Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Data and Application Security

Published byBarry Wright Modified over 6 years ago

Similar presentations

Presentation on theme: "Web Data and Application Security"— Presentation transcript:

1 Web Data and Application Security
Csilla Farkas Center of Information Assurance Engineering Department of Computer Science and Engineering University of South Carolina

2 Web Evolution Past: Human usage HTTP Static Web pages (HTML)
Current: Human and some automated usage Interactive Web pages Web Services (WSDL, SOAP, SAML) Semantic Web (RDF, OWL, RuleML, Web databases) XML technology (data exchange, data representation) Future: Semantic Web Services

3 Outline Security on the Web Data Security Metadata Security
Application Security Future Directions

4 ARE THE EXISTING SECURITY MECHANISMS SUFFICIENT TO PROVIDE DATA AND APPLICATION SECURITY OF THE NEXT GENERATION WEB?

5 Information Assurance
Inference Control Privacy Security Trust Applications Policy making Formal models Negotiation Protocol Analysis Anonymity Access control Semantic web security Encryption Information hiding Data mining Computer epidemic Data provenance Fraud Biometrics Access Control Inference Control

6 Outline Security on the Web Data Security
Access Control Models for Semi-Structured Data Syntactic XML Secure XML Views XML Updates XML association object XML and Semantics SMIL Inference Control Metadata Security Application Security Future Directions

7 Limitation of Research
Syntax-based No association protection Limited handling of updates No data or application semantics No inference control

8 Outline Security on the Web Data Security
Access Control Models for Semi-Structured Data Syntactic XML Secure XML Views XML Updates XML association object XML and Semantics SMIL Inference Control Metadata Security Application Security Future Directions

9 Secure XML Views - Example
medicalFiles <medicalFiles> UC <countyRec> S <patient> S <name>John Smith </name> UC <phone> </phone> S </patient> <physician>Jim Dale </physician> UC </countyRec> <milBaseRec> TS <name>Harry Green</name> UC <phone> </phone> S <physician>Joe White </physician> UC <milTag>MT78</milTag> TS </milBaseRec> </medicalFiles> countyRec milBaseRec physician Jim Dale physician Joe White milTag MT78 patient patient name John Smith phone name Harry Green phone View over UC data

10 Secure XML Views - Example cont.
medicalFiles <medicalFiles> <countyRec> <patient> <name>John Smith</name> </patient> <physician>Jim Dale</physician> </countyRec> <milBaseRec> <name>Harry Green</name> <physician>Joe White</physician> </milBaseRec> </medicalFiles> countyRec milBaseRec physician Jim Dale physician Joe White patient patient name John Smith name Harry Green View over UC data

11 Secure XML Views - Example cont.
medicalFiles <medicalFiles> <tag01> <tag02> <name>John Smith</name> </tag02> <physician>Jim Dale</physician> </tag01> <tag03> <name>Harry Green</name> <physician>Joe White</physician> </tag03> </medicalFiles> countyRec milBaseRec physician Jim Dale physician Joe White patient patient name John Smith name Harry Green View over UC data

12 Secure XML Views - Example cont.
medicalFiles <medicalFiles> UC <countyRec> S <patient> S <name>John Smith</name> UC </patient> <physician>Jim Dale</physician> UC </countyRec> <milBaseRec> TS <name>Harry Green</name> UC <physician>Joe White</physician> UC </milBaseRec> </medicalFiles> countyRec milBaseRec physician Jim Dale physician Joe White patient patient name John Smith name Harry Green View over UC data

13 Secure XML Views - Example cont.
medicalFiles <medicalFiles> <name>John Smith</name> <physician>Jim Dale</physician> <name>Harry Green</name> <physician>Joe White</physician> </medicalFiles> physician Jim Dale name John Smith physician Joe White name Harry Green View over UC data

14 Secure XML Views - Solution
Multi-Plane DTD Graph (MPG) Minimal Semantic Conflict Graph (association preservation) Cover story Transformation rules

15 Multi-Plane DTD Graph MPG = DTD graph over multiple security planes
<medicalFiles> <milTag> <phone> <milBaseRec> <countyRec> <patient> <physician> <name> TopSecret Secret Unclassified D,medicalFiles D, countyRec D, milBaseRec D, patient D, milTag D, name D, phone UC S TS D, physician

16 Transformation - Example
<milBaseRec> MPG <milTag> TS MSCG <countyRec> <patient> name phone S <phone> physician <medicalFiles> Security Space Secret UC <physician> <name>

17 Transformation - Example
<milBaseRec> <milTag> TS <countyRec> <patient> name <phone> S physician <emrgRec> <medicalFiles> MSCG UC <physician> <name> SP MPG

