240 likes | 469 Views
Data and Applications Security Developments and Directions. Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #25 Dependable Data Management April 7, 2008. Outline of the Unit. Secure Dependable Data Management Secure Real-time Data Management
E N D
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #25 Dependable Data Management April 7, 2008
Outline of the Unit • Secure Dependable Data Management • Secure Real-time Data Management • Secure Sensor Information Management
Secure Dependable Information Management:What is it? • Features of Secure Dependable Information Management • secure information management • fault tolerant information Management • High integrity and high assurance computing • Real-time computing • Trust management • Data Quality • Data Provenance
Secure Dependable Information Management:Integration • Integration of the different Features • Quality of Service • Need end-to-end dependability • Dependable OS, Dependable data management, Dependable middleware, Dependable networks
Secure Dependable Information Management:Conflict Resolution • Conflicts between different features • Security, Integrity, Fault Tolerance, Real-time Processing • E.g., A process may miss real-time deadlines when access control checks are made • Trade-offs between real-time processing and security • Need Flexible policies • Real-time processing may be critical during a mission while security may be critical during non-operational times
Secure Dependable Information Management Example: Next Generation AWACS Technology provided by the project Navigation Display Consoles Data Analysis Programming Processor Data Links (14) Group (DAPG) & Sensors Refresh Channels Sensor Multi-Sensor • Security being considered after • the system has been designed • and prototypes implemented • Challenge: Integrating real-time • processing, security and • fault tolerance Detections Tracks Future Future Future App App App Data MSI Mgmt. App Data Xchg. Infrastructure Services Real-time Operating System Hardware
Secure Dependable Information Management: Directions for Research • Challenge: How does a system ensure integrity, security, fault tolerant processing, and still meet timing constraints? • Develop flexible security policies; when is it more important to ensure real-time processing and ensure security? • Security models and architectures for the policies; Examine real-time algorithms – e.g.,query and transaction processing • Research for databases as well as for applications; what assumptions do we need to make about operating systems, networks and middleware? • Data may be emanating from sensors and other devices at multiple locations • Data may pertain to individuals (e.g. video information, images, surveillance information, etc.) • Data may be mined to extract useful information • Privacy Preserving Surveillance
Real-time Information Management • Real-time Operating Systems • E.g., Lynx OS • Real-time Data Management • Transactions must meet timing constraints • E.g., RT-Zip (product developed in the early 1990s) • Real-time Middleware • E.g., RT-ORB (www.omg.org) • Real-time networks • Real-time message passing • Need end-to-end real-time processing capability
Real-time Data Management Management:Data Model • Data models such as relational and object models have time parameters • Data has timestamp as to when it was last updated • Data must be kept current and updated to meet timing constraints • E.g., Data cannot be more than 1 day old • Data processing algorithms (e.g., methods in an object model) must meet timing constraints • E.g., queries and transactions have to complete within a certain time
Real-time Data Management :Query • Queries have to meet timing constraints • Certain queries mazy be more important than the others • E.g. queries with short timing constraints • Queries are processed in such a way that all queries must meet the deadlines as much as possible • What happens if the deadlines are not met?
Real-time Data Management :Transactions • Transactions have to meet timing constraints • Transactions are assigned priorities depending on their deadlines • Those with shorter deadlines may be given higher priorities • Transactions with higher priorities are given resources such as locks’ • If transactions T1 has priority 8 and Transactions T2 has priority 5 and if both are competing for locks at these same time, T1 is given the lock • If T1 is waiting for a lock that T2 has, then should T2 be aborted and the lock given to T1?
Conflict between Security and Real-time Processing • Suppose transaction T1 has priority 8 and Transactions T2 has priority 5 • Assume that T2 is Unclassified and T1 is Secret • If T1 is waiting for a lock that T2 has, then one possibility is to abort T2 and give the lock to T1 • However T2 is Unclassified. Therefore actions of a Secret transaction have interfered with those of an unclassified transaction – potential for covert challenges • Should the system ensure that deadlines are met or should the system ensure security? • Access control checks also take time. Therefore in case of emergency should these checks be ignored? • Malicious code may tamper with the real-time constraints
Aspects of Data Quality Components of Aspects of Data Quality Data Mining: Data mining to improve Annotations: data quality; Use annotations to Need good quality data specify data quality to carry out useful Parameters; data mining Develop an algebra for data quality Security and data quality: Semantic web and Tradeoffs between ensuring data quality: data quality and confidentiality; Data quality for the layers: Quality of service management XML, RDF, Ontologies, techniques Interoperability, Query/Rules
Data Provenance • Keep track of where the data has come from and who has handled the data • Data source and how the data ahs arrived to the current positions • From A to B to C to D etc. • Use annotations for data provenance: document data • Can you trust the data source? • Has misinformation been given and if so at which point? • Has data been misused?
Applications • Protecting Critical Infrastructures • Power lines and Grids • Telecommunications • Food and water supplies • Reservoirs • Gas supplies • National Information Infrastructures • Protecting Information for the War fighters and Missions • Getting the right and secure information at the right time
Secure Sensor Information Management • Sensor network consists of a collection of autonomous and interconnected sensors that continuously sense and store information about some local phenomena • May be employed in battle fields, seismic zones, pavements • Data streams emanate from sensors; for geospatial applications these data streams could contain continuous data of maps, images, etc. Data has to be fused and aggregated • Continuous queries are posed, responses analyzed possibly in real-time, some streams discarded while rest may be stored • Recent developments in sensor information management include sensor database systems, sensor data mining, distributed data management, layered architectures for sensor nets, storage methods, data fusion and aggregation • Secure sensor data/information management has received very little attention; need a research agenda
Some Attacks on Sensors and Issues • Some attacks • Access control violations, Denial of service attacks, Sensor protocol attacks, Hardware attacks • Sensors are often places in enemy territory and are prone to various types of attacks including terrorist physical attacks • Sensors also have limited memory and resources and therefore attacks could cause many problems with little backup procedures • Wireless sensors are a special types of sensors embedded into PDAs and other devices • Many issues and challenges similar for sensors and wireless sensors • Need to carry out a comparison of the security issues involved
Secure Sensor Information Management: Directions for Research • Individual sensors may be compromised and attacked; need techniques for detecting, managing and recovering from such attacks • Aggregated sensor data may be sensitive; need secure storage sites for aggregated data; variation of the inference and aggregation problem? • Security has to be incorporated into sensor database management • Policies, models, architectures, queries, etc. • Evaluate costs for incorporating security especially when the sensor data has to be fused, aggregated and perhaps mined in real-time • Suspicious event detection and Privacy preserving surveillance