Data and Applications Security Developments and Directions - PowerPoint PPT Presentation

1 / 48
About This Presentation
Title:

Data and Applications Security Developments and Directions

Description:

KM involves the creation, dissemination, and utilization of knowledge ... Secure content management. Markup technologies and related aspects for managing content ... – PowerPoint PPT presentation

Number of Views:84
Avg rating:3.0/5.0
Slides: 49
Provided by: chrisc8
Category:

less

Transcript and Presenter's Notes

Title: Data and Applications Security Developments and Directions


1
Data and Applications Security Developments and
Directions
  • Secure Knowledge Management
  • Confidentiality, Privacy and Trust
  • Dr. Bhavani Thuraisingham
  • The University of Texas at Dallas
  • November 29, 2005

2
Outline of the Unit
  • Background on Knowledge Management
  • Secure Knowledge Management
  • Confidentiality Access Control
  • Privacy
  • Trust Management
  • Integrated System
  • Secure Knowledge Management Technologies
  • Directions
  • Appendix TrustX Research

3
References
  • Proceedings Secure Knowledge Management Workshop
  • Secure Knowledge Management Workshop, Buffalo,
    NY, September 2004
  • http//www.cse.buffalo.edu/caeiae/skm2004/
  • Secure Knowledge Management
  • Authors Thuraisingham, Bertino, Sandhu
  • To be published in IEEE Transactions on Systems,
    Man and Cybernetics
  • This lecture is based on the above paper

4
What is Knowledge Management
  • Knowledge management, or KM, is the process
    through which organizations generate value from
    their intellectual property and knowledge-based
    assets
  • KM involves the creation, dissemination, and
    utilization of knowledge
  • Reference http//www.commerce-database.com/knowle
    dge-management.htm?sourcegoogle

5
Knowledge Management Components
Knowledge
Components of
Management
Components,
Cycle and
Technologies
Cycle
Technologies
Components
Knowledge, Creation
Expert systems
Strategies
Sharing, Measurement
Collaboration
Processes
And Improvement
Training
Metrics
Web
6
Organizational Learning Process
Incentives
Source Reinhardt and Pawlowsky
7
Aspects of Secure Knowledge Management (SKM)
  • Protecting the intellectual property of an
    organization
  • Access control including role-based access
    control
  • Security for process/activity management and
    workflow
  • Users must have certain credentials to carry out
    an activity
  • Composing multiple security policies across
    organizations
  • Security for knowledge management strategies and
    processes
  • Risk management and economic tradeoffs
  • Digital rights management and trust negotiation

8
SKM Strategies, Processes, Metrics, Techniques
  • Security Strategies
  • Policies and procedures for sharing data
  • Protecting intellectual property
  • Should be tightly integrated with business
    strategy
  • Security processes
  • Secure workflow
  • Processes for contracting, purchasing, order
    management, etc.
  • Metrics
  • What is impact of security on number of documents
    published and other metrics gathered
  • Techniques
  • Access control, Trust management

9
SKM Strategies, Processes, Metrics, Techniques
10
Secure Knowledge Management Architecture
11
SKM Technologies
  • Data Mining
  • Mining the information and determine resources
    without violating security
  • Secure Semantic Web
  • Secure knowledge sharing
  • Secure Annotation Management
  • Managing annotations about expertise and
    resources
  • Secure content management
  • Markup technologies and related aspects for
    managing content
  • Secure multimedia information management

12
Confidentiality, Privacy and Trust
  • Confidentiality Ensuring that only authorized
    individuals get/acquire the information/knowledge
    according to the confidentiality policies
  • Privacy Ensuring that my personal information is
    distributed according to the policies I enforce
  • Trust Do we believe that the other person will
    not divulge confidential and/or private
    information even though he/she is authorized to
    receive the information

13
Access Control Strategy
  • XML to specify policies
  • Subjects request access to XML documents under
    two modes Browsing and authoring
  • With browsing access subject can read/navigate
    documents
  • Authoring access is needed to modify, delete,
    append documents
  • Access control module checks the policy based and
    applies policy specs
  • Views of the document are created based on
    credentials and policy specs
  • In case of conflict, least access privilege rule
    is enforced
  • Works for Push/Pull modes
  • Presentation at MITRE on March 18, 2005

14
System Architecture for Access Control
15
Third-Party Architecture
XML Source
Credential base
policy base
  • The Owner is the producer of information It
    specifies access control policies
  • The Publisher is responsible for managing (a
    portion of) the Owner information and answering
    subject queries
  • Goal Untrusted Publisher with respect to
    Authenticity and Completeness checking

SE-XML
Owner
Publisher
Reply document
credentials
Query
User/Subject
16
RBAC for SKM
  • Access to information sources including
    structured and unstructured data both within the
    organization and external to the organization
  • Search Engines and tools for identifying relevant
    pieces of this information for a specific purpose
  • Knowledge extraction, fusion and discovery
    programs and services
  • Controlled dissemination and sharing of newly
    produced knowledge

