Trustworthy Semantic WebHistoryStatistical DatabasesSecurity Constraints / Access Control Rules / PoliciesSecurity Constraints/Policies for HealthcareInference Problem in MLS/DBMSRevisiting Security Constraints / PoliciesEnforcement of Security ConstraintsQuery AlgorithmsUpdate AlgorithmsDatabase Design AlgorithmsExample Security-Enhanced Semantic WebTrustworthy Semantic WebDr. Bhavani ThuraisinghamThe University of Texas at DallasInference ProblemFebruary 2012History Statistical databases (1970s – present)Inference problem in databases (early 1980s - present) Inference problem in MLS/DBMS (late 1980s – present)Unsolvability results (1990)Logic for secure databases (1990)Semantic data model applications (late 1980s - present)Emerging applications (1990s – present)Privacy (2000 – present)Statistical Databases Census Bureau has been focusing for decades on statistical inference and statistical databaseCollections of data such as sums and averages may be given out but not the individual data elementsTechniques include -Perturbation where results are modified -Randomization where random samples are used to compute summariesTechniques are being used now for privacy preserving data miningSecurity Constraints / Access Control Rules / PoliciesSimple Constraint: John cannot access the attribute Salary of relation EMPContent-based constraint: If relation MISS contains information about missions in the Middle East, then John cannot access MISSAssociation-based Constraint: Ship’s location and mission taken together cannot be accessed by John; individually each attribute can be accessed by JohnRelease constraint: After X is released Y cannot be accessed by JohnAggregate Constraint: Ten or more tuples taken together cannot be accessed by JohnDynamic Constraint: After the Mission, information about the mission can be accessed by JohnSecurity Constraints/Policies for HealthcareSimple Constraint: Only doctors can access medical recordsContent-based constraint: If the patient has Aids then this information is privateAssociation-based Constraint: Names and medical records taken together is privateRelease constraint: After medical records are released, names cannot be releasedAggregate Constraint: The collection of patients is private, individually publicDynamic Constraint: After the patient dies, information about him becomes publicInference Problem in MLS/DBMSInference is the process of forming conclusions from premisesIf the conclusions are unauthorized, it becomes a problemInference problem in a multilevel environmentAggregation problem is a special case of the inference problem - collections of data elements is Secret but the individual elements are UnclassifiedAssociation problem: attributes A and B taken together is Secret - individually they are UnclassifiedRevisiting Security Constraints / PoliciesSimple Constraint: Mission attribute of SHIP is SecretContent-based constraint: If relation MISSION contains information about missions in Europe, then MISSION is SecretAssociation-based Constraint: Ship’s location and mission taken together is Secret; individually each attribute is UnclassifiedRelease constraint: After X is released Y is SecretAggregate Constraint: Ten or more tuples taken together is SecretDynamic Constraint: After the Mission, information about the mission is UnclassifiedLogical Constraint: A Implies B; therefore if B is Secret then A must be at least SecretEnforcement of Security Constraints User Interface ManagerConstraintManagerSecurity ConstraintsQuery Processor:Constraints during query and release operationsUpdate Processor:Constraints during update operationDatabase Design ToolConstraints during database design operationDatabaseData ManagerQuery AlgorithmsQuery is modified according to the constraintsRelease database is examined as to what has been releasedQuery is processed and response assembledRelease database is examined to determine whether the response should be releasedResult is given to the userPortions of the query processor are trustedUpdate AlgorithmsCertain constraints are examined during update operationExample: Content-based constraintsThe security level of the data is computedData is entered at the appropriate levelCertain parts of the Update Processor are trustedDatabase Design AlgorithmsCertain constraints are examined during the database design time-Example: Simple, Association and Logical ConstraintsSchema are assigned security levelsDatabase is partitioned accordinglyExample:-If Ships location and mission taken together is Secret, then SHIP (S#, Sname) is Unclassified, LOC-MISS(S#, Location, Mission) is Secret LOC(Location) is Unclassified-MISS(Mission) is UnclassifiedExample Security-Enhanced Semantic WebSecurity PoliciesOntologies RulesSemantic Web EngineRDF, OWLDocumentsWeb Pages, DatabasesInference Engine/Inference ControllerInterface to the Security-Enhanced Semantic WebTechnologyto be developed by
View Full Document