Data and Applications Security Developments and DirectionsOutline of the UnitSecure Dependable Information Management: What is it?Relationships between Dependability, Confidentiality, Privacy, TrustSecure Dependable Information Management: IntegrationSlide 6Secure Dependable Information Management: Conflict ResolutionSecure Dependable Information Management Example: Next Generation AWACSSlide 9Secure Dependable Information Management: Directions for ResearchReal-time Information ManagementReal-time Data ManagementReal-time Data Management Management: Data ModelReal-time Data Management : QueryReal-time Data Management Management: TransactionsConflict between Security and Real-time ProcessingAspects of Data QualityApplicationsSecure Sensor Information ManagementSome Attacks on Sensors and IssuesSecure Sensor CommunicationSecure Sensor Data Manager: An ArchitectureSecure Sensor Data Fusion: Inference ControlSecure Sensor Information Management: Directions for ResearchData and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasLecture #25Dependable Data ManagementApril 12, 2005Outline of the UnitSecure Dependable Data ManagementSecure Real-time Data ManagementSecure Sensor Information ManagementSecure Dependable Information Management:What is it?Features of Secure Dependable Information Management-secure information management-fault tolerant information Management-High integrity and high assurance computing-Real-time computing-Trust management-Data QualityRelationships between Dependability, Confidentiality, Privacy, TrustDependabilityConfidentialityPrivacyTrustDependability: Security, Privacy, Trust, Real-time Processing, Fault Tolerance; also sometimes referred to as “Trustworthiness”Confidentiality: Preventing the release of unauthorized information considered sensitivePrivacy: Preventing the release of unauthorized information about individuals considered sensitiveTrust: Confidence one has that an individual will give him/her correct information or an individual will protect sensitive informationSecure Dependable Information Management:IntegrationIntegration of the different Features-Quality of Service-Need end-to-end dependability-Dependable OS, Dependable data management, Dependable middleware, Dependable networksSecure Dependable Information Management:Integration Inference ControllerInference ControllerInference ControllerDependable Communication Subsystem Inference ControllerInference ControllerInference ControllerDependable Operating System Inference ControllerInference ControllerInference ControllerDependable Middleware / Dependable Object Request BrokerInference ControllerInference ControllerInference ControllerDependable Data ManagerInference ControllerInference ControllerInference ControllerDependable Information ManagerInference ControllerInference ControllerInference ControllerDependable ApplicationsSecure Dependable Information Management:Conflict ResolutionConflicts between different features-Security, Integrity, Fault Tolerance, Real-time Processing-E.g., A process may miss real-time deadlines when access control checks are made-Trade-offs between real-time processing and securityNeed Flexible policies-Real-time processing may be critical during a mission while security may be critical during non-operational timesSecure Dependable Information Management Example: Next Generation AWACS Technology provided by the projectTechnology provided by the projectHardwareDisplay Processor&Refresh ChannelsConsoles(14)NavigationSensorsData LinksData Analysis Programming Group (DAPG)FutureAppFutureAppFutureAppMulti-SensorTracksSensorDetectionsMSIAppDataMgmt.DataXchg.Infrastructure Services•Security being considered after the system has been designed and prototypes implemented•Challenge: Integrating real-time processing, security and fault toleranceReal-time Operating SystemSecure Dependable Information Management:IntegrationSensorSensor Data Manager ObjectSensorSecurity ServiceObjectSensorFault ToleranceService ObjectSensorReal-time Service ObjectSensorQuality ofServiceObjectSensorApplicationObjectCommunication SubsystemObject Request Broker / InfrastructureSecure Dependable Information Management: Directions for ResearchChallenge: How does a system ensure integrity, security, fault tolerant processing, and still meet timing constraints?-Develop flexible security policies; when is it more important to ensure real-time processing and ensure security?-Security models and architectures for the policies; Examine real-time algorithms – e.g.,query and transaction processing -Research for databases as well as for applications; what assumptions do we need to make about operating systems, networks and middleware?Data may be emanating from sensors and other devices at multiple locations-Data may pertain to individuals (e.g. video information, images, surveillance information, etc.)-Data may be mined to extract useful information-Need to maintain privacyReal-time Information ManagementReal-time Operating Systems-E.g., Lynx OSReal-time Data Management-Transactions must meet timing constraints-E.g., RT-Zip (product developed in the early 1990s)Real-time Middleware-E.g., RT-ORB (www.omg.org)Real-time networks-Real-time message passingNeed end-to-end real-time processing capabilityReal-time Data ManagementSensor Data ManagerUpdate ProcessorProcesses input data, Carries out action, Stores some data in stable storage, Throws away transient dataQuery ProcessorProcesses continuous queries and gives responses periodicallyInput Data Transient DataData to and from Stable StorageContinuous QueryResponseStable Sensor Data StorageStable DependableData StorageStable Sensor Data StorageStable DependableData StorageDependable Data Manager = Real-time + Security +Fault Tolerant Data ManagerUpdate ProcessorProcesses input data, Carries out action, Stores some data in stable storage, Throws away transient dataQuery ProcessorProcesses continuous Real-time queries and gives responses periodicallyInput Data Transient DataData to and from Stable StorageContinuous QueryResponseSensor Data ManagerUpdate ProcessorProcesses input data, Carries out action, Stores some data in stable storage, Throws away transient dataQuery ProcessorProcesses continuous queries and gives responses periodicallyInput Data Transient DataData to and from Stable StorageContinuous QueryResponseStable Sensor Data StorageStable
View Full Document
Unlocking...