Csilla Farkas Department of Computer Science and Engineering University of South Carolina

Slides:



Advertisements
Similar presentations
Dr. Leo Obrst MITRE Information Semantics Information Discovery & Understanding Command & Control Center February 6, 2014February 6, 2014February 6, 2014.
Advertisements

27 January Semantically Coordinated E-Market Semantic Web Term Project Prepared by Melike Şah 27 January 2005.
Gleaning Resource Descriptions from Dialects of Languages (GRDDL) W3C Team Submission 16 May 2005 Dominique Hazaël-Massieux, Dan Connolly Summarized by.
Provenance in Open Distributed Information Systems Syed Imran Jami PhD Candidate FAST-NU.
Computer Science and Engineering 1 What these organizations have in common? American Education Services, PA United States Marine Corps / Penn State University.
Research to Reality William Ribarsky Remco Chang University of North Carolina at Charlotte.
MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.
The MetaDater Model and the formation of a GRID for the support of social research John Kallas Greek Social Data Bank National Center for Social Research.
DATA INTEGRATION SOLUTION FOR PAPER INDUSTRY Industrial Ontologies Group University of Jyväskylä Motivating scenario ! Customer Site (maintenance support)
Semantic Web Technologies Lecture # 2 Faculty of Computer Science, IBA.
LÊ QU Ố C HUY ID: QLU OUTLINE  What is data mining ?  Major issues in data mining 2.
EGovernance Metadata Model for India Dr. A.R.D. Prasad Documentation Research & Training Centre Indian Statistical Institute, Bangalore.
Some Thoughts to Consider 6 What is the difference between Artificial Intelligence and Computer Science? What is the difference between Artificial Intelligence.
SC32 WG2 Metadata Standards Tutorial Metadata Registries and Big Data WG2 N1945 June 9, 2014 Beijing, China.
Computer Science and Engineering 1 XML, RDF, Workflow Security.
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
CSCE 548 Secure Software Development Web Application Security.
U.S. Department of the Interior U.S. Geological Survey Next Generation Data Integration Challenges National Workshop on Large Landscape Conservation Sean.
Computer Science and Engineering 1 Cyber Security University of South Carolina Columbia Center for Information Assurance Engineering (CIAE)
CSCE 727 Information Warfare
From Data to Outcomes GIGEL AVRAM SEP About Big Data We had “data” before “big data”, so what is different ? A wealth of ambient data : -Machine.
Linked-data and the Internet of Things Payam Barnaghi Centre for Communication Systems Research University of Surrey March 2012.
A New Technology for Unifying Knowledge and Semantics to Harness the Fusion of People- Process-Technology Dr. Geoffrey P Malafsky TECHi2.
Ontology Summit 2015 Track C Report-back Summit Synthesis Session 1, 19 Feb 2015.
CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.
Computer Science and Engineering 1 Information Assurance Research Department of Computer Science and Engineering University of South Carolina, Columbia.
Data Warehousing Data Mining Privacy. Reading Bhavani Thuraisingham, Murat Kantarcioglu, and Srinivasan Iyer Extended RBAC-design and implementation.
Open Sources -- Intelligence The GoodThe Bad The Ugly Challenges.
National Partnership for Advanced Computational Infrastructure San Diego Supercomputer Center Persistent Management of Distributed Data Reagan W. Moore.
©Ferenc Vajda 1 Semantic Grid Ferenc Vajda Computer and Automation Research Institute Hungarian Academy of Sciences.
Graph Data Analytics Arka Mukherjee, Ph.D. Global IDs Resolving Complexity at an Enterprise Scale.
The Semantic Web: An Interview with Tim Berners-Lee VISION: What new capabilities will the Semantic Web have? STATUS: Who is committed and how do we get.
Inference Problem Privacy Preserving Data Mining.
OWL Representing Information Using the Web Ontology Language.
Introduction to the Semantic Web and Linked Data
CSCE 824 Secure (and Distributed) Database Management Systems FarkasCSCE
Legal and Ethical Issues in Computer Security Csilla Farkas
Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Inference Problem March 4, 2011.
Inference Problem Privacy Preserving Data Mining.
Erik Jonsson School of Engineering and Computer Science The University of Texas at Dallas Cyber Security Research on Engineering Solutions Dr. Bhavani.
Web Services Blake Schernekau March 27 th, Learning Objectives Understand Web Services Understand Web Services Figure out SOAP and what it is used.
© 1990—2006 Visual Knowledge Software® | Private and Confidential | 2 Semantic Agent Wikis For Engineering.
Cognitive & Organizational Challenges of Big Data in Cyber Defence. YALAVARTHI ANUSHA 1.
Big Data Analytics Are we at risk? Dr. Csilla Farkas Director Center for Information Assurance Engineering (CIAE) Department of Computer Science and Engineering.
Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 1: Why Study Information Security?
XML and Distributed Applications By Quddus Chong Presentation for CS551 – Fall 2001.
Informatics for Scientific Data Bio-informatics and Medical Informatics Week 9 Lecture notes INF 380E: Perspectives on Information.
Abstract MarkLogic Database – Only Enterprise NoSQL DB Aashi Rastogi, Sanket V. Patel Department of Computer Science University of Bridgeport, Bridgeport,
Setting the stage: linked data concepts Moving-Away-From-MARC-a-thon.
Computer Science and Engineering 1 Cyber Security University of South Carolina Columbia Center for Information Assurance Engineering (CIAE)
The Rise of Data CHAOS Driving Growth through Digital Transformation.
Conceptualizing the research world
Web Data and Application Security
Building Trustworthy Semantic Webs
Introduction and Basic Concepts
Internet of Things: Security Challenges
Csilla Farkas Cybersecurity Csilla Farkas
MBML_Efficient Testing Methodology for Machine Learning
Zachary Cleaver Semantic Web.
LOD reference architecture
World-Leading Research with Real-World Impact!
Trustworthy Semantic Webs
Data Provenance.
Jonathan Griffin, Managing Director, IFIS Publishing &
Trustworthy Semantic Web
Andrei G. Stoica and Csilla Farkas
XML, distributed data, replicated data, and Security
Cyber Security R&D: A Personal Perspective
XML and Security Csilla Farkas
Presentation transcript:

