Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Expense and cost recovery system (ECRS) wikipedia , lookup
Data Protection Act, 2012 wikipedia , lookup
Data center wikipedia , lookup
Database model wikipedia , lookup
Forecasting wikipedia , lookup
Data analysis wikipedia , lookup
Data vault modeling wikipedia , lookup
3D optical data storage wikipedia , lookup
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Dependable Data Management October 2014 Outline of the Unit Secure Dependable Data Management Secure Real-time Data Management Secure Sensor Information Management Reference - Jungin Kim, Bhavani M. Thuraisingham: Dependable and Secure TMO Scheme. ISORC 2006: 133-140 - Jungin Kim, Bhavani M. Thuraisingham: Design of Secure CAMIN Application System Based on Dependable and Secure TMO and RT-UCON. ISORC 2007: 146-155 - Vana Kalogeraki, Dimitrios Gunopulos, Ravi S. Sandhu, Bhavani M. Thuraisingham: QoS Aware Dependable Distributed Stream Processing. ISORC 2008: 69-75 Secure Dependable Information Management: What is it? Features of Secure Dependable Information Management - secure information management - fault tolerant information Management - High integrity and high assurance computing - Real-time computing - Trust management - Data Quality - Data Provenance Secure Dependable Information Management: Integration Integration of the different Features - Quality of Service - Need end-to-end dependability? - Dependable OS, Dependable data management, Dependable middleware, Dependable networks Secure Dependable Information Management: Integration Inference Dependable Controller Applications Controller Inference Dependable Controller Information Manager Controller Inference Dependable Controller Data Manager Controller Dependable Middleware / Inference Controller Controller Dependable Object Request Broker Inference Dependable Controller Operating System Controller Inference Controller Dependable Communication Subsystem Controller Secure Dependable Information Management: Conflict Resolution Conflicts between different features - Security, Integrity, Fault Tolerance, Real-time Processing - E.g., A process may miss real-time deadlines when access control checks are made - Trade-offs between real-time processing and security What are the problems? Access control checks vs real-time constraints - Covert channels (Secret process could be a high priority process and an Unclassified process could be a low priority process) - Time critical process could be malicious Need Flexible policies - Real-time processing may be critical during a mission while security may be critical during non-operational times - Secure Dependable Information Management Example: Next Generation AWACS Navigation Data Analysis Programming Group (DAPG) Data Links Sensors Sensor Detections Multi-Sensor Tracks Technology Future App provided by Future App the project Data Mgmt. Data Xchg. MSI App Infrastructure Services Real-time Operating System Hardware Future App Display Processor & Refresh Channels Consoles (14) •Security being considered after the system has been designed and prototypes implemented •Challenge: Integrating real-time processing, security and fault tolerance Secure Dependable Information Management: Integration Sensor Data Sensor Manager Object Security Sensor Service Object Fault Sensor Tolerance Service Object Communication Subsystem Object Request Broker / Infrastructure Real-time Sensor Service Object Application Sensor Object Quality Sensor of Service Object Secure Dependable Information Management: Directions for Research Challenge: How does a system ensure integrity, security, fault tolerant processing, and still meet timing constraints? - Develop flexible security policies; when is it more important to ensure real-time processing and ensure security? - Security models and architectures for the policies; Examine realtime algorithms – e.g.,query and transaction processing - Research for databases as well as for applications; what assumptions do we need to make about operating systems, networks and middleware? Data may be emanating from sensors and other devices at multiple locations - Data may pertain to individuals (e.g. video information, images, surveillance information, etc.) - Data may be mined to extract useful information - Privacy Preserving Surveillance Real-time Information Management Real-time Operating Systems - E.g., Lynx OS Real-time Data Management - Transactions must meet timing constraints - E.g., RT-Zip (product developed in the early 1990s) Real-time Middleware - E.g., RT-ORB (www.omg.org) Real-time networks - Real-time message passing Need end-to-end real-time processing capability Real-time Data Management Continuous Query Response Dependable Data Manager = Real-time + Security + Sensor Data Manager Fault Tolerant Data Manager Update Processor Processes input data, Carries out action, Stores some data in stable storage, Throws away transient data Input Data Query Processor Processes continuous Real-time queries andqueries gives and gives responses periodically Data to and from Stable Storage Stable Dependable Sensor Data Storage Transient Data Real-time Data Management Management: Data Model Data models such as relational and object models have time parameters Data has timestamp as to when it was last updated Data must be kept current and updated to meet timing constraints - E.g., Data cannot be more than 1 day old Data processing algorithms (e.g., methods in an object model) must meet timing constraints E.g., queries and transactions have to complete within a certain time - Real-time Data Management : Query Queries have to meet timing constraints Certain queries may be more important than the others - E.g. queries with short timing constraints