17
RBAC for SKM
18
UCON (Usage Control) for SKM
  • RBAC model is incorporated into UCON and useful
    for SKM
  • Authorization component
  • Obligations
  • Obligations are actions required to be performed
    before an access is permitted
  • Obligations can be used to determine whether an
    expensive knowledge search is required
  • Attribute Mutability
  • Used to control the scope of the knowledge search
  • Condition
  • Can be used for resource usage policies to be
    relaxed or tightened

19
UCON for SKM
20
Confidentiality Controller
21
Some Privacy concerns
  • Medical and Healthcare
  • Employers, marketers, or others knowing of
    private medical concerns of employees
  • Security
  • Allowing access to individuals travel and
    spending data
  • Allowing access to web surfing behavior
  • Marketing, Sales, and Finance
  • Allowing access to individuals purchases

22
Privacy Preserving Data Mining
  • Association Rules
  • Privacy Preserving Association Rule Mining
  • IBM, - - - - -
  • Decision Trees
  • Privacy Preserving Decision Trees
  • IBM, - - - -
  • Clustering
  • Privacy Preserving Clustering
  • Purdue, - - - -
  • Link Analysis
  • Privacy Preserving Link Analysis
  • UTD, (ICDM Conference Workshop on Privacy
    Preserving Data Mining, November 2005)

23
Privacy Controller

Interface to the Client

Inference Engine/

Privacy
Controller
Privacy
Policies
Ontologies
Rules

Client

Database

Client


Engine




24
Trust Negotiation model Joint Research with
Prof. Elisa Bertino et al at Purdue and U. Of
Milan
  • A promising approach for open systems where most
    of the interactions occur between strangers
  • The goal establish trust between parties in
    order to exchange sensitive information and
    services
  • The approach establish trust by verifying
    properties of the other party

25
Trust Management for SKM
  • Trust Services
  • Identify services, authorization services,
    reputation services
  • Trust negotiation (TN)
  • Digital credentials, Disclosure policies
  • TN Requirements
  • Language requirements
  • Semantics, constraints, policies
  • System requirements
  • Credential ownership, validity, alternative
    negotiation strategies, privacy
  • Example TN systems
  • KeyNote and Trust-X (U of Milan), TrustBuilder
    (UIUC)

26
Trust Management for SKM
27
Integrated Approach Confidentiality, Privacy and
Trust
28
SKM for Coalitions
  • Organizations form federations and coalitions
    work together to solve a problem
  • Universities, Commercial corporations, Government
    agencies
  • Challenges is to share data/information and at
    the same time ensure security and autonomy for
    the individual organizations
  • How can knowledge be shared across coalitions?
  • Incentive compatible knowledge sharing techniques

29
SKM Coalition Architecture Joint Research with
Prof. Ravi Sandhu at GMU
Knowledge for Coalition
Export
Export
Knowledge
Knowledge
Export
Knowledge
Component
Component
Knowledge for
Knowledge for
Agency A
Agency C
Component
Knowledge for
Agency B
30
Directions
  • We have identified high level aspects of SKM
  • Strategies, Processes. Metrics, techniques,
    Technologies, Architecture
  • Need to investigate security issues
  • RBAC, UCON, Trust, Privacy etc.
  • CS departments should collaborate with business
    schools on KM and SKM

31
Data and Applications Security Developments and
Directions
  • Dr. Bhavani Thuraisingham
  • The University of Texas at Dallas
  • Secure Knowledge Management
  • Confidentiality, Privacy and Trust
  • Appendix TrustX System and Current Research
  • Joint work with Purdue University and
  • University of Milan
  • November 29, 2005

32
The problem Establishing trust in open systems
  • Interactions between strangers
  • - In conventional systems user identity is
    known in advance
  • and can be used for performing access
    control
  • - In open systems partecipants may have no
    pre-existing
  • relationship and may not share a common
    security domain

?
  • Mutual authentication
  • - Assumption on the counterpart honesty no
    longer holds
  • - Both participants need to authenticate each
    other

33
Trust Negotiation model
  • A promising approach for open systems where most
    of the interactions occur between strangers
  • The goal establish trust between parties in
    order to exchange sensitive information and
    services
  • The approach establish trust by verifying
    properties of the other party

34
Trust negotiation the approach
  • Interactions between strangers in open systems
  • are different from traditional access control
    models

Policies and mechanisms developed in conventional
systems need to be revised
ACCESS CONTROL POLICIES VS. DISCLOSURE POLICIES
USER IDs VS. SUBJECT PROPERTIES
35
Subject properties digital credentials
  • Assertion about the credential owner issued and
    certified by a Certification Authority.
  • Each entity has an associated set of
    credentials,
  • describing properties and attributes of the
    owner.