Csilla Farkas Department of Computer Science and Engineering University of South Carolina

Who is Impacted by Cyber Attacks? Source: / /

What is Cyber Security? Highly Technical People, processes, and technology Legislation and Regulation Risk management

Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human and some automated usage – Interactive Web pages – Web Services (WSDL, SOAP, SAML) – Semantic Web (RDF, OWL, RuleML, Web databases) – XML technology (data exchange, data representation) Future: Semantic Web Services

ARE THE EXISTING SECURITY MECHANISMS SUFFICIENT TO PROVIDE DATA AND APPLICATION SECURITY OF THE NEXT GENERATION WEB?

Limitation of Research Syntax-based No association protection Limited handling of updates No data or application semantics No inference control

Secure XML Views - Example UC S John Smith UC S Jim Dale UC TS S Harry Green UC S Joe White UC MT78 TS medicalFiles countyRec patient name John Smith milBaseRec physician Jim Dale physician Joe White name Harry Green milTag MT78 patient phone phone View over UC data

Secure XML Views - Example cont. John Smith Jim Dale Harry Green Joe White medicalFiles countyRec patient name John Smith milBaseRec physician Jim Dale physician Joe White name Harry Green patient View over UC data

Secure XML Views - Example cont. medicalFiles countyRec patient name John Smith milBaseRec physician Jim Dale physician Joe White name Harry Green patient View over UC data John Smith Jim Dale Harry Green Joe White

Secure XML Views - Example cont. UC S John Smith UC Jim Dale UC TS S Harry Green UC Joe White UC medicalFiles countyRec patient name John Smith milBaseRec physician Jim Dale physician Joe White name Harry Green patient View over UC data

Secure XML Views - Example cont. medicalFiles name John Smith physician Jim Dale physician Joe White name Harry Green View over UC data John Smith Jim Dale Harry Green Joe White

Secure XML Views - Solution Multi-Plane DTD Graph (MPG) Minimal Semantic Conflict Graph (association preservation) Cover story Transformation rules

TopSecret Secret Unclassified Multi-Plane DTD Graph D,medicalFiles D, countyRecD, milBaseRec D, patientD, milTag D, nameD, phone UC S S S TS D, physician MPG = DTD graph over multiple security planes

Transformation - Example namephone physician MSCG MPG TS UC S Security Space Secret

Transformation - Example MPG TS S UC SP name physician MSCG

Transformation - Example MPG TS S UC  SP MSCG

Transformation - Example MPG TS S UC SP medicalFiles emergencyRec name physician Data Structure

The Inference Problem General Purpose Database: Non-confidential data + Metadata  Undesired Inferences Semantic Web: Non-confidential data + Metadata (data and application semantics) + Computational Power + Connectivity  Undesired Inferences

Association Graph Association similarity measure – Distance of each node from the association root – Difference of the distance of the nodes from the association root – Complexity of the sub-trees originating at nodes Example: Air show address fort XML document: Association Graph: address fort Public Public, AC

Correlated Inference Object[]. waterSource :: Object basin :: waterSource place :: Object district :: place address :: place base :: Object fort :: base address fort Public Water source base Confidential district basin Public ? Concept Generalization: weighted concepts, concept abstraction level, range of allowed abstractions

21 Correlated Inference (cont.) address fort Public district basin Public Object[]. waterSource :: Object basin :: waterSource place :: Object district :: place address :: place base :: Object fort :: base place base Water Source Water source Base Place Water source base Confidential

Inference Removal Relational databases: limit access to data Web inferences – Cannot redesign public data outside of protection domain – Cannot modify/refuse answer to already published web page Protection Options – Release misleading information – Remove information – Control access to metadata

Big Data Analytics: Are there new questions? Technologies Big Data characteristics Big Data characteristics – Volume – Variety – Velocity – live database, fast growth

Past: The Inference Problem Organizational Data Confidential Attacker Public Access Control X Ontology Data Integration and Inferences Web Data

Present: Big Data Inferences Private ? Ontology Data Integration and Inferences Web Data Secure ?

Future: Research Challenges Security for raw data Security for raw data – Flexible access control – Data removal Security for metadata Security for metadata – Protection need of novel, new concept – Metadata guided attacks Cross-context attacks Cross-context attacks – Correlate data across multiple contexts SemanticWebTechnologies

Need for Visualization Context 1 Context 3 Context 2

Questions?

National Center of Academic Excellence in Information Assurance Education National Training Standards, Knowledge Units

OUTREACH EDUCATION RESEARCH CIAE Mission

OUTREACH EDUCATION IA courses IA specialization Applied Computing Graduate IA Certificate RESEARCH K-12 Cyber Security Education Higher Educational Institutes Industry Partnership

OUTREACH EDUCATION RESEARCH External funding Peer-reviewed publications Ph.D. graduates CIAE Mission

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.