1 / 18

Security & Privacy Preserved Information Brokerage System

Security & Privacy Preserved Information Brokerage System. Fengjun Li fli@ist.psu.edu College of IST, Penn State University. Introduction. Privacy-preserved mechanism. 1. 2. 3. 4. 5. Conclusion and Q&A. Information Brokerage Systems. Security-preserved mechanism.

maggie-marquez
Download Presentation

Security & Privacy Preserved Information Brokerage System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security & Privacy Preserved Information Brokerage System Fengjun Li fli@ist.psu.edu College of IST, Penn State University F. Li 05/15/06

  2. Introduction Privacy-preserved mechanism 1 2 3 4 5 Conclusion and Q&A Information Brokerage Systems Security-preserved mechanism F. Li 05/15/06

  3. Universal Connectivity content/location discovery … … security & privacy risks poor usability F. Li 05/15/06

  4. Information Brokerage System Security & privacy? Data sources connected with the help of brokers User send query to local broker that help route it to targeted data sources F. Li 05/15/06

  5. Security Enforcement – from the perspective of performance • Access Control • Traditional AC enforcement and IBS architecture • Any other choice F. Li 05/15/06

  6. Or further • If we could drag the AC out of DBMS … F. Li 05/15/06

  7. Why dragging security check out of DBMS and pushing it to the brokers? • – A performance based reason F. Li 05/15/06

  8. Preliminary • XML Access Control Model • Role-based Access Control • 5-tuple access control rules (ACR) • QFilter: enforcing AC via query written • Using Non-deterministic Finite Automata (NFA) to hold ACR • Query either rejected or accepted (w/o rewritten) F. Li 05/15/06

  9. QFilter Example F. Li 05/15/06

  10. Our Approach • Merge the QFilters of several roles to an integrated Multi-Role QFilter • A naïve approach – QFilter Array • Use the similar NFA-based mechanism to represent the routing information (called index rules) • Merge index rules into Multi-Role QFilter for further performance improvement F. Li 05/15/06

  11. An Example of Multi-Role QFilter An Example of Index Rules F. Li 05/15/06

  12. An Example of Indexed Multi-Role QFilter - Merging index rules into Multi-Role QFilter F. Li 05/15/06

  13. Why dragging security check out of DBMS and pushing it to the brokers? • – Previous example re-visit F. Li 05/15/06

  14. Performance Metrics 1 - Memory Consumption Performance Metrics 2 – In-broker Query Response Time & Overall Query Response Time • Performance Metrics 3 –Network Traffic • - Save 87.5% (by analyzing) F. Li 05/15/06

  15. Privacy Preserving Mechanism • Possible privacy breaches: • Privacy of the query location • Privacy of the query content • Privacy of the access control rule • Privacy of the data location • Privacy of the data content F. Li 05/15/06

  16. Information Brokerage System • New architecture F. Li 05/15/06

  17. Trust Relationship F. Li 05/15/06

  18. F. Li 05/15/06

More Related