厦门市XXXX年初中生学业水平考试Title

AnalyzingandSecuringSocialNetworksDr.BhavaniThuraisinghamTheUniversityofTexasatDallasLecture#1IntroductiontoDataandApplicationsSecurityJanuary18,2013OutlineDataandApplicationsSecurity-DevelopmentsandDirectionsSecureSemanticWeb-XMLSecurity;OtherdirectionsSomeEmergingSecureDASTechnologies-SecureSensorInformationManagement;SecureDependableInformationManagementSomeDirectionsforPrivacyResearch-DataMiningforhandlingsecurityproblems;Privacyvs.NationalSecurity;PrivacyConstraintProcessing;FoundationsofthePrivacyProblemWhataretheChallenges?DevelopmentsinDataandApplicationsSecurity:1975-PresentAccessControlforSystemsRandIngres(mid1970s)Multilevelsecuredatabasesystems(1980–present)-Relationaldatabasesystems:researchprototypesandproducts;Distributeddatabasesystems:researchprototypesandsomeoperationalsystems;Objectdatasystems;Inferenceproblemanddeductivedatabasesystem;TransactionsRecentdevelopmentsinSecureDataManagement(1996–Present)-Securedatawarehousing,Role-basedaccesscontrol(RBAC);E-commerce;XMLsecurityandSecureSemanticWeb;Dataminingforintrusiondetectionandnationalsecurity;Privacy;Dependabledatamanagement;SecureknowledgemanagementandcollaborationDevelopmentsinDataandApplicationsSecurity:MultilevelSecureDatabases-IAirForceSummerStudyin1982EarlysystemsbasedonIntegrityLockapproachSystemsinthemidtolate1980s,early90s-E.g.,SeaviewbySRI,LockDataViewsbyHoneywell,ASDandASDViewsbyTRW-Prototypesandcommercialproducts-TrustedDatabaseInterpretationandEvaluationofCommercialProductsSecureDistributedDatabases(late80stomid90s)-Architectures;AlgorithmsandPrototypefordistributedqueryprocessing;Simulationofdistributedtransactionmanagementandconcurrencycontrolalgorithms;SecurefederateddatamanagementDevelopmentsinDataandApplicationsSecurity:MultilevelSecureDatabases-IIInferenceProblem(mid80stomid90s)-Unsolvabilityoftheinferenceproblem;Securityconstraintprocessingduringquery,updateanddatabasedesignoperations;SemanticmodelsandconceptualstructuresSecureObjectDatabasesandSystems(late80stomid90s)-Secureobjectmodels;Distributedobjectsystemssecurity;Objectmodelingfordesigningsecureapplications;SecuremultimediadatamanagementSecureTransactions(1990s)-SingleLevel/MultilevelTransactions;SecurerecoveryandcommitprotocolsSomeDirectionsandChallengesforDataandApplicationsSecurity-ISecuresemanticwebandSocialNetworks-SecuritymodelsSecureInformationIntegration-HowdoyousecurelyintegratenumerousandheterogeneousdatasourcesonthewebandotherwiseSecureSensorInformationManagement-Fusingandmanagingdata/informationfromdistributedandautonomoussensorsSecureDependableInformationManagement-IntegratingSecurity,Real-timeProcessingandFaultToleranceDataSharingvs.Privacy-Federateddatabasearchitectures?SomeDirectionsandChallengesforDataandApplicationsSecurity-IIDataminingandknowledgediscoveryforintrusiondetection-Needrealisticmodels;real-timedataminingSecureknowledgemanagement-ProtecttheassetsandintellectualrightsofanorganizationInformationassurance,Infrastructureprotection,AccessControl-Insidercyber-threatanalysis,Protectingnationaldatabases,Role-basedaccesscontrolforemergingapplicationsSecurityforemergingapplications-Geospatial,Biomedical,E-Commerce,etc.OtherDirections-TrustandEconomics,TrustManagement/Negotiation,SecurePeer-to-peercomputing,CoalitionDataandPolicySharingExportData/PolicyComponentData/PolicyforAgencyAData/PolicyforFederationExportData/PolicyComponentData/PolicyforAgencyCComponentData/PolicyforAgencyBExportData/PolicyOthertopicsofInterestSecureCloudComputingMobilecodesecurityVulnerabilityAnalysisInfrastructuresecurity-PowergridHealthcareSecurityFinancialSecurityAccessControlDiscretionaryAccessControlinRelationalDatabasesMandatoryAccessControlinRelationalDatabases-SecurityConstraintsTypesofAccessControl-Inferenceproblem,Role-based,Temporal,UsageAccessControlinOtherDatabases-Objects,FederatedCurrentTrendsinAccessControl-DateWarehousing,SemanticWeb,PrivacyControlNextStepsinAccessControlAccessControlinRelationalDatabases:1975-PresentAccessControlpoliciesweredevelopedinitiallyforfilesystems-E.g.,Read/writepoliciesforfilesAccesscontrolindatabasesstartedwiththeworkinSystemRandIngresProjects-AccessControlrulesweredefinedfordatabases,relations,tuples,attributesandelements-SQLandQUELlanguageswereextendedGRANTandREVOKEStatementsReadaccessonEMPtoUsergroupAWhereEMP.Salary30KandEMP.DeptSecurity-QueryModification:ModifythequeryaccordingtotheaccesscontrolrulesRetrieveallemployeeinformationwheresalary30KandDeptisnotSecurityQueryModificationAlgorithmInputs:Query,AccessControlRulesOutput:ModifiedQueryAlgorithm:-GivenaqueryQ,examinealltheaccesscontrolrulesrelevanttothequery-IntroduceaWhereClausetothequerythatnegatesaccesstotherelevantattributesintheaccesscontrolrulesExample:rulesareJohndoesnothaveaccesstoSalaryinEMPandBudgetinDEPTEMP(E#,Ename,Salary,D#),DEPT(D#,Dname,Budg,Mgr)QueryistojointheEMPandDEPTrelationsonDept#ModifythequerytoJoinEMPandDEPTonDept#andprojectonallattributesexceptSalaryandBudget-OutputistheresultingqueryMand