F. Li 05/15/06 Security & Privacy Preserved Information Brokerage System Fengjun Li College of IST, Penn State University.

Slides:



Advertisements
Similar presentations
Chapter 10: Designing Databases
Advertisements

HATHI TRUST A Shared Digital Repository Digital Repositories for Preservation and Access Digital Directions 2013 Jeremy York July 22, 2013 Unless otherwise.
Database Management System Module 3:. Complex Constraints In this we specify complex integrity constraints included in SQL. It relates to integrity constraints.
Fine Grained Access Control in XML DataBase Systems Naveen Yajamanam April 27,2006.
Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.
Java Security: From HotJava to Netscape & Beyond Drew Dean, Edward W. Felten, Dan S. Wallach Department of Computer Science, Princeton University May,
Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.
WAWC’05 Enhancing Mobile Peer-To-Peer Environment with Neighborhood Information Arto Hämäläinen -
Peer-to-Peer Networks as a Distribution and Publishing Model Jorn De Boever (june 14, 2007)
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Information System Security Engineering and Management Risk Analysis and System Security Engineering Homework (#2, #3) Dr. William Hery
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Finite Automata Finite-state machine with no output. FA consists of States, Transitions between states FA is a 5-tuple Example! A string x is recognized.
Fundamentals, Design, and Implementation, 9/e Chapter 11 Managing Databases with SQL Server 2000.
1 Overview CUTE (Columbia University Telecommunication service Editor) GUI-based service creation tool to help inexperienced users to create services Service.
Distributed DBMSPage 5. 1 © 1998 M. Tamer Özsu & Patrick Valduriez Outline Introduction Background Distributed DBMS Architecture  Distributed Database.
Concepts of Database Management Sixth Edition
A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.
Client-server database systems and ODBC l Client-server architecture and components l More on reliability and security l ODBC standard.
Modeling & Designing the Database
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Lecture The Client/Server Database Environment
Documenting Network Design
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
 Introduction Introduction  Purpose of Database SystemsPurpose of Database Systems  Levels of Abstraction Levels of Abstraction  Instances and Schemas.
Data Administration & Database Administration
AL-MAAREFA COLLEGE FOR SCIENCE AND TECHNOLOGY INFO 232: DATABASE SYSTEMS CHAPTER 1 DATABASE SYSTEMS (Cont’d) Instructor Ms. Arwa Binsaleh.
Chapter 4 The Relational Model 3: Advanced Topics Concepts of Database Management Seventh Edition.
Chapter 15: Using LINQ to Access Data in C# Programs.
1 Introduction to Database Systems. 2 Database and Database System / A database is a shared collection of logically related data designed to meet the.
Master Thesis Defense Jan Fiedler 04/17/98
OpenDSN Revisited: The Open, Distributed Social Networking Protocol By Zach Broderick and Tim Hickey.
The Effect of Collection Organization and Query Locality on IR Performance 2003/07/28 Park,
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Chapter 1 : Introduction §Purpose of Database Systems §View of Data §Data Models §Data Definition Language §Data Manipulation Language §Transaction Management.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
©Silberschatz, Korth and Sudarshan1.1Database System Concepts Chapter 1: Introduction Purpose of Database Systems View of Data Data Models Data Definition.
Intro – Part 2 Introduction to Database Management: Ch 1 & 2.
Survey on Privacy-Related Technologies Presented by Richard Lin Zhou.
A Study of Wireless Virtual Network Computing Kiran Erra.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Section 3 Database Security. 3-2 CA306 Introduction Section Content 3.1 Security Overview 3.2 Security Controls 3.3 Views 3.4 Security in Oracle 3.5 Web.
Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin
Enabling Peer-to-Peer SDP in an Agent Environment University of Maryland Baltimore County USA.
INFORMATION MANAGEMENT Unit 2 SO 4 Explain the advantages of using a database approach compared to using traditional file processing; Advantages including.
DA vs. DBA The University of California Berkeley Extension Copyright © 2011 Patrick McDermott.
Shibboleth: An Introduction
Aum Sai Ram Security for Stream Data Modified from slides created by Sujan Pakala.
1 Service Sharing with Trust in Pervasive Environment: Now it’s Time to Break the Jinx Sheikh I. Ahamed, Munirul M. Haque and Nilothpal Talukder Ubicomp.
Collaboration Entities on Deterministic Finite Automata Minjun Wang Department of Electrical Engineering and Computer Science Syracuse University, U.S.A.
Authorization GGF-6 Grid Authorization Concepts Proposed work item of Authorization WG Chicago, IL - Oct 15 th 2002 Leon Gommans Advanced Internet.
Information-Centric Networks10b-1 Week 10 / Paper 2 Hermes: a distributed event-based middleware architecture –P.R. Pietzuch, J.M. Bacon –ICDCS 2002 Workshops.
1 © NOKIA WWRF-Reference-Framework.PPT/ 26 June 2002 / Kimmo Raatikainen WWRF Reference Framework Nokia’s Perspective WWRF WG2 Meeting 26 June 2002 Kimmo.
1 Daniel J. Caron, Ph. D. Librarian and Archivist of Canada Sustainable Archives for a Sustainable and Effective Democracy – SAA Information, Governance.
Selected Semantic Web UMBC CoBrA – Context Broker Architecture  Using OWL to define ontologies for context modeling and reasoning  Taking.
1 Information Retrieval and Use De-normalisation and Distributed database systems Geoff Leese September 2008, revised October 2009.
© 2006 Open Grid Forum Network Services Interface Policy-based routing enforcement John MacAuley, ESnet 4 th February 2015.
CSCI 2670 Introduction to Theory of Computing September 22, 2004.
April 20022/CS/3X1 Database Design Design method John Wordsworth Department of Computer Science The University of Reading Room.
Automata Editor Tool with GEF and EMF
Introduction ITEC 420.
Presented by Edith Ngai MPhil Term 3 Presentation
TrueSight Operations Management 11.0 Architecture
A Study of Wireless Virtual Network Computing
Outline Introduction Background Distributed DBMS Architecture
Firewalls Jiang Long Spring 2002.
AI Discovery Template IBM Cloud Architecture Center
Outline Introduction Background Distributed DBMS Architecture
Non Deterministic Automata
Presentation transcript:

