Embedded Devices in ehealth applications - PowerPoint by jfX7W8z


									            Security and Error
     Transaction Fusion in the
    Correction/Detection in 802.1x and
    Wake of Information Warfare
            Brajendra Panda, Rajesh Yalamanchili
       Computer Science Department, University of North Dakota
          Proceedings of the 2001 ACM symposium on Applied computing
    Proceedings of the 2001 ACM symposium on Applied Computing
                 Brajendra Panda, Rajesh Yalamanchili, March 2001
                                  March 2001

                          Sweety Chauhan
                        Sweety Chauhan
                          12 October 2005

                           October 19, 2005

CMSC 691I                                      Information Warfare

 New and Significant

 Defensive Information Warfare

 Previous Work

 Transaction Fusion Model

 Recovery Algorithm

 Conclusion

 Future work

CMSC 691I                          Information Warfare 2
                       New and Significant

 The existing recovery techniques
    first undo all malicious and affected transactions and
    then redo all affected transactions

 New
    a model to fuse groups of malicious and affected transactions

 Significant
    by combining transactions, several data items that were required to be
     accessed multiple times in each individual transaction are now accessed
     only once in a fused transaction.
    Acceleration of recovery process

 CMSC 691I                                             Information Warfare 3
             What is Information Warfare?

 Any electronic attack intended to disrupt a computer
  system is termed as “Information Warfare”

 Defensive information warfare - safeguarding systems from
  malicious attacks

 Databases form the prime target for many of the malicious
  activities carried out by intruders

 CMSC 691I                               Information Warfare 4
            Defensive Information Warfare

                                    Techniques designed to guard
                                    hardware, software and user data
                       1. Protect
A functional                        against threats from both outsiders
                                    as well as from malicious insiders

paradigm of
                                    1. critical to the survival of information
 defensive             2. Detect    2. can be achieved by gaining an accurate
                                       understanding of the “state” of the
information                            system at any given point in time
                                       e.g. Intrusion Detection Systems

  warfare                           1. assessing damage
                                    2. finding malicious hidden programs
                       3. React
                                    3. locating and closing any back doors
                                       left by an attacker for future reentry
                                    4. recovering data

CMSC 691I                                     Information Warfare 5
                Database Information Attack

 In the protect phase, an attempt is made to prevent an
  attack on the database.

 Absolute prevention can never be achieved and hence there
  is a detect phase.
    intrusion detection mechanisms to identify attacks

 Once an attack is detected, react phase makes every effort
    completely wipe out the effect of malicious transaction and
    restore the database to a consistent state, the state database would have
     reached if there was no malicious transaction
    must be performed in the shortest time possible

 CMSC 691I                                             Information Warfare 6
                             Previous Work

 The damage inflicted on a database can spread manifold
  within a short time
    when the transactions are interdependant and there is lot of activity in the

 Traditional recovery techniques, which deal with media and
  system failures, are not efficient in dealing with malicious
    rollback the database to the point of attack
    all transactions except for the malicious transaction(s) are then redone to
     bring the database to a consistent state

  Highly time-consuming process which is UNACCEPTABLE!!!

 CMSC 691I                                              Information Warfare 7
           Traditional Recovery Techniques

 Transaction dependency approach
   malicious transaction(s) and the transactions that depend on the malicious
    transaction(s) are considered for recovery purposes.

 Data dependency approach
   data items that are affected by the malicious transaction(s) and their
    dependant data items are restored to their correct values.

  log has to be scanned from the point of attack to the end

                      => time consuming process

CMSC 691I                                              Information Warfare 8
                  Transaction Fusion Model

 Assumptions:
    The schedule produced by the scheduler is strictly serializable
    Blind writes are not allowed
    The entire schedule is logged and the log cannot be modified or purged by
     any user

 Transaction dependency approach
    fuses a group of transactions into a single transaction

 Fast and efficient recovery
    accelerating the redo and undo phases

 CMSC 691I                                             Information Warfare 9
                        Types of Transaction

 Malicious Transaction

 Authentic Transaction

 Set Notations
      malicious transactions (M),
      authentic transactions (A),
      affected transactions (F), and
      unaffected transactions (U)

 A schedule is a collection of transactions that are
  interleaved and there exists a partial ordering among the
  operations of these transactions

 CMSC 691I                                Information Warfare 10
                                  Definitions (I)

 A transaction Tj is said to be dependant upon another
  transaction Ti,
    if there exists a data item x such that Ti is the last committed transaction to
     update x before Tj reads x.
    dependency relationship is denoted by Ti → Tj

 For any two schedules of transactions Si and Sj,
    combined schedule (Si         Sj)
        where Si and Sj do not have any transaction in common
        the combined effect of executing schedule Si followed by Sj

    Sj is a sub-schedule of Si (Sj ⊂s Si ) if
        Sj contains all the transactions that are present in Si
        the order among these transactions is same

