Data and Applications Security Developments and DirectionsOutline of the UnitReferencesWhat is Knowledge ManagementKnowledge Management ComponentsSlide 6Aspects of Secure Knowledge Management (SKM)SKM: Strategies, Processes, Metrics, TechniquesSlide 9Slide 10Security Policy Issues for Knowledge ManagementSecure Knowledge Management ArchitectureSKM for CoalitionsSKM Coalition ArchitectureRBAC for SKMRBAC for SKM (Sandhu)UCON for SKMUCON for SKM (Sandhu)Trust Management for SKMSlide 20The problem: establishing trust in open systemsTrust Negotiation modelTrust negotiation: the approachSubject properties: digital credentialsSlide 25CredentialsDisclosure policiesDisclosure policies - ExampleDisclosure policies - ExampleTrust Negotiation - definitionTrust-X system: Joint Research with University of MilanTrust-X language: X-TNLX-TNL: Credential type systemTrust-X negotiation phases- basic modelTrust-X ArchitectureHow a policy is processedSKM TechnologiesDirectionsData and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasSecure Knowledge Management: Confidentiality, Privacy and TrustNovember 29, 2005Outline of the UnitBackground on Knowledge ManagementSecure Knowledge ManagementConfidentiality: Access ControlPrivacyTrust ManagementIntegrated SystemSecure Knowledge Management TechnologiesDirectionsReferencesProceedings Secure Knowledge Management Workshop-Secure Knowledge Management Workshop, Buffalo, NY, September 2004-http://www.cse.buffalo.edu/caeiae/skm2004/Secure Knowledge Management-Bertino, Khan, Sandhu and Thuraisingham-To be published in IEEE Transactions on Systems man and Cybernetics-This lecture is based on the above paperWhat is Knowledge ManagementKnowledge management, or KM, is the process through which organizations generate value from their intellectual property and knowledge-based assets KM involves the creation, dissemination, and utilization of knowledgeReference: http://www.commerce-database.com/knowledge-management.htm?source=googleKnowledge Management ComponentsComponents:StrategiesProcessesMetricsCycle:Knowledge, CreationSharing, Measurement And ImprovementTechnologies:Expert systemsCollaborationTrainingWebComponents ofKnowledge Management: Components,Cycle and TechnologiesIdentification CreationDiffusion - Tacit, ExplicitIntegration ModificationActionOrganizational Learning ProcessMetricsSource: Reinhardt and PawlowskyIncentivesAspects of Secure Knowledge Management (SKM)Protecting the intellectual property of an organizationAccess control including role-based access controlSecurity for process/activity management and workflow-Users must have certain credentials to carry out an activityComposing multiple security policies across organizationsSecurity for knowledge management strategies and processesRisk management and economic tradeoffsDigital rights management and trust negotiationSKM: Strategies, Processes, Metrics, TechniquesSecurity Strategies:-Policies and procedures for sharing data-Protecting intellectual property-Should be tightly integrated with business strategySecurity processes-Secure workflow-Processes for contracting, purchasing, order management, etc.Metrics-What is impact of security on number of documents published and other metrics gatheredTechniques-Access control, Trust managementSecurityStrategies: Policies,Plans, andProceduresSecurity Processes:Processes forWorkflow, Order Management, Contracting, - - -Technologies:Privacy PreservingData Mining, Secure Semantic WebComponents ofAspects ofSecure Knowledge ManagementSecurityMetrics:Security impact onMetrics gathered for data sharingSecurityTechniques:Access Control,Trust Management,- - - -SKM: Strategies, Processes, Metrics, TechniquesIdentification CreationDiffusion - Tacit, ExplicitIntegration ModificationActionSecurity Impact on Organizational Learning ProcessMetricsWhat are the restrictionsOn knowledge sharingBy incorporating securityIncentivesSecurity Policy Issues for Knowledge Management Defining Policies during Knowledge CreationRepresenting policies during knowledge managementEnforcing policies during knowledge manipulation and disseminationSecure Knowledge Management ArchitectureKnowledge Creation and Acquisition ManagerKnowledge RepresentationManagerKnowledge Manipulation And SustainmentManagerKnowledge Dissemination and TransferManagerDefine Security Policies Represent Security PoliciesEnforce Security Policies for accessEnforce Security Policies for disseminationSKM for CoalitionsOrganizations for federations and coalitions work together to solve a problem-Universities, Commercial corporation, Government agenciesChallenges is to share data/information and at the same time ensure security and autonomy for the individual organizationsHow can knowledge be shared across coalitions?SKM Coalition ArchitectureExportKnowledgeComponentKnowledge for Agency AKnowledge for CoalitionExportKnowledgeComponentKnowledge for Agency CComponentKnowledge for Agency BExportKnowledgeRBAC for SKMAccess to information sources including structured and unstructured data both within the organization and external to the organization Search Engines and tools for identifying relevant pieces of this information for a specific purposeKnowledge extraction, fusion and discovery programs and servicesControlled dissemination and sharing of newly produced knowledgeRBAC for SKM (Sandhu)UCON for SKMRBAC model is incorporated into UCON and useful for SKM-Authorization componentObligations -Obligations are actions required to be performed before an access is permitted-Obligations can be used to determine whether an expensive knowledge search is requiredAttribute Mutability-Used to control the scope of the knowledge searchCondition-Can be used for resource usage policies to be relaxed or tightenedUCON for SKM (Sandhu)Trust Management for SKMTrust Services-Identify services, authorization services, reputation servicesTrust negotiation (TN)-Digital credentials, Disclosure policiesTN Requirements-Language requirementsSemantics, constraints, policies-System requirementsCredential ownership, validity, alternative negotiation strategies, privacyExample TN systems-KeyNote and Trust-X (U of Milan), TrustBuilder (UIUC)Trust Management for SKMThe problem: establishing trust in open systems Mutual authentication- Assumption on the
View Full Document