F. Li 05/15/06 Security & Privacy Preserved Information Brokerage System Fengjun Li College of IST, Penn State University

F. Li 05/15/ Introduction Information Brokerage Systems Security- preserved mechanism Privacy- preserved mechanism Conclusion and Q&A

F. Li 05/15/06 content/location discovery Universal Connectivity security & privacy risks poor usability …

F. Li 05/15/06 Data sources connected with the help of brokers User send query to local broker that help route it to targeted data sources Information Brokerage System Security & privacy?

F. Li 05/15/06 Security Enforcement – from the perspective of performance –Access Control –Traditional AC enforcement and IBS architecture –Any other choice

F. Li 05/15/06 If we could drag the AC out of DBMS … Or further

F. Li 05/15/06 Why dragging security check out of DBMS and pushing it to the brokers? – A performance based reason

F. Li 05/15/06 Preliminary –XML Access Control Model Role-based Access Control 5-tuple access control rules (ACR) –QFilter: enforcing AC via query written Using Non-deterministic Finite Automata (NFA) to hold ACR Query either rejected or accepted (w/o rewritten)

F. Li 05/15/06 QFilter Example

F. Li 05/15/06 Our Approach –Merge the QFilters of several roles to an integrated Multi-Role QFilter A naïve approach – QFilter Array –Use the similar NFA-based mechanism to represent the routing information (called index rules) –Merge index rules into Multi-Role QFilter for further performance improvement

F. Li 05/15/06 An Example of Multi-Role QFilterAn Example of Index Rules

F. Li 05/15/06 An Example of Indexed Multi-Role QFilter - Merging index rules into Multi-Role QFilter

F. Li 05/15/06 Why dragging security check out of DBMS and pushing it to the brokers? – Previous example re-visit

F. Li 05/15/06 Performance Metrics 1 - Memory Consumption Performance Metrics 2 – In-broker Query Response Time & Overall Query Response Time Performance Metrics 3 –Network Traffic - Save 87.5% (by analyzing)

F. Li 05/15/06 Privacy Preserving Mechanism –Possible privacy breaches: Privacy of the query location Privacy of the query content Privacy of the access control rule Privacy of the data location Privacy of the data content

F. Li 05/15/06 Information Brokerage System –New architecture

F. Li 05/15/06 Trust Relationship PrivacyUserBrokerCoordinatorData Server Query Location -Trust Hide Query Content -Hide Trust (Partially) Trust ACR Hide Trust (Partially) Trust (for double-checking) Data Location Hide (Partially) - Data Content With authorizationHide -

F. Li 05/15/06

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.