1. Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #25 Dependable Data Management April 12, 2005

2. Outline of the Unit l Secure Dependable Data Management l Secure Real-time Data Management l Secure Sensor Information Management

3. Secure Dependable Information Management: What is it? l Features of Secure Dependable Information Management - secure information management - fault tolerant information Management - High integrity and high assurance computing - Real-time computing - Trust management - Data Quality

4. Relationships between Dependability, Confidentiality, Privacy, Trust Dependability Confidentiality Privacy Trust Dependability: Security, Privacy, Trust, Real-time Processing, Fault Tolerance; also sometimes referred to as “Trustworthiness” Confidentiality: Preventing the release of unauthorized information considered sensitive Privacy: Preventing the release of unauthorized information about individuals considered sensitive Trust: Confidence one has that an individual will give him/her correct information or an individual will protect sensitive information

5. Secure Dependable Information Management: Integration l Integration of the different Features - Quality of Service - Need end-to-end dependability - Dependable OS, Dependable data management, Dependable middleware, Dependable networks

6. Secure Dependable Information Management: Integration

7. Secure Dependable Information Management: Conflict Resolution l Conflicts between different features - Security, Integrity, Fault Tolerance, Real-time Processing - E.g., A process may miss real-time deadlines when access control checks are made - Trade-offs between real-time processing and security l Need Flexible policies - Real-time processing may be critical during a mission while security may be critical during non-operational times

8. Secure Dependable Information Management Example: Next Generation AWACS Technology provided by the project Hardware Display Processor & Refresh Channels Consoles (14) Navigation Sensors Data Links Data Analysis Programming Group (DAPG) Future App Future App Future App Multi-Sensor Tracks Sensor Detections MSI App Data Mgmt. Data Xchg. Infrastructure Services Security being considered after the system has been designed and prototypes implemented Challenge: Integrating real-time processing, security and fault tolerance Real-time Operating System

9. Secure Dependable Information Management: Integration

10. Secure Dependable Information Management: Directions for Research l Challenge: How does a system ensure integrity, security, fault tolerant processing, and still meet timing constraints? - Develop flexible security policies; when is it more important to ensure real-time processing and ensure security? - Security models and architectures for the policies; Examine real- time algorithms – e.g.,query and transaction processing - Research for databases as well as for applications; what assumptions do we need to make about operating systems, networks and middleware? l Data may be emanating from sensors and other devices at multiple locations - Data may pertain to individuals (e.g. video information, images, surveillance information, etc.) - Data may be mined to extract useful information - Need to maintain privacy

11. Real-time Information Management l Real-time Operating Systems - E.g., Lynx OS l Real-time Data Management - Transactions must meet timing constraints - E.g., RT-Zip (product developed in the early 1990s) l Real-time Middleware - E.g., RT-ORB (www.omg.org) l Real-time networks - Real-time message passing l Need end-to-end real-time processing capability

12. Real-time Data Management

13. Real-time Data Management Management: Data Model l Data models such as relational and object models have time parameters l Data has timestamp as to when it was last updated l Data must be kept current and updated to meet timing constraints - E.g., Data cannot be more than 1 day old l Data processing algorithms (e.g., methods in an object model) must meet timing constraints - E.g., queries and transactions have to complete within a certain time

14. Real-time Data Management : Query l Queries have to meet timing constraints l Certain queries mazy be more important than the others - E.g. queries with short timing constraints l Queries are processed in such a way that all queries must meet the deadlines as much as possible l What happens if the deadlines are not met?

15. Real-time Data Management Management: Transactions l Transactions have to meet timing constraints l Transactions are assigned priorities depending on their deadlines - Those with shorter deadlines may be given higher priorities l Transactions with higher priorities are given resources such as locks’ l If transactions T1 has priority 8 and Transactions T2 has priority 5 and if both are competing for locks at these same time, T1 is given the lock l If T1 is waiting for a lock that T2 has, then should T2 be aborted and the lock given to T1?

16. Conflict between Security and Real-time Processing l Suppose transaction T1 has priority 8 and Transactions T2 has priority 5 l Assume that T2 is Unclassified and T1 is Secret l If T1 is waiting for a lock that T2 has, then one possibility is to abort T2 and give the lock to T1 l However T2 is Unclassified. Therefore actions of a Secret transaction have interfered with those of an unclassified transaction – potential for covert challenges l Should the system ensure that deadlines are met or should the system ensure security? l Access control checks also take time. Therefore in case of emergency should these checks be ignored?

17. Aspects of Data Quality

18. Applications l Protecting Critical Infrastructures - Power lines and Grids - Telecommunications - Food and water supplies - Reservoirs - Gas supplies - National Information Infrastructures l Protecting Information for the War fighters and Missions - Getting the right and secure information at the right time

19. Secure Sensor Information Management l Sensor network consists of a collection of autonomous and interconnected sensors that continuously sense and store information about some local phenomena - May be employed in battle fields, seismic zones, pavements l Data streams emanate from sensors; for geospatial applications these data streams could contain continuous data of maps, images, etc. Data has to be fused and aggregated l Continuous queries are posed, responses analyzed possibly in real- time, some streams discarded while rest may be stored l Recent developments in sensor information management include sensor database systems, sensor data mining, distributed data management, layered architectures for sensor nets, storage methods, data fusion and aggregation l Secure sensor data/information management has received very little attention; need a research agenda

20. Some Attacks on Sensors and Issues l Some attacks - Access control violations, Denial of service attacks, Sensor protocol attacks, Hardware attacks l Sensors are often places in enemy territory and are prone to various types of attacks including terrorist physical attacks l Sensors also have limited memory and resources and therefore attacks could cause many problems with little backup procedures l Wireless sensors are a special types of sensors embedded into PDAs and other devices - Many issues and challenges similar for sensors and wireless sensors - Need to carry out a comparison of the security issues involved

21. Secure Sensor Communication

22. Secure Sensor Data Manager: An Architecture

23. Secure Sensor Data Fusion: Inference Control

24. Secure Sensor Information Management: Directions for Research l Individual sensors may be compromised and attacked; need techniques for detecting, managing and recovering from such attacks l Aggregated sensor data may be sensitive; need secure storage sites for aggregated data; variation of the inference and aggregation problem? l Security has to be incorporated into sensor database management - Policies, models, architectures, queries, etc. l Evaluate costs for incorporating security especially when the sensor data has to be fused, aggregated and perhaps mined in real-time l Research on secure dependable information management for sensor data