on Oct 3Lecture 12: Sept 28, Assignment #2Oct 3 lecture: Gave the lecture posted under Lecture 11 which is inference problem - IILecture 13: Oct 5: Secure Distributed Data Management (skip the part on single sign and identity mgmt on for exam #1)Lecture 14: Oct 10: Malware (pages 4-29 for exam #1)Lecture 15: This lecture was given on Sept 28; NIST NVD LectureLecture 16: Oct 10: Attacks to databasesOctober 12: Lecture 17: SQL InjectionIndex to Lectures for Exam 2 October 17: Lecture 18 Secure publishing of XML Data (1)October 19: Exam #1 (no lectures posted)October 24: Lecture 19: Trustworthy semantic web (2)October 26: Lecture 20 Introduction to semantic web (not included in exam)October 31: Lecture 21: Assignment #3November 2: Lecture 22: Secure web services and SOA (3)November 7: Lecture 23: Scalable access control (Dr. Cadenhead) – Optional – will not be included in examIndex to Lectures for Exam 2November 9: Lecture 24: Secure object systems (4)November
View Full Document