Data and Applications Security Developments and Directions Guest Lecture Dr. Kevin Hamlen Given in February 2012 Objective of the Unit This unit provides an overview of the course. The course describes concepts, developments, challenges, and directions in data and applications security. Topics include - database security, distributed data management security, object security, data warehouse security, data mining for security
applications, privacy, secure semantic web, secure digital libraries, secure knowledge management and secure sensor information management, biometrics Outline of the Unit Outline of Course Course Work Course Rules Contact Appendix Outline of the Course Unit #1: Introduction to Data and Applications Part I: Background
- Unit #2: Data Management - Unit #3: Information Security - Unit #4: Information Management Part II: Discretionary Security - Unit #5: Concepts - Unit #6: Policy Enforcement Part III: Mandatory Security - Unit #7: Concepts - Unit #8: Architectures Outline of the Course (Continued)
Part IV: Secure Relational Data Management - Unit #9: Data Model - Unit #10: Functions - Unit #11: Prototypes and Products Part V: Inference Problem - Unit #12: Concepts - Unit #13: Constraint Processing - Unit #14: Conceptual Structures Part VI: Secure Distributed Data Management - Unit #15: Secure Distributed data management - Unit #16: Secure Heterogeneous Data Integration
- Unit #17: Secure Federated Data Management Outline of the Course (Continued) Part VII: Secure Object Data Management - Unit #18: Secure Object Management Unit #19: Secure Distributed Objects and Modeling Applications Unit #20: Secure Multimedia Systems Part VIII: Data Warehousing, Data Mining and Security -
Unit #21: Secure Data Warehousing Unit #22: Data Mining for Security Applications Unit #23: Privacy Part IX: Secure Information Management - Unit #24: Secure Digital Libraries Unit #25: Secure Semantic Web (web services, XML security) Unit #26: Secure Information and Knowledge Management Outline of the Course (Continued)
Part X: Emerging Technologies - Unit #27: Secure Dependable Data Management - Unit #28: Secure Sensor and Wireless Data Management - Unit #29: Other Emerging Technologies Unit #30 Conclusion to the Course Guest Lectures Some guest lectures may be included Some other topics Review for finals Course Work One term paper; each worth 10 points - November 16
Two exams each worth 20 points - Exam #1: October 19 - Exam #2: As scheduled by UTD; December 9, 2011 Programming project worth 12 points: December 5 Four homework assignments each worth 6 points September 28; October 12; November 9; November 30 Total 86 points May be given a surprise quiz (4 points) Total 90
- Course Work Course Book: Database and Applications Security: Integration Data Management and Information Security, Bhavani Thuraisingham, CRC Press, 2005 Will also include papers as reading material Some Topics for Papers XML Security Inference Problem Privacy Secure Biometrics
Intrusion Detection E-Commerce Security Secure Sensor Information Management Secure Distributed Systems Secure Semantic Web Secure Data Warehousing Insider Threat Analysis Secure Multimedia Systems Term Papers: Example Format Abstract Introduction Background on the Topic Survey of various techniques, designs etc,
Analyze the techniques, designs etc. and give your opinions Directions for further work Summary and Conclusions References Term Papers: Example Format - II Abstract Introduction Background on the Topic and Related Work Discuss strengths and weaknesses of your work and others work Give your own design Directions for further work
Summary and Conclusions References Project Report Format Overview of the Project Design of the System Input/Output Future Enhancements References Some Project Topics Quivery Modification on XML Documents Access control for web systems Intrusion detection system
Access control for multimedia systems - E.g., access control for image, video Role-based access control system Access control for object systems Secure data warehouse Index to Lectures Lecture 1: August 24, 2011; This lecture gives an introduction to data and applications security Lecture 2: August 29: Secure data storage and retrieval in a cloud (skip for exam 1)
Lecture 3: Aug 31: Cyber Security Lecture 4: Sept 7: Access control in data management systems Lecture 5: Sept 7: Policies Lecture 6: Sept 12: Data mining for malware detection Lecture 7: Sept 14: Multilevel secure data management Lecture 8: Sept 14: Assignment #1 Lecture 9: Sept 19: Completed lecture 7; started on Inference Problem 1 Lecture 10: Sept 21: Novel class detection Index to Lectures Sept 26th Continuation of Inference problem (Lecture 9) Lecture 11: Sept 28: NIST NVD lecture was given that day; but
