Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August 30, 2013

Objective of the Unit l This unit provides an overview of the course. The course describes concepts, developments, challenges, and directions in data and applications security. Topics include - database security, distributed data management security, object security, data warehouse security, data mining for security applications, privacy, secure semantic web, secure digital libraries, secure knowledge management and secure sensor information management, biometrics

Outline of the Unit l Outline of Course l Course Work l Course Rules l Contact l Appendix

Outline of the Course l Unit #1: Introduction to Data and Applications l Part I: Background - Unit #2: Data Management - Unit #3: Information Security - Unit #4: Information Management including Semantic Web l Part II: Discretionary Security - Unit #5: Concepts - Unit #6: Policy Enforcement l Part III: Mandatory Security - Unit #7: Concepts - Unit #8: Architectures

Outline of the Course (Continued) l Part IV: Secure Relational Data Management - Unit #9: Data Model - Unit #10: Functions - Unit #11: Prototypes and Products l Part V: Inference Problem - Unit #12: Concepts - Unit #13: Constraint Processing - Unit #14: Conceptual Structures l Part VI: Secure Distributed Data Management - Unit #15: Secure Distributed data management - Unit #16: Secure Heterogeneous Data Integration - Unit #17: Secure Federated Data Management

Outline of the Course (Continued) l Part VII: Secure Object Data Management - Unit #18: Secure Object Management - Unit #19: Secure Distributed Objects and Modeling Applications - Unit #20: Secure Multimedia Systems l Part VIII: Data Warehousing, Data Mining and Security - Unit #21: Secure Data Warehousing - Unit #22: Data Mining for Security Applications - Unit #23: Privacy - Additional Lectures: l Insider Threat Detection l Reactively Adaptive Malware

Outline of the Course (Continued) l Part IX: Secure Information Management (Oct 25, Nov 1, Nov 8) - Unit #24: Secure Digital Libraries - Unit #25: Secure Semantic Web (web services, XML security) - Unit #26: Secure Information and Knowledge Management - Additional Topics l Secure Web Services and identity management l Social Network Security and Privacy l Secure cloud computing and secure cloud query processing l Part X: Dependable data management and forensics (Nov 15) - Unit #27: Secure Dependable Data Management - Unit #28: Secure Sensor and Wireless Data Management - Unit #29: Other Technologies, e.g., digital forensics, biometrics, etc.

Outline of the Course (Continued) l Part XI: Emerging Technologies (November 22) - TBD l Unit #30 Conclusion to the Course

Tentative Schedule l August 30: Introduction l September 6: Policies and Access Control l September 13: Multilevel Data Management l September 20: Inference Problem l September 27: Secure Distributed Data Management; Intro to Semantic Web l October 4: Secure Objects, Data Warehousing, Data Mining, Security l October 11: Data Mining for Malware Detection, Privacy, Review for Exam l October 18: Exam #1 l October 25: Secure web services, Secure semantic web and XML security l November 1: Secure Cloud Computing l November 8: Secure Knowledge Management and Social Networking l November 15: Secure Dependable Data Management, Digital Forensics l November 22: Mobile phone security and special topics l November 29: Holiday l December 6: Selected project presentations and review l December 13: Exam #2: 11am – 1:45pm

Tentative Schedule (new dates in red) l Assignment #1 due date: September 20, 2013 l Assignment #2: due date: September 27, 2013 l Term paper #1: October 11, 2013 l Exam #1: October 18, 2013 l Assignment #3: October 25, 2013 (November 1, 2013) l Assignment #4: November 1: 2013 (November 8, 2013) l Term paper #2: November 8, 2013 (November 15, 2013) l Project: November 22, 2013 (December 2, 2013) l Exam #2TBD

Course Work l Two term papers; each worth 8 points l Two exams each worth 24 points l Programming project worth 12 points l Four homework assignments each worth 6 points l Total 100 points l Course Book: Database and Applications Security: Integration Data Management and Information Security, Bhavani Thuraisingham, CRC Press, 2005 l Will also include papers as reading material

