Docstoc

Example Data Mining for the NBA

Document Sample
Example Data Mining for the NBA Powered By Docstoc
					Introduction to Biometrics

       Dr. Bhavani Thuraisingham
     The University of Texas at Dallas


                Lecture #2
           Information Security


             August 24, 2005
Outline
  Operating Systems Security
  Network Security
  Designing and Evaluating Systems
  Web Security
  Other Security Technologies
  Data and Applications Security
Operating System Security
  Access Control
     - Subjects are Processes and Objects are Files
     - Subjects have Read/Write Access to Objects
     - E.g., Process P1 has read acces to File F1 and write access to
       File F2
  Capabilities
     - Processes must presses certain Capabilities / Certificates to
       access certain files to execute certain programs
     - E.g., Process P1 must have capability C to read file F
Mandatory Security
  Bell and La Padula Security Policy
     - Subjects have clearance levels, Objects have sensitivity levels;
       clearance and sensitivity levels are also called security levels
     - Unclassified < Confidential < Secret < TopSecret
     - Compartments are also possible
     - Compartments and Security levels form a partially ordered
       lattice
  Security Properties
     - Simple Security Property: Subject has READ access to an object
       of the subject’s security level dominates that of the objects
     - Star (*) Property: Subject has WRITE access to an object if the
       subject’s security level is dominated by that of the objects\
Covert Channel Example
  Trojan horse at a higher level covertly passes data to a Trojan
   horse at a lower level
  Example:
    - File Lock/Unlock problem
    - Processes at Secret and Unclassified levels collude with
      one another
    - When the Secret process lock a file and the Unclassified
      process finds the file locked, a 1 bit is passed covertly
    - When the Secret process unlocks the file and the
      Unclassified process finds it unlocked, a 1 bit is passed
      covertly
    - Over time the bits could contain sensitive data
Network Security
  Security across all network layers
    - E.g., Data Link, Transport, Session, Presentation,
       Application
  Network protocol security
     - Ver5ification and validation of network protocols
  Intrusion detection and prevention
     - Applying data mining techniques
  Encryption and Cryptography
  Access control and trust policies
  Other Measures
     - Prevention from denial of service, Secure routing, - - -
Steps to Designing a Secure System
  Requirements, Informal Policy and model
  Formal security policy and model
  Security architecture
     - Identify security critical components; these components must be
       trusted
  Design of the system
  Verification and Validation
Product Evaluation
  Orange Book
     - Trusted Computer Systems Evaluation Criteria
  Classes C1, C2, B1, B2, B3, A1 and beyond
     - C1 is the lowest level and A1 the highest level of assurance
     - Formal methods are needed for A1 systems
  Interpretations of the Orange book for Networks (Trusted Network
   Interpretation) and Databases (Trusted Database Interpretation)
  Several companion documents
     - Auditing, Inference and Aggregation, etc.
  Many products are now evaluated using the federal Criteria
Security Threats to Web/E-commerce

                                       Security
                                       Threats and
                                       Violations




       Access
                          Integrity
       Control                                       Fraud          Sabotage
       Violations         Violations




