170 likes | 184 Views
Data and Applications Security Developments and Directions. Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January 12, 2009. Objective of the Unit.
E N D
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January 12, 2009
Objective of the Unit • This unit provides an overview of the course. The course describes concepts, developments, challenges, and directions in data and applications security. Topics include • database security, distributed data management security, object security, data warehouse security, data mining for security applications, privacy, secure semantic web, secure digital libraries, secure knowledge management and secure sensor information management, biometrics
Outline of the Unit • Outline of Course • Course Work • Course Rules • Contact • Appendix
Outline of the Course • Unit #1: Introduction to Data and Applications • Part I: Background • Unit #2: Data Management • Unit #3: Information Security • Unit #4: Information Management • Part II: Discretionary Security • Unit #5: Concepts • Unit #6: Policy Enforcement • Part III: Mandatory Security • Unit #7: Concepts • Unit #8: Architectures
Outline of the Course (Continued) • Part IV: Secure Relational Data Management • Unit #9: Data Model • Unit #10: Functions • Unit #11: Prototypes and Products • Part V: Inference Problem • Unit #12: Concepts • Unit #13: Constraint Processing • Unit #14: Conceptual Structures • Part VI: Secure Distributed Data Management • Unit #15: Secure Distributed data management • Unit #16: Secure Heterogeneous Data Integration • Unit #17: Secure Federated Data Management
Outline of the Course (Continued) • Part VII: Secure Object Data Management • Unit #18: Secure Object Management • Unit #19: Secure Distributed Objects and Modeling Applications • Unit #20: Secure Multimedia Systems • Part VIII: Data Warehousing, Data Mining and Security • Unit #21: Secure Data Warehousing (Lecture 17) • Unit #22: Data Mining for Security Applications (Lecture 18) • Unit #23: Privacy (Lecture 19) • Part IX: Secure Information Management • Unit #24: Secure Digital Libraries (Lecture 25) • Unit #25: Secure Semantic Web (web services, XML security) • Lectures 20, 22, 23 (3 questions) • Unit #26: Secure Information and Knowledge Management • (Lecture 25)
Outline of the Course (Continued) • Part X: Emerging Technologies • Unit #27: Secure Dependable Data Management (Lecture 28) • Unit #28: Secure Sensor and Wireless Data Management (Lecture 28) • Unit #29: Other Emerging Technologies (Lecture 21, 30) – 1 question • Digital Forensics, Biometrics etc. • Extra Topics (Lecture 27, 31) – 1 question • Geospatial, Social network • Unit #30 Conclusion to the Course • Guest Lectures (1 extra credit question – 12 points total) • Lectures will be posted by 5pm May 5, 2009 • Geospatial security (Lecture 16), Botnet (Lecture 24), Hadoop (Lecture 29)
Course Work • Three term papers; each worth 9 points • Dates: One week before mid-term and one week before final • Two exams each worth 15 points • Mid-term and Final exams • Programming project worth 15 points • Due day; the day of the final exam • Four homework assignments each worth 7 points • Due dates: will be announced • Total 100 points • Course Book: Database and Applications Security: Integration Data Management and Information Security, Bhavani Thuraisingham, CRC Press, 2005
Some Topics for Papers • XML Security • Inference Problem • Privacy • Secure Biometrics • Intrusion Detection • E-Commerce Security • Secure Sensor Information Management • Secure Distributed Systems • Secure Semantic Web • Secure Data Warehousing • Insider Threat Analysis • Secure Multimedia Systems
Term Papers: Example Format • Abstract • Introduction • Background on the Topic • Survey of various techniques, designs etc, • Analyze the techniques, designs etc. and give your opinions • Directions for further work • Summary and Conclusions • References
Term Papers: Example Format - II • Abstract • Introduction • Background on the Topic and Related Work • Discuss strengths and weaknesses of your work and others’ work • Give your own design • Directions for further work • Summary and Conclusions • References
Project Report Format • Overview of the Project • Design of the System • Input/Output • Future Enhancements • References
Some Project Topics • Quivery Modification on XML Documents • Access control for web systems • Intrusion detection system • Access control for multimedia systems • E.g., access control for image, video • Role-based access control system • Access control for object systems • Secure data warehouse
Course Rules • Unless special permission is obtained from the instructor, each student will work individually • Late assignments will not be accepted. All assignments have to be turned in just after the lecture on the due date • No make up exams unless student can produce a medical certificate or give evidence of close family emergency • Copying material from other sources will not be permitted unless the source is properly referenced • Any student who plagiarizes from other sources will be reported to the Computer Science department and any other committees as advices by the department
Dates • Assignment #1 due February 23, 2009 • Assignment #2 due March 4 (given to you February 18) • Assignment #3 due March 30 (given on March 4) • Exam #1 March 9 (during class 2:30 – 3:55 pm) • Exam #2 May 11, 2009 (2pm – 4pm) • Term paper #1 – due April 8 • Assignment #4: - due April 29 (given April 20) • Term paper #2 – due April 22 • Programming project: May 4th • Review for Exam #2 – May 4th • Final May 11
Plans for Lectures April 1 – May 4 • We have completed chapters 1 – 23 • April 1, Chapter 25 • April 6, Chapter 29 (applications) 2:30 – 2:55, 3:15-3:35 • Encase demo details 2:55-3:15 • April 8 – supplementary material, secure web services, SOA • April 13: Secure geospatial data management; 2:30 – 3, 3:30-3:45 • Geospatial info mgmt – 3:00 – 3:30 • April 15: supplementary material XML security • April 20: Chapters 24/26 • April 22: Chapter 27/28 combined • April 27: Data mining for security – more details by Mehdy Masud (PhD thesis work – enhancement to lecture of March 23) • April 29: More on Applications • May 4th review
Contact • For more information please contact • Dr. Bhavani Thuraisingham • Professor of Computer Science and • Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080 • Phone: 972-883-4738 • Fax: 972-883-2399 • Email: bhavani.thuraisingham@utdallas.edu • URL:http://www.utdallas.edu/~bxt043000/