Data and Applications Security Developments and DirectionsOutlineDevelopments in Data and Applications Security: 1975 - PresentDevelopments in Data and Applications Security: Multilevel Secure Databases - IDevelopments in Data and Applications Security: Multilevel Secure Databases - IISome Directions and Challenges for Data and Applications Security - ISome Directions and Challenges for Data and Applications Security - IICoalition Data and Policy SharingData and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasLecture #1Introduction to Data and Applications SecurityJanuary 12, 2009OutlineData and Applications Security -Developments and DirectionsSecure Semantic Web-XML Security; Other directionsSome Emerging Secure DAS Technologies-Secure Sensor Information Management; Secure Dependable Information ManagementSome Directions for Privacy Research -Data Mining for handling security problems; Privacy vs. National Security; Privacy Constraint Processing; Foundations of the Privacy ProblemWhat are the Challenges?Developments in Data and Applications Security: 1975 - PresentAccess Control for Systems R and Ingres (mid 1970s)Multilevel secure database systems (1980 – present)-Relational database systems: research prototypes and products; Distributed database systems: research prototypes and some operational systems; Object data systems; Inference problem and deductive database system; TransactionsRecent developments in Secure Data Management (1996 – Present)-Secure data warehousing, Role-based access control (RBAC); E-commerce; XML security and Secure Semantic Web; Data mining for intrusion detection and national security; Privacy; Dependable data management; Secure knowledge management and collaborationDevelopments in Data and Applications Security: Multilevel Secure Databases - IAir Force Summer Study in 1982Early systems based on Integrity Lock approachSystems in the mid to late 1980s, early 90s-E.g., Seaview by SRI, Lock Data Views by Honeywell, ASD and ASD Views by TRW-Prototypes and commercial products-Trusted Database Interpretation and Evaluation of Commercial ProductsSecure Distributed Databases (late 80s to mid 90s)-Architectures; Algorithms and Prototype for distributed query processing; Simulation of distributed transaction management and concurrency control algorithms; Secure federated data managementDevelopments in Data and Applications Security: Multilevel Secure Databases - IIInference Problem (mid 80s to mid 90s)-Unsolvability of the inference problem; Security constraint processing during query, update and database design operations; Semantic models and conceptual structuresSecure Object Databases and Systems (late 80s to mid 90s)-Secure object models; Distributed object systems security; Object modeling for designing secure applications; Secure multimedia data managementSecure Transactions (1990s)-Single Level/ Multilevel Transactions; Secure recovery and commit protocolsSome Directions and Challenges for Data and Applications Security - ISecure semantic web -Security modelsSecure Information Integration-How do you securely integrate numerous and heterogeneous data sources on the web and otherwiseSecure Sensor Information Management-Fusing and managing data/information from distributed and autonomous sensorsSecure Dependable Information Management-Integrating Security, Real-time Processing and Fault ToleranceData Sharing vs. Privacy-Federated database architectures?Some Directions and Challenges for Data and Applications Security - IIData mining and knowledge discovery for intrusion detection-Need realistic models; real-time data miningSecure knowledge management-Protect the assets and intellectual rights of an organizationInformation assurance, Infrastructure protection, Access Control-Insider cyber-threat analysis, Protecting national databases, Role-based access control for emerging applicationsSecurity for emerging applications-Geospatial, Biomedical, E-Commerce, etc. Other Directions-Trust and Economics, Trust Management/Negotiation, Secure Peer-to-peer computing,Coalition Data and Policy SharingExportData/PolicyComponentData/Policy for Agency AData/Policy for FederationExportData/PolicyComponentData/Policy for Agency CComponentData/Policy for Agency
View Full Document