                                                             Confidentiality
         Denial of                                           Authentication
         Service/                                            Nonrepudiation
         Infrastructure                                      Violations
         Attacks
Approaches and Solutions
   End-to-end security
      - Need to secure the clients, servers, networks, operating
        systems, transactions, data, and programming languages
      - The various systems when put together have to be secure
             Composable properties for security
   Access control rules, enforce security policies, auditing,
    intrusion detection
   Verification and validation
   Security solutions proposed by W3C and OMG
   Java Security
   Firewalls
   Digital signatures and Message Digests, Cryptography
E-Commerce Transactions
  E-commerce functions are carried out as transactions
     - Banking and trading on the internet
     - Each data transaction could contain many tasks
  Database transactions may be built on top of the data transaction
   service
     - Database transactions are needed for multiuser access to web
       databases
     - Need to enforce concurrency control and recovery techniques
Types of Transaction Systems
  Stored Account Payment
    - e.g., Credit and debit card transactions
    - Electronic payment systems
    - Examples: First Virtual, CyberCash, Secure Electronic Transaction
  Stored Value Payment
    - Uses bearer certificates
    - Modeled after hard cash
           Goal is to replace hard cash with e-cash
    - Examples: E-cash, Cybercoin, Smart cards
What is E-Cash?
  Electronic Cash is stored in a hardware token
  Token may be loaded with money
     - Digital cash from the bank
  Buyer can make payments to seller’s token (offline)
  Buyer can pay to seller’s bank (online)
  Both cases agree upon protocols
  Both parties may use some sort of cryptographic key mechanism to
   improve security
Other Security Technologies
  Data and Applications Security
  Middleware Security
  Insider Threat Analysis
  Risk Management
  Trust and Economics
  Biometrics
Developments in Data and Applications
Security: 1975 - Present

  Access Control for Systems R and Ingres (mid 1970s)
  Multilevel secure database systems (1980 – present)
     - Relational database systems: research prototypes and products;
       Distributed database systems: research prototypes and some
       operational systems; Object data systems; Inference problem
       and deductive database system; Transactions
  Recent developments in Secure Data Management (1996 – Present)
     - Secure data warehousing, Role-based access control (RBAC); E-
       commerce; XML security and Secure Semantic Web; Data
       mining for intrusion detection and national security; Privacy;
       Dependable data management; Secure knowledge management
       and collaboration
Developments in Data and Applications
Security: Multilevel Secure Databases - I
   Air Force Summer Study in 1982
   Early systems based on Integrity Lock approach
   Systems in the mid to late 1980s, early 90s
      - E.g., Seaview by SRI, Lock Data Views by Honeywell, ASD and
        ASD Views by TRW
      - Prototypes and commercial products
      - Trusted Database Interpretation and Evaluation of Commercial
        Products
   Secure Distributed Databases (late 80s to mid 90s)
      - Architectures; Algorithms and Prototype for distributed query
        processing; Simulation of distributed transaction management
        and concurrency control algorithms; Secure federated data
        management
Developments in Data and Applications
Security: Multilevel Secure Databases - II
  Inference Problem (mid 80s to mid 90s)
     - Unsolvability of the inference problem; Security constraint
       processing during query, update and database design
       operations; Semantic models and conceptual structures
  Secure Object Databases and Systems (late 80s to mid 90s)
     - Secure object models; Distributed object systems security;
       Object modeling for designing secure applications; Secure
       multimedia data management
  Secure Transactions (1990s)
     - Single Level/ Multilevel Transactions; Secure recovery and
       commit protocols
Some Directions and Challenges for Data and
Applications Security - I
   Secure semantic web
     - Single/multiple security models?
     - Different application domains
   Secure Information Integration
     - How do you securely integrate numerous and heterogeneous
       data sources on the web and otherwise
   Secure Sensor Information Management
     - Fusing and managing data/information from distributed and
       autonomous sensors
   Secure Dependable Information Management
     - Integrating Security, Real-time Processing and Fault Tolerance
   Data Sharing vs. Privacy
     - Federated database architectures?
Some Directions and Challenges for Data and
Applications Security - II
   Data mining and knowledge discovery for intrusion detection
     - Need realistic models; real-time data mining
   Secure knowledge management
     - Protect the assets and intellectual rights of an organization
   Information assurance, Infrastructure protection, Access
   Control
     - Insider cyber-threat analysis, Protecting national databases,
       Role-based access control for emerging applications
   Security for emerging applications
     - Geospatial, Biomedical, E-Commerce, etc.
   Other Directions
     - Trust and Economics, Trust Management/Negotiation, Secure
       Peer-to-peer computing,
Layered Architecture for Dependable
Semantic Web
   0Adapted from Tim Berners Lee’s description of the Semantic Web