Some Topics for Papers: Any topic in data and applications security l XML Security (will be discussed on October 25) l Inference Problem l Privacy l Secure Biometrics (after exam #1) l Intrusion Detection l E-Commerce Security (will be discussed after exam #1) l Secure Sensor Information Management (after exam #1) l Secure Distributed Systems l Secure Semantic Web (after exam #1) l Secure Data Warehousing l Insider Threat Analysis l Secure Multimedia/geospatial Systems l Malware detection l Policies and access control l Designs of multilevel secure databases

Term Papers: Example Format l Abstract l Introduction l Background on the Topic l Survey of various techniques, designs etc, (e.g., access control policies, inference control methods) l Analyze the techniques, designs etc. and give your opinions l Directions for further work l Summary and Conclusions l References

Term Papers: Example Format - II l Abstract l Introduction l Background on the Topic and Related Work l Discuss strengths and weaknesses of others’ work l Give your own design and say why it is better l Directions for further work l Summary and Conclusions l References

Project Report Format l Overview of the Project l Design of the System l Input/Output l Future Enhancements l References

Some Project Topics l Quivery Modification on XML Documents l Access control for web systems l Intrusion detection system l Access control for multimedia systems - E.g., access control for image, video l Role-based access control system l Access control for object systems l Secure data warehouse

Course Rules l Course attendance is mandatory; unless permission is obtained from instructor for missing a class with a valid reason (documentation needed for medical emergency for student or a close family member – e.g., spouse, parent, child). Attendance will be collected every lecture. 3 points will be deducted out of 100 for each lecture missed without approval. l Each student will work individually l Late assignments will not be accepted. All assignments have to be turned in just after the lecture on the due date l No make up exams unless student can produce a medical certificate or give evidence of close family emergency l Copying material from other sources will not be permitted unless the source is properly referenced l Any student who plagiarizes from other sources will be reported to the appropriate UTD authroities

Assignment #1, 2, 3, 4 Assignment #1: Posted in Lecture 8 Assignment #2 Posted in Lecture 11 Assignment #3: Posted in Lecture 19 Assignment #4: Posted in Lecture 24

Papers to Read for Exam #1 - RBAC: Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, Charles E. Youman: Role-Based Access Control Models. IEEE Computer 29(2): (1996)Edward J. CoyneHal L. Feinstein Charles E. YoumanIEEE Computer 29 - UCON: Jaehong Park, Ravi S. Sandhu: The UCONABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1): (2004) - first 20 pagesRavi S. SandhuACM Trans. Inf. Syst. Secur. 7 - DCON: Roshan K. Thomas, Ravi S. Sandhu: Towards a Multi- dimensional Characterization of Dissemination Control. POLICY 2004: (IEEE)Ravi S. Sandhu POLICY Bhavani M. Thuraisingham: Mandatory Security in Object- Oriented Database Systems. OOPSLA 1989: OOPSLA Bhavani M. Thuraisingham, William Ford: Security Constraints in a Multilevel Secure Distributed Database Management System. IEEE Trans. Knowl. Data Eng. 7(2): (1995) (distributed inference control)William FordIEEE Trans. Knowl. Data Eng. 7

Papers to Read for Exam #1 - Rakesh Agrawal, Ramakrishnan Srikant: Privacy-Preserving Data Mining. SIGMOD Conference 2000: Ramakrishnan SrikantSIGMOD Conference Elisa Bertino, Bhavani M. Thuraisingham, Michael Gertz, Maria Luisa Damiani: Security and privacy for geospatial data: concepts and research directions. SPRINGL 2008: 6-19 Elisa BertinoMichael GertzMaria Luisa DamianiSPRINGL Mohammad M. Masud, Latifur Khan, Bhavani M. Thuraisingham: A Hybrid Model to Detect Malicious Executables. ICC 2007: Latifur KhanBhavani M. ThuraisinghamICC Pallabi Parveen, Nate McDaniel, Varun S. Hariharan, Bhavani M. Thuraisingham, Latifur Khan: Unsupervised Ensemble Based Learning for Insider Threat Detection SocialCom/PASSAT 2012: Nate McDanielVarun S. HariharanBhavani M. ThuraisinghamLatifur KhanSocialCom/PASSAT Bhavani M. Thuraisingham: Data Mining, National Security, Privacy and Civil Liberties. SIGKDD Explorations 4(2): 1-5 (2002)SIGKDD Explorations 4