lecture posted is Inference problem II which was covered on Oct 3 Lecture 12: Sept 28, Assignment #2 Oct 3 lecture: Gave the lecture posted under Lecture 11 which is inference problem - II Lecture 13: Oct 5: Secure Distributed Data Management (skip the part on single sign and identity mgmt on for exam #1) Lecture 14: Oct 10: Malware (pages 4-29 for exam #1) Lecture 15: This lecture was given on Sept 28; NIST NVD Lecture Lecture 16: Oct 10: Attacks to databases October 12: Lecture 17: SQL Injection Index to Lectures for Exam 2
October 17: Lecture 18 Secure publishing of XML Data (1) October 19: Exam #1 (no lectures posted) October 24: Lecture 19: Trustworthy semantic web (2) October 26: Lecture 20 Introduction to semantic web (not included in exam) October 31: Lecture 21: Assignment #3 November 2: Lecture 22: Secure web services and SOA (3) November 7: Lecture 23: Scalable access control (Dr. Cadenhead) Optional will not be included in exam Index to Lectures for Exam 2 November 9: Lecture 24: Secure object systems (4) November 14:Lecture 25: Data warehousing, security (5)
November 14: Lecture 26: Privacy (6) November 16: Lecture 27: Assignment #4 November 16: Lecture 28 Insider threat detection (7) November 21: Lecture 29: Secure knowledge management (8) November 23: Lecture 30 Social Network Security (9) November 28: Lecture 31: Secure Dependable Data (10) November 30: Lecture 32: Secure Cloud (extra credit - i) December 5: Lecture 33: Emerging security technologies (extra credit ii) Papers to read for exam #1 - RBAC: Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein,
- Charles E. Youman: Role-Based Access Control Models. IEEE Computer 29(2): 38-47 (1996) UCON: Jaehong Park, Ravi S. Sandhu: The UCONABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1): 128-174 (2004) - Read the first 20 pages DCON: Roshan K. Thomas, Ravi S. Sandhu: Towards a Multi-dimensional Characterization of Dissemination Control. POLICY 2004: 197-200 (IEEE) Bhavani M. Thuraisingham, William Ford: Security Constraints in a Multilevel Secure Distributed Database Management System. IEEE Trans. Knowl. Data Eng. 7(2): 274-293 (1995) applicable both for inference problem 1
and for distributed inference control Papers to read for exam #2 - XML security - ROWLBAC paper - Social Network security Course Rules Course attendance is mandatory; unless permission is obtained from instructor for missing a class with a valid reason (documentation needed for medical emergency for student or a close family member e.g., spouse, parent, child). Attendance will be collected every lecture. 5 points
will be deducted out of 100 for each lecture missed without approval. Each student will work individually Late assignments will not be accepted. All assignments have to be turned in just after the lecture on the due date No make up exams unless student can produce a medical certificate or give evidence of close family emergency Copying material from other sources will not be permitted unless the source is properly referenced Any student who plagiarizes from other sources will be reported to the appropriate UTD authroities
Contact For more information please contact - Dr. Bhavani Thuraisingham - Professor of Computer Science and - Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080 - Phone: 972-883-4738 - Fax: 972-883-2399 - Email: [email protected] - URL:http://www.utdallas.edu/~bxt043000/
Apothecary System. In the 1700's the Apothecary system was brought over from England. The word . Apothecary . means a person who combined and dispensed drugs. Some apothecary measurements are still used today. Apothecary system of measurements include: the minum,...
Form and Function in 2D Design An Approach To Making Better Game Design Understanding 2D Design Terminology Theory and Methods Design Elements and Interactivity Color Composition Meaning and Intentionality Message Terminology Design - the arrangement of visual elements that contribute...
Nevada Dep't of Human Res. V. Hibbs, 538 U.S. 721, 728 (2003) (quoting . Kimel, 528 U.S. at 88). "There must be a . congruence and proportionalit. y between the injury to be prevented or remedied and the means adopted...
Graphing Inequalities. Open dot for < or > Closed dot for ≥ or ≤ If the inequality symbol is open toward the variable, shade to the right. If the inequality symbol is pointed toward the variable, shade to the left.
Stage One: The Unreflective thinker. We don't notice we are continually making assumptions, forming concepts and opinions, drawing inferences, and thinking within points of view. Our egocentric tendencies at this stage play a dominant role in our thinking. We lack...
Non-WIC Registered Dietitian . Tribal, Indian Health Service or other R.D.'s meeting the guidelines above may provide the high risk counseling to WIC clients if written documentation in the form of a S.O.A.P. note or NCP is provided to WIC...
INTRODUCTION TO ACCELEROMETERS AND USE OF IT IN ADVANCED EMBEDDED SYSTEMS COURSEWORK Kunal Bavishi [email protected] ACCLERATION FUNDAMENTALS: Acceleration is defined as time rate of change of velocity and is given as, a = d (v) dt Velocity is defined as...
Ready to download the document? Go ahead and hit continue!