1. Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Inference Problem March 4, 2011

2. History l Statistical databases (1970s – present) l Inference problem in databases (early 1980s - present) l Inference problem in MLS/DBMS (late 1980s – present) l Unsolvability results (1990) l Logic for secure databases (1990) l Semantic data model applications (late 1980s - present) l Emerging applications (1990s – present) l Privacy (2000 – present)

3. Statistical Databases l Census Bureau has been focusing for decades on statistical inference and statistical database l Collections of data such as sums and averages may be given out but not the individual data elements l Techniques include - Perturbation where results are modified - Randomization where random samples are used to compute summaries l Techniques are being used now for privacy preserving data mining

4. Security Constraints / Access Control Rules / Policies l Simple Constraint: John cannot access the attribute Salary of relation EMP l Content-based constraint: If relation MISS contains information about missions in the Middle East, then John cannot access MISS l Association-based Constraint: Ship’s location and mission taken together cannot be accessed by John; individually each attribute can be accessed by John l Release constraint: After X is released Y cannot be accessed by John l Aggregate Constraint: Ten or more tuples taken together cannot be accessed by John l Dynamic Constraint: After the Mission, information about the mission can be accessed by John

5. Security Constraints/Policies for Healthcare l Simple Constraint: Only doctors can access medical records l Content-based constraint: If the patient has Aids then this information is private l Association-based Constraint: Names and medical records taken together is private l Release constraint: After medical records are released, names cannot be released l Aggregate Constraint: The collection of patients is private, individually public l Dynamic Constraint: After the patient dies, information about him becomes public

6. Inference Problem in MLS/DBMS Inference is the process of forming conclusions from premises If the conclusions are unauthorized, it becomes a problem Inference problem in a multilevel environment Aggregation problem is a special case of the inference problem - collections of data elements is Secret but the individual elements are Unclassified Association problem: attributes A and B taken together is Secret - individually they are Unclassified

7. Revisiting Security Constraints / Policies l Simple Constraint: Mission attribute of SHIP is Secret l Content-based constraint: If relation MISSION contains information about missions in Europe, then MISSION is Secret l Association-based Constraint: Ship’s location and mission taken together is Secret; individually each attribute is Unclassified l Release constraint: After X is released Y is Secret l Aggregate Constraint: Ten or more tuples taken together is Secret l Dynamic Constraint: After the Mission, information about the mission is Unclassified l Logical Constraint: A Implies B; therefore if B is Secret then A must be at least Secret

8. Enforcement of Security Constraints User Interface Manager Constraint Manager Security Constraints Query Processor: Constraints during query and release operations Update Processor: Constraints during update operation Database Design Tool Constraints during database design operation Database Data Manager

9. Query Algorithms l Query is modified according to the constraints l Release database is examined as to what has been released l Query is processed and response assembled l Release database is examined to determine whether the response should be released l Result is given to the user l Portions of the query processor are trusted

10. Update Algorithms l Certain constraints are examined during update operation l Example: Content-based constraints l The security level of the data is computed l Data is entered at the appropriate level l Certain parts of the Update Processor are trusted

11. Database Design Algorithms l Certain constraints are examined during the database design time - Example: Simple, Association and Logical Constraints l Schema are assigned security levels l Database is partitioned accordingly l Example: - If Ships location and mission taken together is Secret, then SHIP (S#, Sname) is Unclassified, LOC-MISS(S#, Location, Mission) is Secret LOC(Location) is Unclassified - MISS(Mission) is Unclassified

12. Example Security-Enhanced Semantic Web Security Policies Ontologies Rules Semantic Web Engine RDF, OWL Documents Web Pages, Databases Inference Engine/ Inference Controller Interface to the Security-Enhanced Semantic Web Technology to be developed by project