




已阅读5页,还剩39页未读, 继续免费阅读
版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
AnalyzingandSecuringSocialNetworks,Dr.BhavaniThuraisinghamTheUniversityofTexasatDallasLecture#1IntroductiontoDataandApplicationsSecurityJanuary18,2013,Outline,DataandApplicationsSecurityDevelopmentsandDirectionsSecureSemanticWebXMLSecurity;OtherdirectionsSomeEmergingSecureDASTechnologiesSecureSensorInformationManagement;SecureDependableInformationManagementSomeDirectionsforPrivacyResearchDataMiningforhandlingsecurityproblems;Privacyvs.NationalSecurity;PrivacyConstraintProcessing;FoundationsofthePrivacyProblemWhataretheChallenges?,DevelopmentsinDataandApplicationsSecurity:1975-Present,AccessControlforSystemsRandIngres(mid1970s)Multilevelsecuredatabasesystems(1980present)Relationaldatabasesystems:researchprototypesandproducts;Distributeddatabasesystems:researchprototypesandsomeoperationalsystems;Objectdatasystems;Inferenceproblemanddeductivedatabasesystem;TransactionsRecentdevelopmentsinSecureDataManagement(1996Present)Securedatawarehousing,Role-basedaccesscontrol(RBAC);E-commerce;XMLsecurityandSecureSemanticWeb;Dataminingforintrusiondetectionandnationalsecurity;Privacy;Dependabledatamanagement;Secureknowledgemanagementandcollaboration,DevelopmentsinDataandApplicationsSecurity:MultilevelSecureDatabases-I,AirForceSummerStudyin1982EarlysystemsbasedonIntegrityLockapproachSystemsinthemidtolate1980s,early90sE.g.,SeaviewbySRI,LockDataViewsbyHoneywell,ASDandASDViewsbyTRWPrototypesandcommercialproductsTrustedDatabaseInterpretationandEvaluationofCommercialProductsSecureDistributedDatabases(late80stomid90s)Architectures;AlgorithmsandPrototypefordistributedqueryprocessing;Simulationofdistributedtransactionmanagementandconcurrencycontrolalgorithms;Securefederateddatamanagement,DevelopmentsinDataandApplicationsSecurity:MultilevelSecureDatabases-II,InferenceProblem(mid80stomid90s)Unsolvabilityoftheinferenceproblem;Securityconstraintprocessingduringquery,updateanddatabasedesignoperations;SemanticmodelsandconceptualstructuresSecureObjectDatabasesandSystems(late80stomid90s)Secureobjectmodels;Distributedobjectsystemssecurity;Objectmodelingfordesigningsecureapplications;SecuremultimediadatamanagementSecureTransactions(1990s)SingleLevel/MultilevelTransactions;Securerecoveryandcommitprotocols,SomeDirectionsandChallengesforDataandApplicationsSecurity-I,SecuresemanticwebandSocialNetworksSecuritymodelsSecureInformationIntegrationHowdoyousecurelyintegratenumerousandheterogeneousdatasourcesonthewebandotherwiseSecureSensorInformationManagementFusingandmanagingdata/informationfromdistributedandautonomoussensorsSecureDependableInformationManagementIntegratingSecurity,Real-timeProcessingandFaultToleranceDataSharingvs.PrivacyFederateddatabasearchitectures?,SomeDirectionsandChallengesforDataandApplicationsSecurity-II,DataminingandknowledgediscoveryforintrusiondetectionNeedrealisticmodels;real-timedataminingSecureknowledgemanagementProtecttheassetsandintellectualrightsofanorganizationInformationassurance,Infrastructureprotection,AccessControlInsidercyber-threatanalysis,Protectingnationaldatabases,Role-basedaccesscontrolforemergingapplicationsSecurityforemergingapplicationsGeospatial,Biomedical,E-Commerce,etc.OtherDirectionsTrustandEconomics,TrustManagement/Negotiation,SecurePeer-to-peercomputing,CoalitionDataandPolicySharing,Export,Data/Policy,Component,Data/Policyfor,AgencyA,Data/PolicyforFederation,Export