CA
36
Use of Credentials
Credential Issuer
Digital Credentials
  • Julie
  • 3 kids
  • Married
  • American

Alice
Check
Check
-Julie - Married
-Julie - American
Company B
Want to know marital status
Company A
Referenced from http//www.credentica.com/technolo
gy/overview.pdf
Want to know citizenship
37
Credentials
  • Credentials can be expressed through the Security
    Assertion Mark-up Language (SAML)
  • SAML allows a party to express security
    statements about a given subject
  • Authentication statements
  • Attribute statements
  • Authorization decision statements

38
Disclosure policies
Disclosure policies
  • Disclosure policies govern
  • Access to protected resources
  • Access to sensitive information
  • Disclosure of sensitive credentials
  • Disclosure policies express trust requirements by
    means of credential combinations that must be
    disclosed to obtain authorization

39
Disclosure policies - Example
  • Suppose NBG Bank offers loans to students
  • To check the eligibility of the requester, the
    Bank asks the student to present the following
    credentials
  • The student card
  • The ID card
  • Social Security Card
  • Financial information either a copy of the
    Federal Income Tax Return or a bank statement

40
Disclosure policies - Example
  • p1 (, Student_Loan ? Student_Card())
  • p2 (p1), Student_Loan ? Social_Security_Card())
  • p3 (p2, Student_Loan ? Federal_Income_Tax_R
    eturn())
  • p4 (p2, Student_Loan ? Bank_Statement())
  • P5(p3,p4, Student_Loan ? DELIV)
  • These policies result in two distinct policy
    chains that lead to disclosure
  • p1, p2, p3, p5 p1, p2, p4, p5

41
Trust Negotiation - definition
The gradual disclosure of credentials and
requests for credentials between two strangers,
with the goal of establishing sufficient trust so
that the parties can exchange sensitive
information and/or resources
42
Trust-X system Joint Research with University
of Milan and Purdue University
  • A comprehensive XML based framework for trust
    negotiations
  • Trust negotiation language (X-TNL)
  • System architecture
  • Algorithms and strategies to carry out the
    negotiation process

43
Trust-X language X-TNL
  • Able to handle mutliple and heterogeneus
    certificate specifications
  • Credentials
  • Declarations
  • Able to help the user in customizing the
    management of his/her own certificates
  • X-Profile
  • Data Set
  • Able to define a wide range of protection
    requirements by means of disclosure policies

44
X-TNL Credential type system
X-TNL simplifies the task of credential
specification by using a set of templates
called credential types Uniqueness is ensured by
use of XML Namespaces Credential types are
defined by using Document Type Definition
lt!DOCTYPE library_badge lt!ELEMENT library_badge
(name, address, phone_number, email?,
release_date, profession,Issuer)gt lt!ELEMENT name
(fname, lname)gt lt!ELEMENT address
(PCDATA)gt lt!ELEMENT phone_number
(PCDATA)gt lt!ELEMENT email
(PCDATA)gt lt!ELEMENT release_date
(PCDATA)gt lt!ELEMENT profession
(PCDATA)gt lt!ELEMENT fname
(PCDATA)gt lt!ELEMENT lname
(PCDATA)gt lt!ELEMENT Issuer ANYgt lt!ATTLIST
Issuer XMLLINK CDATA FIXED SIMPLE HREF
CDATA REQUIRED TITLE CDATA
IMPLIEDgt lt!ATTLIST library_badge CredID ID
REQUIREDgt lt!ATTLIST library_badge SENS CDATA
REQUIREDgt gt
45
Trust-X negotiation phases- basic model
  • Introduction
  • Send a request for a resource/service
  • Introductory policy exchanges
  • Policy evaluation phase
  • Disclosure policy exchange
  • Evaluation of the exchanged policies in order to
    determine secure solutions for both the parties.
  • Certificate exchange phase
  • Exchange of the sequence of certificates
    determined at step n. 2.

46
Trust-X Architecture
Trust-X has been specifically designed for a
peer-to-peer environment in that each party is
equipped with the same functional modules and
thus it can alternatively act as a requester or
resource controller during different
negotiations.
47
How a policy is processed
  • Upon receiving a disclosure policy the compliance
    checker determines if it can be satisfied by any
    certificate of the local X-profile.
  • Then, the module checks in the policy base the
    protection needs associated with the
    certificates, if any.
  • The state of the negotiation is anyway updated
    by the tree manager, which records whether new
    policies and credentials have been involved or
    not.

COMPLIANCE CHECKER
TREE MANAGER
Disclosure Policies
Policy Base
Policy Reply
X-Profile
48
Current Research
  • How can we ensure privacy in Trust Negotiation
    Systems
  • Joint work with U. of Milan and Purdue
  • Squichinari, Bertino, Ferrari and Thuraisingham
    et al
  • To appear in ACM Transactions on Information and
    Systems Security
Write a Comment
User Comments (0)
About PowerShow.com