Queries are processed in such a way that all queries must meet the deadlines as much as possible What happens if the deadlines are not met? Real-time Data Management : Transactions Transactions have to meet timing constraints Transactions are assigned priorities depending on their deadlines - Those with shorter deadlines may be given higher priorities Transactions with higher priorities are given resources such as locks’ If transactions T1 has priority 8 and Transactions T2 has priority 5 and if both are competing for locks at these same time, T1 is given the lock If T1 is waiting for a lock that T2 has, then should T2 be aborted and the lock given to T1? Conflict between Security and Real-time Processing Suppose transaction T1 has priority 8 and Transactions T2 has priority 5 Assume that T2 is Unclassified and T1 is Secret If T1 is waiting for a lock that T2 has, then one possibility is to abort T2 and give the lock to T1 However T2 is Unclassified. Therefore actions of a Secret transaction have interfered with those of an unclassified transaction – potential for covert challenges Should the system ensure that deadlines are met or should the system ensure security? Access control checks also take time. Therefore in case of emergency should these checks be ignored? Malicious code may tamper with the real-time constraints Aspects of Data Quality Components of Aspects of Data Quality Annotations: Use annotations to specify data quality Parameters; Develop an algebra for data quality Semantic web and data quality: Data quality for the layers: XML, RDF, Ontologies, Interoperability, Query/Rules Data Mining: Data mining to improve data quality; Need good quality data to carry out useful data mining Security and data quality: Tradeoffs between ensuring data quality and confidentiality; Quality of service management techniques Data Provenance Keep track of where the data has come from and who has handled the data - Data source and how the data has arrived to the current positions From A to B to C to D etc. Use annotations for data provenance: document data - Can you trust the data source? - Has misinformation been given and if so at which point? Has data been misused? - - Applications Protecting Critical Infrastructures - Power lines and Grids - Telecommunications - Food and water supplies - Reservoirs - Gas supplies - National Information Infrastructures Protecting Information for the War fighters and Missions - Getting the right and secure information at the right time Secure Sensor Information Management Sensor network consists of a collection of autonomous and interconnected sensors that continuously sense and store information about some local phenomena - May be employed in battle fields, seismic zones, pavements Data streams emanate from sensors; for geospatial applications these data streams could contain continuous data of maps, images, etc. Data has to be fused and aggregated Continuous queries are posed, responses analyzed possibly in real- time, some streams discarded while rest may be stored Recent developments in sensor information management include sensor database systems, sensor data mining, distributed data management, layered architectures for sensor nets, storage methods, data fusion and aggregation Secure sensor data/information management has received very little attention; need a research agenda Some Attacks on Sensors and Issues Some attacks - Access control violations, Denial of service attacks, Sensor protocol attacks, Hardware attacks Sensors are often places in enemy territory and are prone to various types of attacks including terrorist physical attacks Sensors also have limited memory and resources and therefore attacks could cause many problems with little backup procedures Wireless sensors are a special types of sensors embedded into PDAs and other devices - Many issues and challenges similar for sensors and wireless sensors - Need to carry out a comparison of the security issues involved Secure Sensor Communication Sensor Sensor n Data Manager Sensor a Data Sensor Communication Subsystem Sensor Sensor on Data Manager Sensor a Data Cluster A: Unclassified Sensors Sensor Data Manager aSensor Data Communication Subsystem Sensor Sensor n Data Manager Cluster B: Classified Sensors a Sensor Data Secure Sensor Data Manager: An Architecture Trusted Agent to compute checksums Sensor Compute Checksum Based on stream data value and Security level; Store Stream data value, Security level and Checksum Data Manager Multilevel Sensor Data Compute Checksum Based on stream data value and Security level retrieved from the stored sensor database Secure Sensor Data Fusion: Inference Control Inference Controller: Inferenceaggregation Controller Controls Controller Sensor Data Manager Security Manager: Manages Security Manager constraints Update Processor: Processes constraints Update Processor and enters sensor data at the appropriate levels Query Processor: Query Processor Processes constraints during query operation and prevent certain information from being retrieved Data to and from Stable Storage Stable Sensor Data Storage Secure Sensor Information Management: Directions for Research Individual sensors may be compromised and attacked; need techniques for detecting, managing and recovering from such attacks Aggregated sensor data may be sensitive; need secure storage sites for aggregated data; variation of the inference and aggregation problem? Security has to be incorporated into sensor database management - Policies, models, architectures, queries, etc. Evaluate costs for incorporating security especially when the sensor data has to be fused, aggregated and perhaps mined in real-time Suspicious event detection and Privacy preserving surveillance