18 Transformation - Example
<milBaseRec> <milTag> TS <countyRec> <patient> <phone> S <emrgRec> <medicalFiles> MSCG UC <physician> <name> SP MPG

19 Transformation - Example
<milBaseRec> <milTag> TS medicalFiles <countyRec> <patient> emergencyRec <phone> S physician name <emrgRec> <medicalFiles> UC <physician> <name> Data Structure SP MPG

20 Outline Security on the Web Data Security
Access Control Models for Semi-Structured Data Syntactic XML Secure XML Views XML Updates XML association object XML and Semantics SMIL Inference Control Metadata Security Application Security Future Directions

21 ? Delete - Example Report P Title Data Date Temperature Images S
Water Resources Concrete Location Civil Area Defense Sector P S TS ?

22 Delete Operations Delete entire sub-tree under a deleted node
Most widely used approach Problem: blind write Delete only the viewable nodes Problem: fragmentation of XML tree Reject the delete Problem: covert channel

23 Different Solution – Deleted Label
Basic Idea A unique domain “Del” for deleted nodes Change security classification of deleted node (o, {do  Del}) Perform after delete operation Change security clearance of users, where s = (s, {ds}) > (o, {do}) to ( (s, {ds}) , (o, {do  Del}) ) Can be preprocessed Use BLP axioms

24 Example - Top Secret View
Report Title Data Date Temperature Images Concrete Location Defense Sector (S,{Del}) TS P Subject clearances: (TS, {})  { (TS, {}) , (S, {Del}), (P, {Del}) } (S, {})  { (S, {}), (P, {Del}) } (P, {})  { (P, {}) }

25 Node Association - Example
MedicalDb Patient * Patient Phone Name Patient Birthdate Race Date Diagnosis Comments Phone Birthdate Name SSN Race Allergies Allergen * Date Diagnosis Physician Prescription * Comments DTD of Patient Health Record

26 Layered Access Control
Object - Association level classification + - Node level classification

27 Simple Security Object
 ti : (ti) = (o) t1 t4 t3 t2

28 Association Security Object
 ti : (ti) < (o) t1 t4 t3 t2

29 Query Pattern FOR $x in //r LET $y := $x/d, $z := $x/a
b c v1 FOR $x in //r LET $y := $x/d, $z := $x/a RETURN <answer> {$z/c} </answer> WHERE { $z/b==$y} Query Pattern

30 Pattern Automata Pattern Automata X = { S, Q, q0 , Qf , d }
S = E  A  { pcdata, //} d is a transition function Q = {q0 , … , qn} Qf  Q, (q0 Ï Qf) Valid transitions on d are of the following form: s(qi, … ,qj)  qk If d does not contain a valid transition rule, the default new state is q0

31 Pattern Automata - Example
= { a, b, c, //} Q = {q0, qa, qb, qc} Qf = {qa} d = { b( )  qb , c( )  qc , a(qb,qc)  qa , *(qa)  qa } a b c // Association object Pattern Automata

32 Outline Security on the Web Data Security
Access Control Models for Semi-Structured Data Syntactic XML Secure XML Views XML Updates XML association object XML and Semantics SMIL Inference Control Metadata Security Application Security Future Directions

33 SMIL AUDIO VIDEO SILENCE VIDEO and AUDIO together
VIDEO after END of AUDIO Sequential Operator “SEQ” Parallel Operator “PAR” Switch Operator “switch” If Condition B= TRUE, then only AUDIO If Condition A= TRUE, then only VIDEO SILENCE VIDEO and AUDIO together

34 SMIL vs. XML In both, document = tree BUT
XML has NO intended semantics, SMIL specify runtime behavior QoS (timeliness and continuity) specified using synchronization constructs <par>, <seq>, <excl> and others. No Security for SMIL <smil> <seq> <par> <audio src=“ <video src=“ </par> <audio src=“ <video src=“ </seq> </smil> <smil> <seq> <par> <par> Video2 Video1 Audio1 Audio2

35 Object Identity in SMIL - I
Audio 1 Audio 2 Video 1 Video 2 PAR V1 V2 SEQ A1 A2

36 Object Identity in SMIL - II
Audio 1 Audio 2 Video 1 Video 2 PAR V1 A2 SEQ A1 V2

37 Object Identity in SMIL - III
Audio 2 Audio 1 Video 1 Video 2 SEQ A2 V2 PAR A1 V1

38 SMIL Normal Form SMIL Normal Form (smilNF) is of the form <seq> <par> C_1,1(s) C_1,2 (s) C_1,3 (s) .. C_1,n (s)</par> <par> ……………………..………………<par> <par> C_ m,1(s) C_m,2(s) C_ m,3 (s)..C_m,n (s)</par> </seq> where C i,j are audio or video, image or text media intervals.