Suggested papers for Malware detection - Mohammad M. Masud, Latifur Khan, Bhavani M. Thuraisingham: E- Mail Worm Detection Using Data Mining. IJISP 1(4): (2007)Latifur KhanBhavani M. ThuraisinghamIJISP 1 - Mohammad M. Masud, Latifur Khan, Bhavani M. Thuraisingham, Xinran Wang, Peng Liu, Sencun Zhu: Detecting Remote Exploits Using Data Mining. IFIP Int. Conf. Digital Forensics 2008: Latifur KhanBhavani M. ThuraisinghamXinran WangPeng LiuSencun ZhuIFIP Int. Conf. Digital Forensics Latifur Khan, Mamoun Awad, Bhavani M. Thuraisingham: A new intrusion detection system using support vector machines and hierarchical clustering. VLDB J. 16(4): (2007) Latifur KhanBhavani M. ThuraisinghamVLDB J. 16

Index to Lectures for Exam #1 Introduction to course Lecture 1: Introduction to data and applications security Lecture 2: Cyber security modules (extra credit) Lecture 3: Access control Lecture 4: Malware (extra credit) Lecture 5: Data Mining (will not be included) Lecture 6: Data and application development security Lecture 7: Multilevel secure data management Lecture 8: Assignment #1 Lecture 9: Inference problem – 1 Lecture 10: Inference problem – 2 Lecture 11: Assignment #2

Index to Lectures for Exam #1 Lecture 12: Unsupervised ensemble based learning for insider threat Lecture 13: Secure distributed data management (will include information sharing) Lecture 14: Intro to semantic web (not included in exam) Lecture 15: Secure object Lecture 16: Data warehouse, data mining security Lecture 17: Data mining for malware detection Lecture 18: Privacy Lecture 19: Assignment #3 Note: Inference problem or secure distributed data will also distributed inference control

Papers to Read for Exam #2 (Cloud) - Bhavani M. Thuraisingham, Vaibhav Khadilkar, Anuj Gupta, Murat Kantarcioglu, Latifur Khan: Secure data storage and retrieval in the cloud. CollaborateCom 2010:1-8 (Relational HIVE + XACML) Bhavani M. ThuraisinghamVaibhav KhadilkarAnuj GuptaMurat KantarciogluLatifur KhanCollaborateCom 2010:1-8 - Mohammad Farhan Husain, Latifur Khan, Murat Kantarcioglu, Bhavani M. Thuraisingham:Data Intensive Query Processing for Large RDF Graphs Using Cloud Computing Tools.IEEE CLOUD 2010: 1-10 (background paper, not for exam)) Mohammad Farhan HusainMurat KantarciogluBhavani M. ThuraisinghamIEEE CLOUD Arindam Khaled, Mohammad Farhan Husain, Latifur Khan, Kevin W. Hamlen, Bhavani M. Thuraisingham: A Token-Based Access Control System for RDF Data in the Clouds.CloudCom 2010: (RDF + XACML))Mohammad Farhan HusainLatifur KhanKevin W. HamlenBhavani M. ThuraisinghamCloudCom Tyrone Cadenhead, Murat Kantarcioglu, Vaibhav Khadilkar, Bhavani M. Thuraisingham: Design and Implementation of a Cloud-Based Assured Information Sharing System. MMM- ACNS 2012:36-50 (RDF Only for data and policies) Tyrone CadenheadMurat KantarciogluVaibhav KhadilkarBhavani M. ThuraisinghamMMM- ACNS 2012:36-50

Papers to Read for Exam #2 (Misc) - Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M. Thuraisingham, Amar Gupta: Selective and Authentic Third- Party Distribution of XML Documents. IEEE Trans. Knowl. Data Eng. 16(10): (2004) (October 25/Nov 1) – the proofs are not necessary – up to section 6 Elisa BertinoBarbara CarminatiElena FerrariAmar GuptaIEEE Trans. Knowl. Data Eng Elisa Bertino, Latifur R. Khan, Ravi S. Sandhu, Bhavani M. Thuraisingham: Secure knowledge management: confidentiality, trust, and privacy. IEEE Transactions on Systems, Man, and Cybernetics, Part A (TSMC) 36(3): (2006) Elisa BertinoLatifur R. KhanRavi S. SandhuBhavani M. ThuraisinghamIEEE Transactions on Systems, Man, and Cybernetics, Part A (TSMC) 36(3): (2006) - David W. Chadwick, George Inman: Attribute Aggregation in Federated Identity Management. IEEE Computer 42(5): (2009) (November 1, 2013)George InmanIEEE Computer 42 - Jungin Kim, Bhavani M. Thuraisingham: Dependable and Secure TMO Scheme. ISORC 2006: Bhavani M. ThuraisinghamISORC 2006