     S   P           Logic, Proof and Trust
     E   R
     C   I                Rules/Query
     U   V                                               Other
     R   A                                               Services
     I   C              RDF, Ontologies
     T   Y
     Y              XML, XML Schemas


                           URI, UNICODE


  0 Some Challenges: Security and Privacy cut across all layers;
  Integration of Services; Composability
Secure Sensor Information Management:
Directions for Research
  Individual sensors may be compromised and attacked; need
   techniques for detecting, managing and recovering from such
   attacks
  Aggregated sensor data may be sensitive; need secure storage sites
   for aggregated data; variation of the inference and aggregation
   problem?
  Security has to be incorporated into sensor database management
     - Policies, models, architectures, queries, etc.
  Evaluate costs for incorporating security especially when the sensor
   data has to be fused, aggregated and perhaps mined in real-time
  Need secure dependable information management for sensor data
Secure Dependable Information Management
  Dependable information management includes
     - secure information management
     - fault tolerant information
     - High integrity and high assurance computing
     - Real-time computing
  Conflicts between different features
     - Security, Integrity, Fault Tolerance, Real-time Processing
     - E.g., A process may miss real-time deadlines when access
       control checks are made
     - Trade-offs between real-time processing and security
     - Need flexible security policies; real-time processing may be
       critical during a mission while security may be critical during
       non-operational times
Secure Dependable Information Management
Example: Next Generation AWACS

         Navigation
                                Data Analysis Programming                      Display           Consoles
         Data Links                                                           Processor            (14)
                                      Group (DAPG)                                &
         Sensors                                                               Refresh
                                                                              Channels




                    Sensor              Multi-Sensor
                   Detections             Tracks                             •Security being considered after
Technology                                                                   the system has been designed
                                                Future     Future   Future
provided by                                      App        App      App     and prototypes implemented
the project
                                                                             •Challenge: Integrating real-time
                       Data              MSI                                 processing, security and
                       Mgmt.    Data
                                Xchg.
                                         App                                 fault tolerance
                                 Infrastructure Services

                                Real-time Operating System

                                    Hardware
Research Directions for Privacy
   Why this interest now on privacy?
     -   Data Mining for National Security
     -   Data Mining is a threat to privacy
     -   Balance between data sharing/mining and privacy
   Privacy Preserving Data Mining
   Inference Problem as a Privacy Problem
   Data Sharing Across Coalitions
Data Mining to Handle Security Problems
  Data mining tools could be used to examine audit data and flag
   abnormal behavior
  Much recent work in Intrusion detection
     - e.g., Neural networks to detect abnormal patterns
  Tools are being examined to determine abnormal patterns for
   national security
     - Classification techniques, Link analysis
  Fraud detection
     - Credit cards, calling cards, identity theft etc.
What can we do?:
Privacy Preserving Data Mining
  Prevent useful results from mining
     - limit data access to ensure low confidence and support
     - Extra data (“cover stories”) to give “false” results with Providing
       only samples of data can lower confidence in mining results;
  Idea: If adversary is unable to learn a good classifier from the data,
   then adversary will be unable to learn good
     - rules, predictive functions
  Approach: Only make a sample of data available
     - Limits ability to learn good classifier
  Several recent research efforts have been reported
Inference Problem as a Privacy Problem:
 Privacy Constraint Processing

                User Interface Manager


       Privacy            Constraint                      Database Design
       Constraints        Manager                         Tool
                                                          Constraints during
                                                          database design
             Query Processor:          Update             operation
                                       Processor:
             Constraints during
             query and release         Constraints
             operations                during update
                                       operation



                           DBMS                        Database
Secure Data Sharing Across Coalitions

                          Data/Policy for Coalition




     Export                                            Export
     Data/Policy                                       Data/Policy

                                Export
                                Data/Policy
        Component                                         Component
        Data/Policy for                                   Data/Policy for
        Agency A                                          Agency C


                                     Component
                                     Data/Policy for
                                     Agency B

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:5
posted:5/26/2012
language:
pages:28