39 Normalization Algorithm
SEQ SEQ 1 2 3 A A1 A2 A3 <PAR> <PAR> <PAR> B B1 B2 B3 <PAR> C C1 C2 C3 A1 B1 D1 C1 A3 B3 D3 C3 D D1 D2 D3 A2 B2 D2 Representation 1 C2 SEQ SEQ 1 2 3 A A1 A2 A3 B1 B2 B3 C1 C2 C3 D1 D2 D3 B <PAR> <PAR> <PAR> <PAR> C A1 C3 D B2 C2 D2 Representation 2

40 Metadata in SMIL - RBAC Example
<SEQ> <PAR> V1 A2 V2 (r1)<PAR> A1 (r3)V1 (r1)A2 (r2)V2 (Empty) A1 RBAC metadata decorated SMIL Normal Form SMIL Normal Form Permitted view for Role 1

41 Outline Security on the Web Data Security
Access Control Models for Semi-Structured Data Syntactic XML Secure XML Views XML Updates XML association object XML and Semantics SMIL Inference Control Metadata Security Application Security Future Directions

42 Non-confidential data + Metadata 
The Inference Problem General Purpose Database: Non-confidential data + Metadata  Undesired Inferences Semantic Web: Non-confidential data + Metadata (data and application semantics) + Computational Power + Connectivity  Undesired Inferences

43 Association Graph Association similarity measure Example:
Distance of each node from the association root Difference of the distance of the nodes from the association root Complexity of the sub-trees originating at nodes Example: XML document: Association Graph: Public Air show address fort Public, AC address fort

44 Correlated Inference Concept Generalization: weighted concepts, concept abstraction level, range of allowed abstractions Object[]. waterSource :: Object basin :: waterSource place :: Object district :: place address :: place base :: Object fort :: base address fort Public Water source base Confidential district basin ?

45 Correlated Inference (cont.)
Object[]. waterSource :: Object basin :: waterSource place :: Object district :: place address :: place base :: Object fort :: base Base Place place base Public address fort Public Water source district basin Water Source Water source base Confidential f

46 Inference Removal Relational databases: limit access to data
Web inferences Cannot redesign public data outside of protection domain Cannot modify/refuse answer to already published web page Protection Options: Release misleading information Remove information Control access to metadata

47 Outline Security on the Web Data Security
Access Control Models for Semi-Structured Data Syntactic XML Secure XML Views XML Updates XML association object XML and Semantics SMIL Inference Control Metadata Security Application Security Future Directions

48 Metadata Security No security model exists for metadata
Can we use existing security models to protect metadata? RDF/S is the Basic Framework for SW RDF/S supports simple inferences This is not true of XML: XML Access control cannot be used to protect RDF /S data

49 RDF/S Entailment Rules
Example RDF/S Entailment Rules ( ) Rdfs2: (aaa, rdfs:domain, xxx) + (uuu, aaa, yyy)  (uuu, rdf:type, xxx) Rdfs3: (aaa, rdfs:range, xxx) + (uuu, aaa, vvv) (vvv, rdf:type, xxx) Rdfs5: (uuu, rdfs:subPropertyOf, vvv) + (vvv, rdfs:subPropertyOf, xxx) (uuu,rdfs:subPropertyOf, xxx) Rdfs11: (uuu, rdfs:subClassOf, vvv)+(vvv, rdfs:subClassOf, xxx)(uuu,rdfs:subClassOf, xxx)

50 Example Graph Format RDF Triples: (Student, rdfs:subClassOf, Person)
(University, rdfs:subClassOf, GovAgency) (studiesAt, rdfs:domain, Student) (studiesAt, rdfs:range,University) (studiesAt, rdfs:subPropertyOf, memberAt) (John, studiesAt, USC)

51 Example Graph Format

52 Example Graph Format

53 Example Graph Format

54 Secure RDF Entailed Data in RDF can cause illegal inferences:
(John, studiesAt, USC) [S] + (studiesAt, rdfs:domain, University) [S]  (USC, rdf:type, University) [S] (USC, rdf:type, University) [S]+ (University, rdf:subclassOf, GovAgency) [S]  (USC, rdf:type, GovAgency) [TS] Secret User can infer TS information

55 RDF Access Control Security Policy Subject Object – Object pattern
Access Mode Default policy Conflict Resolution Classification of entailed data Flexible granularity

56 Prototype Systems XML Access Control Secure Views 
Association-level access control  MLS/XML Delete  Ontology Guided XML Inferences  RDF Access Control  Future Work Next versions OWL access control Application-level security