Papers to Read for Exam #2 (Social Networks) - Barbara Carminati, Elena Ferrari, Raymond Heatherly, Murat Kantarcioglu,Bhavani M. Thuraisingham: A semantic web based framework for social network access control. SACMAT 2009: Barbara CarminatiElena FerrariRaymond HeatherlyMurat KantarciogluBhavani M. ThuraisinghamSACMAT 2009: Raymond Heatherly, Murat Kantarcioglu, Bhavani M. Thuraisingham: Preventing Private Information Inference Attacks on Social Networks. IEEE Trans. Knowl. Data Eng. (TKDE) 25(8): (2013) (just understand the basic concepts in this paper; math detailed are not necessary) Raymond HeatherlyMurat KantarciogluBhavani M. ThuraisinghamIEEE Trans. Knowl. Data Eng. (TKDE) 25(8): (2013)

Some Suggested Papers (Not included for Exam #2) - Tyrone Cadenhead, Vaibhav Khadilkar, Murat Kantarcioglu, Bhavani M. Thuraisingham: Transforming provenance using redaction. SACMAT 2011: Tyrone CadenheadVaibhav KhadilkarMurat KantarciogluBhavani M. ThuraisinghamSACMAT 2011: Tyrone Cadenhead, Vaibhav Khadilkar, Murat Kantarcioglu, Bhavani M. Thuraisingham: A language for provenance access control. CODASPY 2011: Tyrone CadenheadVaibhav KhadilkarMurat KantarciogluBhavani M. ThuraisinghamCODASPY 2011: Timothy W. Finin, Anupam Joshi, Lalana Kagal, Jianwei Niu, Ravi S. Sandhu, William H. Winsborough, Bhavani M. Thuraisingham: ROWLBAC: representing role based access control inOWL. SACMAT 2008:73-82 Timothy W. FininAnupam JoshiLalana KagalJianwei NiuRavi S. SandhuWilliam H. WinsboroughBhavani M. ThuraisinghamSACMAT 2008: Secure Biometrics Secure Biometrics - 0&rep=rep1&type=pdf 0&rep=rep1&type=pdf

Index to Lectures for Exam #2 Lecture 20 – Secure web services Lecture 21 – Trustworthy semantic web Lecture 22 – Secure third party publication Lecture 23 – Secure Cloud Lecture 24 – Assignment #4 Lecture 25 – Data intensive query processing + security Lecture 26 – Attribute aggregation in federated identity Lecture 27 – Secure knowledge management Lecture 28 – Semantic web and social networks Lecture 29 – Security and privacy for social networks Lecture 30 – Virtualization and security Lecture 31 – Secure Dependable data management

Index to Lectures for Exam #2 Lecture 32 - Hadoop/MapReduce Lecture 33 – Digital Forensics / Biometrics Lecture 34 – Cloud-based Assured Information Sharing Lecture 35 – ROWLBAC = RBAC + OWL Lecture 36 – Data Provenance Lecture 37 – Database Vulnerabilities Lecture 38 – Data, Information and Knowledge Management Lecture 39 – Big Data, No-SQL Lecture 40 – Mission Assurance – Building Trusted Applications from Untrusted Systems

Contacts: Instructor - Dr. Bhavani Thuraisingham - Louis Beecherl Distinguished Professor of Computer Science - Executive Director of the Cyber Security Research and Education Institute - Erik Jonsson School of Engineering and Computer Science - The University of Texas at Dallas Richardson, TX Phone: Fax: URL: URL:

Contacts: Teaching Assistant l Mohammed Iftekhar l Teaching Assistant Computer Science PhD, Computer Science Erik Jonsson Sch of Engr & Com