 CMSC 691I                                                         Information Warfare 11
                        Definitions (II)

 If Sj ⊂s Si then the effect of executing Si and undoing all the
  transactions belonging to Sj is represented by Si Θ Sj

 Two schedules are said to be value equivalents, if they
  produce the same final state when they start from the same
  initial state

 CMSC 691I                                  Information Warfare 12

                                                                  T1         T3
Si : T1, T3, T5, T4, T2, T6

Sj : T1, T2, T6
                                                         T6       T2        T4     T5
T4 and T5 depend on T3
                                                                Dependency Graph
T6 depends on T1

T2 depends on T1 and T3

Following steps are carried out for finding Si Θ Sj

1.   Dependency graph for original schedule (Si) is drawn first

2.   The last transaction in Si (T6) is undone only if it is a leaf node

3.   Node representing the transaction undone is deleted and the process is repeated.

                                      Si Θ Sj: T3, T5, T4
 CMSC 691I                                                             Information Warfare 13
                         Model Description (I)

 When an attack by one or more malicious transactions is
   Step 1: Undo affected and malicious transactions
   Step 2: Affected transactions are then re-executed
   Step 3: Unaffected transactions are skipped in both undo and redo processes

 Compensated-for transaction - the transaction that needs to
  be undone

 Compensating transaction - the transaction that eliminates
  the effect of compensated-for transaction
    a compensating transaction is executed for each transaction that needs to
     be undone

 CMSC 691I                                                  Information Warfare 14
                      Model Description (II)

 Fuse transactions wherever possible and execute the fused

 Significant gain in time
    one commit incase of a fused transaction rather than multiple commits
    good chance of dependant transactions being fused into a single transaction

 Database has a state at any given instant of time.
    It will change from its current state to another state when one or more
     transactions commit
    contemporary transactions- one or more transactions committing at the
     same time

 CMSC 691I                                            Information Warfare 15
                 Recovery Procedure (I)

 variables M_ID and F_ID - generate IDs for the newly formed
  fused malicious transaction and fused affected transaction

 variable M_flag serves as a flag to identify the first
  malicious transaction in a group of malicious transactions

 F_flag helps in identifying the first affected transaction in a
  group of affected transactions

 CMSC 691I                                   Information Warfare 16
                Recovery Procedure (II)

 The function fuse combines the operations belonging to two
  transactions (T1 and T2) and places them in a single fused
  transaction (Tf)

 If the two conditions needed for fusion of writes are
  satisfied, then both the writes are fused together by calling
  fuse_writes function

 CMSC 691I                                 Information Warfare 17
      Recovery Procedure (II)- Algorithm
                                   * Source: Research paper [1]

CMSC 691I                     Information Warfare 18
                     Recovery Procedure (III)

 The algorithm is suitable for strict logical logging, where
  before and after images are not stored

 In semantic logging, before and after images are stored
  along with the transaction semantics
    Undo process – simple and consists of two phases:
        first phase – the set of data items updated by malicious transactions and affected
         transactions are determined
        second phase - the unaffected transactions updating these data items are
    Redo process - same as that of strict logical logging

 CMSC 691I                                                   Information Warfare 19

 Recovery - phase in defensive information warfare
    Should be carried out in the shortest time possible to minimize denial of

 Set of malicious transactions and affected transactions =>
  single fused transaction
      fused malicious and affected transactions sets are undone in undo process
      fused affected transactions sets are re-executed in redo process
      Number of transactions and total number of operations are minimized
      Executing new fused sets of transactions during recovery expedites the

 CMSC 691I                                             Information Warfare 20
                        Future Work

 Simulation study of this model

 Integration of this model in distributed databases and

 CMSC 691I                                Information Warfare 21

 Transaction fusion in the wake of information warfare, Brajendra Panda,
  Rajesh Yalamanchili March 2001, Proceedings of the 2001 ACM
  symposium on Applied computing

 The IWAR range: a laboratory for undergraduate information assurance
  education, Joseph Schafer, Daniel J. Ragsdale, John R. Surdu, Curtis A.
  Carver, April 2001, Journal of Computing Sciences in Colleges ,
  Proceedings of the sixth annual CCSC northeastern conference on The
  journal of computing in small colleges, Volume 16 Issue 4

 Emerging technologies for homeland security: Countering terrorism
  through information technology, Robert Popp, Thomas Armour, Ted
  Senator, Kristen Numrych , March 2004 Communications of the
  ACM, Volume 47 Issue 3

 CMSC 691I                                       Information Warfare 22
            Thanks a lot …

               For Your


CMSC 691I                    Information Warfare 23
            Any Questions

CMSC 691I               Information Warfare 24

 Presentation Slides, Homework and Research Papers are
                        available at :


CMSC 691I                            Information Warfare 25

To top