57 Secure XML Updates Result NodeSecurity Manager.java NativeElement
PathSatisfaction .java MACParser .java MACModel .java NodeSecurity Manager.java NativeElement Index.java Result FilepathAbsoute Table UserName XMLUtil.java UserManagement .java

58 Secure XML Updates - Example

59 RDF Access Control Example

60 Outline Security on the Web Data Security
Access Control Models for Semi-Structured Data Syntactic XML Secure XML Views XML Updates XML association object XML and Semantics SMIL Inference Control Metadata Security Application Security Future Directions

61 Application Security Security Policy:
Application semantics (from syntax to semantics) External requirements Privacy Trust management Compliance checking

62 Future Work Role of semantics: data and application specific characteristics Access Control: dynamic, adaptable access control, federation management Collaboration: decentralized authentication, process management, contextual info, quality of service Formal Models

63 Conclusions Need: Collaboration between
security experts and application developers

Download ppt "Web Data and Application Security"

Similar presentations

Dr. Leo Obrst MITRE Information Semantics Information Discovery & Understanding Command & Control Center February 6, 2014February 6, 2014February 6, 2014.

Dr. Leo Obrst MITRE Information Semantics Information Discovery & Understanding Command & Control Center February 6, 2014February 6, 2014February 6, 2014.
XML: Extensible Markup Language

XML: Extensible Markup Language
RDF Schemata (with apologies to the W3C, the plural is not ‘schemas’) CSCI 7818 – Web Technologies 14 November 2001 Van Lepthien.

RDF Schemata (with apologies to the W3C, the plural is not ‘schemas’) CSCI 7818 – Web Technologies 14 November 2001 Van Lepthien.
XML Technology in E-Commerce

XML Technology in E-Commerce
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Provenance in Open Distributed Information Systems Syed Imran Jami PhD Candidate FAST-NU.

Provenance in Open Distributed Information Systems Syed Imran Jami PhD Candidate FAST-NU.
Computer Science and Engineering 1 What these organizations have in common? American Education Services, PA United States Marine Corps / Penn State University.

Computer Science and Engineering 1 What these organizations have in common? American Education Services, PA United States Marine Corps / Penn State University.
Dr. Jim Bowring Computer Science Department College of Charleston CSIS 690 (633) May Evening 2009 Semantic Web Principles and Practice Class 5: 27 May.

Dr. Jim Bowring Computer Science Department College of Charleston CSIS 690 (633) May Evening 2009 Semantic Web Principles and Practice Class 5: 27 May.
Xyleme A Dynamic Warehouse for XML Data of the Web.

Xyleme A Dynamic Warehouse for XML Data of the Web.
Dr. Alexandra I. Cristea RDF.

Dr. Alexandra I. Cristea RDF.
COMP 6703 eScience Project Semantic Web for Museums Student : Lei Junran Client/Technical Supervisor : Tom Worthington Academic Supervisor : Peter Strazdins.

COMP 6703 eScience Project Semantic Web for Museums Student : Lei Junran Client/Technical Supervisor : Tom Worthington Academic Supervisor : Peter Strazdins.
The RDF meta model: a closer look Basic ideas of the RDF Resource instance descriptions in the RDF format Application-specific RDF schemas Limitations.

The RDF meta model: a closer look Basic ideas of the RDF Resource instance descriptions in the RDF format Application-specific RDF schemas Limitations.
From SHIQ and RDF to OWL: The Making of a Web Ontology Language

From SHIQ and RDF to OWL: The Making of a Web Ontology Language
Building Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Semantic web technologies for secure interoperability and.

Building Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Semantic web technologies for secure interoperability and.
TAPP-09 23/02/2009Giorgos Flouris1 On Explicit Provenance Management in RDF/S Graphs Institute of Computer Science Foundation for Research and Technology.

TAPP-09 23/02/2009Giorgos Flouris1 On Explicit Provenance Management in RDF/S Graphs Institute of Computer Science Foundation for Research and Technology.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Publishing data on the Web (with.

© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Publishing data on the Web (with.
Computer Science and Engineering 1 XML, RDF, Workflow Security.

Computer Science and Engineering 1 XML, RDF, Workflow Security.
Practical RDF Chapter 1. RDF: An Introduction

Practical RDF Chapter 1. RDF: An Introduction
CSCE 548 Secure Software Development Web Application Security.

CSCE 548 Secure Software Development Web Application Security.
1 © Netskills Quality Internet Training, University of Newcastle Introducing XML © Netskills, Quality Internet Training University.

1 © Netskills Quality Internet Training, University of Newcastle Introducing XML © Netskills, Quality Internet Training University.

Similar presentations

Ads by Google