,Data/Policy,Component,Data/Policyfor,AgencyC,Component,Data/Policyfor,AgencyB,Export,Data/Policy,OthertopicsofInterest,SecureCloudComputingMobilecodesecurityVulnerabilityAnalysisInfrastructuresecurityPowergridHealthcareSecurityFinancialSecurity,AccessControl,DiscretionaryAccessControlinRelationalDatabasesMandatoryAccessControlinRelationalDatabasesSecurityConstraintsTypesofAccessControlInferenceproblem,Role-based,Temporal,UsageAccessControlinOtherDatabasesObjects,FederatedCurrentTrendsinAccessControlDateWarehousing,SemanticWeb,PrivacyControlNextStepsinAccessControl,AccessControlinRelationalDatabases:1975-Present,AccessControlpoliciesweredevelopedinitiallyforfilesystemsE.g.,Read/writepoliciesforfilesAccesscontrolindatabasesstartedwiththeworkinSystemRandIngresProjectsAccessControlrulesweredefinedfordatabases,relations,tuples,attributesandelementsSQLandQUELlanguageswereextendedGRANTandREVOKEStatementsReadaccessonEMPtoUsergroupAWhereEMP.Salary30KandEMP.DeptSecurityQueryModification:ModifythequeryaccordingtotheaccesscontrolrulesRetrieveallemployeeinformationwheresalary30KandDeptisnotSecurity,QueryModificationAlgorithm,Inputs:Query,AccessControlRulesOutput:ModifiedQueryAlgorithm:GivenaqueryQ,examinealltheaccesscontrolrulesrelevanttothequeryIntroduceaWhereClausetothequerythatnegatesaccesstotherelevantattributesintheaccesscontrolrulesExample:rulesareJohndoesnothaveaccesstoSalaryinEMPandBudgetinDEPTEMP(E#,Ename,Salary,D#),DEPT(D#,Dname,Budg,Mgr)QueryistojointheEMPandDEPTrelationsonDept#ModifythequerytoJoinEMPandDEPTonDept#andprojectonallattributesexceptSalaryandBudgetOutputistheresultingquery,MandatoryAccessControl(MAC)inDatabases:1982-Present,BellandLaPadulaPolicyadaptedfordatabasesReadatorbelowyourlevelandWriteatyourlevel;Granularityofclassification:Databases,Relations,Tuples,Attributes,Elements(Note:writingaboveyourlevelisnotasecurityproblem)SecurityArchitecturesOperatingsystemprovidingmandatoryaccesscontrolandDBMSisuntrustedwithrespecttoMAC(e.g.,SRIsSeaView)TrustedSubjectArchitecturewhereDBMSistrustedwithrespecttoMAC(e.g.,TRWsASDandASDViews)IntegrityLockwhereTrustedfront-endcomputeschecksums(e.g.,MITREsMISTRESSPrototype)DistributedArchitecturewheredataisdistributedaccordingtosecuritylevelsandaccessthroughtrustedfront-end(e.g.,NRLsSINTRA)ExtendedKernelforSecurityPolicyEnforcementsuchasconstraints(e.g.,HoneywellsLockDataViews),SecurityConstraints/AccessControlRules,SimpleConstraint:JohncannotaccesstheattributeSalaryofrelationEMPContent-basedconstraint:IfrelationMISScontainsinformationaboutmissionsintheMiddleEast,thenJohncannotaccessMISSAssociation-basedConstraint:ShipslocationandmissiontakentogethercannotbeaccessedbyJohn;individuallyeachattributecanbeaccessedbyJohnReleaseconstraint:AfterXisreleasedYcannotbeaccessedbyJohnAggregateConstraints:TenormoretuplestakentogethercannotbeaccessedbyJohnDynamicConstraints:AftertheMission,informationaboutthemissioncanbeaccessedbyJohn,EnforcementofSecurityConstraints,UserInterfaceManager,ConstraintManager,SecurityConstraints,QueryProcessor:Constraintsduringqueryandreleaseoperations,UpdateProcessor:Constraintsduringupdateoperation,DatabaseDesignToolConstraintsduringdatabasedesignoperation,Database,RelationalDBMS,OtherDevelopmentsinAccessControl,InferenceProblemandAccessControlInferenceproblemoccurswhenusersposequeriesanddeduceunauthorizedinformationfromthelegitimateresponsesSecurityconstraintprocessingforcontrollinginferencesMorerecentlythereisworkoncontrollingreleaseinformationinsteadofcontrollingaccesstoinformationTemporalAccessControlModelsIncorporatestimeparameterintotheaccesscontrolmodelsRole-basedaccesscontrolControllingaccessbasedonrolesofpeopleandtheactivitiestheycarryout;ImplementedincommercialsystemsPositiveandNegativeAuthorizationsShouldnegativeauthorizationsbeexplicitlyspecified?Howcanconflictsberesolved?,SomeExamples,TemporalAccessControlAfter1/1/05,onlydoctorshaveaccesstomedicalrecordsRole-basedAccessControlManagerhasaccesstosalaryinformationProjectleaderhasaccesstoprojectbudgets,buthedoesnothaveaccesstosalaryinformationWhathappensifthemanagerisalsotheprojectleader?PositiveandNegativeAuthorizationsJohnhaswriteaccesstoEMPJohndoesnothavereadaccesstoDEPTJohndoesnothavewriteaccesstoSalaryattributeinEMPHowareconflictsresolved?,PrivacyConstraints/AccessControlRules,PrivacyconstraintsprocessingSimpleConstraint:anattributeofadocumentisprivateContent-basedconstraint:IfdocumentcontainsinformationaboutX,thenitisprivateAssociation-basedConstraint:Twoormoredocumentstakentogetherisprivate;individuallyeachdocumentispublicReleaseconstraint:AfterXisreleasedYbecomesprivateAugmentadatabasesystemwithaprivacycontrollerforconstraintprocessing,IntegratedArchitectureforPrivacyConstraintProcessing,UserInterfaceManager,ConstraintManager,PrivacyConstraints,QueryProcessor:Constraintsduringqueryandreleaseoperations,UpdateProcessor:Constraintsduringupdateoperation,XMLDatabaseDesignToolConstraintsduringdatabasedesignoperation,Database,RelationalDBMS,OtherPolicies,TrustPoliciesTowhatextentdoyoutrustthesourceofthedataHowcantrustbepropagatedAddingtrustvaluetoeachpieceofdataAtrustsBandBtrustsC,doesthismeanAtrustsC?Adepartmentheadsendsmessagestoallthefaculty;howeverhe/shemaynottrustaparticularpersonDevelopingalanguagetospecifytrustIntegrityPoliciesMaintainingthequalityofthedataAddinganattributetoeachpieceofdatatospecifythequalityQualityalsodependsonhowmuchyoutrustthesourceAlgebrafordataquality,AccessControlinDatabases:NextSteps,AccessControlinDatabaseswillcontinuetobeveryimportantWealsoneedtoexaminealternativesWeneednewkindsofaccesscontrolmodels1975modelsmaynotbesuitableforemergingapplicationssuchassemanticweb,e-commerceandstreamdatamanagementRole-basedaccesscontrolhasbecomeverypopularandisimplementednowincommercialsystems.Whatvariationsofthismodelareappropriateforemergingapplications?End-to-endsecurityiscriticalWecannothavesecuredatabasesandhaveinsecurenetworksandmiddleware;ComposabilityFlexiblesecuritypoliciesConfidentiality,Authenticity,Completeness,Integrity,Trust,Privacy,DataQuality,etc.,Policies,NeedtoKnowtoNeedtoShareRBACUCONABACDisseminationRiskbasedaccesscontrolTrustManagement/Credential/DisclosureDirectionsMajorconferencesforPolicyandAccessControl:IEEEPolicyWorkshopACMSACMAT,NeedtoKnowtoNeedtoShare,Needtoknowpoliciesduringthecoldwar;eveniftheuserhasaccess,doestheuserhaveaneedtoknow?Post9/11theemphasisisonneedtoshareUsermaynothaveaccess,butneedsthedataDowegivethedatatotheuserandthenanalyzetheconsequencesDoweanalyzetheconsequencesandthendeterminetheactionstotakeDowesimplynotgivethedatatotheuserWhatarerisksinvolved?,RBAC,AccesstoinformationsourcesincludingstructuredandunstructureddatabothwithintheorganizationandexternaltotheorganizationAccessbasedonrolesHierarchyofroles:handlingconflictsControlleddisseminationandsharingofthedata,RBAC(Sandhu),UCON,RBACmodelisincorporatedintoUCONandusefulforvariousapplicationsAuthorizationcomponentObligationsObligationsareactionsrequiredtobeperformedbeforeanaccessispermittedObligationscanbeusedtodeterminewhetheranexpensiveknowledgesearchisrequiredAttributeMutabilityUsedtocontrolthescopeoftheknowledgesearchConditionCanbeusedforresourceusagepoliciestoberelaxedortightened,UCON(Sandhu),Role-basedUsageControl(RBUC),RBACwithUCONextension,ReleaseandDisseminationPolicies,ReleasepolicieswilldeterminetowhomtoreleasethedataWhatistheconnectiontoaccesscontrolIsaccesscontrolsufficientOncethedataisretrievedfromtheinformationsource(e.g.,database)shoulditbereleasedtotheuserOncethedataisreleased,disseminationpolicieswilldeterminewhothedatacanbegiventoElectronicmusic,etc.,ABAC:Attribute-basedAccessControl,Userspecifieshis/herattributes(e.g.,gender,citizenship)PolicieswouldspecifyaccessbasedonusercredentialsOpenenvironmentXACML,RiskBasedDataSharing/AccessControl,Whataretherisksinvolvedinreleasing/disseminatingthedataRiskmodelingshouldbeintegratedwiththeaccesscontrolmodelSimplemethod:assignriskvaluesHighertherisk,lowerthesharingWhatisthecostofreleasingthedata?Cost/Risk/Securitycloselyrelated,TrustManagement,TrustServicesIdentifyservices,authorizationservices,reputationservicesTrustnegotiation(TN)Digitalcredentials,DisclosurepoliciesTNRequirementsLanguagerequirementsSemantics,constraints,policiesSystemrequirementsCredentialownership,validity,alternativenegotiationstrategies,privacyExampleTNsystemsKeyNoteandTrust-X(UofMilan),TrustBuilder(UIUC),TrustManagement,Theproblem:establishingtrustinopensystems,Mutualauthentication-Assumptiononthecounterparthonestynolongerholds-Bothparticipantsneedtoauthenticateeachother,?,Interactionsbetweenstrangers-Inconventionalsystemsuseridentityisknowninadvanceandcanbeusedforperformingaccesscontrol-Inopensystemspartecipantsmayhavenopre-existingrelationshipandmaynotshareacommonsecuritydomain,TrustNegotiationmodel,ApromisingapproachforopensystemswheremostoftheinteractionsoccurbetweenstrangersThegoal:establishtrustbetweenpartiesinordertoexchangesensitiveinformationandservicesTheapproach:establishtrustbyverifyingpropertiesoftheotherparty,Trustnegotiation:theapproach,Interactionsbetweenstrangersinopensystemsaredifferentfromtraditionalaccesscontrolmodels,Policiesandmechanismsdevelopedinconventionalsystemsneedtoberevised,USERIDsVS.SUBJECTPROPERTIES,ACCESSCONTROLPOLICIESVS.DISCLOSUREPOLICIES,Subjectproperties:digitalcredentials,AssertionaboutthecredentialownerissuedandcertifiedbyaCertificationAuthority.,CA,CA,Eachentityhasanassociatedsetofcredentials,describingpropertiesandattributesoftheowner.,UseofCredentials,CredentialIssuer,DigitalCredentials,Julie3kidsMarriedAmerican,CompanyA,CompanyB,Wanttoknowcitizenship,Wanttoknowmaritalstatus,-Julie-American,-Julie-Married,Alice,Check,Check,Referencedfrom,Credentials,CredentialscanbeexpressedthroughtheSecurityAssertionMar
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 2025年山东师范大学公开招聘人员(23名)考前自测高频考点模拟试题及一套参考答案详解
- 智能家电产品设计与生产合作框架协议
- 2025年事业单位招聘考试市场营销专业综合能力测试试卷(真题模拟实战)
- 智能编织工艺优化标准-洞察与解读
- 宏华生物中考试卷及答案
- 黑龙江乐理考试题及答案
- 河南普通话考试题及答案
- 2025国考大连市资产管理岗位申论模拟题及答案
- 2025国考大连证监局申论对策建议题库含答案
- 2025国考大兴安岭会计审计岗位申论高频考点及答案
- 离心式通风机-离心式通风机的构造和工作原理
- GCP的质量控制课件
- 卿涛人力资源管理第2章人力资源战略
- 2023年12月英语四级真题及答案下载(第一套)(word版)
- 2022年全国医院感染横断面调查个案登记表
- 新能源概论新能源及其材料课件
- 2016年-中国PCI冠脉介入指南专业解读
- 2021年唐山交通发展集团有限公司校园招聘笔试试题及答案解析
- 幼儿园教学课件小班社会《孤独的小熊》课件
- 煤矿岗位安全安全操作规程
- 成语故事——井底之蛙课件PPT
评论
0/150
提交评论