1 / 20

Secure Dependable Stream Data Management

Secure Dependable Stream Data Management. Vana Kalogeraki (UC Riverside) Dimitrios Gunopulos (UC Riverside) Ravi Sandhu (UT San Antonio) Bhavani Thuraisingham (UT Dallas) May 2008. Outline. Dependable Information Management Integrating Real-time and Security Policies Secure Real-Time TMO

sabrinarollins
Download Presentation

Secure Dependable Stream Data Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Dependable Stream Data Management Vana Kalogeraki (UC Riverside) Dimitrios Gunopulos (UC Riverside) Ravi Sandhu (UT San Antonio) Bhavani Thuraisingham (UT Dallas) May 2008

  2. Outline • Dependable Information Management • Integrating Real-time and Security Policies • Secure Real-Time TMO • Apply RBAC and UCON models • Stream Data/Information Management • Overview, Data Manager, Security Policy, Directions • QoS-based Stream Execution Model

  3. Dependable Sensor Information Management • Dependable sensor information management includes • secure sensor information management • fault tolerant sensor information • High integrity and high assurance computing • Real-time computing • Conflicts between different features • Security, Integrity, Fault Tolerance, Real-time Processing • E.g., A process may miss real-time deadlines when access control checks are made • Trade-offs between real-time processing and security • Need flexible security policies; real-time processing may be critical during a mission while security may be critical during non-operational times

  4. Secure Dependable Information Management Example: Next Generation AWACS Technology provided by the project Navigation Display Consoles Data Analysis Programming Processor Data Links (14) Group (DAPG) & Sensors Refresh Channels Sensor Multi-Sensor • Security being considered after • the system has been designed • and prototypes implemented • Challenge: Integrating real-time • processing, security and • fault tolerance Detections Tracks Future Future Future App App App Data MSI Mgmt. App Data Xchg. Infrastructure Services Real-time Operating System Hardware

  5. Secure Dependable Information Management: Directions • Challenge: How does a system ensure integrity, security, fault tolerant processing, and still meet timing constraints? • Develop flexible security policies; when is it more important to ensure real-time processing and ensure security? • Secure dependable models and architectures for the policies; Examine real-time algorithms – e.g., query and transaction processing • Research for databases as well as for applications; what assumptions do we need to make about operating systems, networks and middleware? • Developing dependable sensor objects

  6. RBAC (Sandhu et al) and ABAC (Network Centric Enterprise Services) • RBAC • Access to information sources including structured and unstructured data both within the organization and external to the organization • Access based on roles • Hierarchy of roles: handling conflicts • Controlled dissemination and sharing of the data • ABAC (Attribute based access control) • User presents credentials • Depending on the user credentials user is granted access • Suitable for open web environments

  7. UCON (Sandhu et al) • RBAC model is incorporated into UCON and useful for various applications • Authorization component • Obligations • Obligations are actions required to be performed before an access is permitted • Obligations can be used to determine whether an expensive knowledge search is required • Attribute Mutability • Used to control the scope of the knowledge search • Condition • Can be used for resource usage policies to be relaxed or tightened

  8. UCON (Sandhu et al))

  9. TMO (Kane Kim et al) TMO model Capability for accessing other TMOs and network environment including logical multicast channels and I/O devices A TMO object ODSS1 ODSS2 EAC Object Data Store (ODS) Lock/Condition/CREW for Concurrent Access AAC: Autonomous Activation Condition AAC Time-triggered(TT) Spontaneous Methods(SpMs) SpM1 AAC SpM2 ServiceRequestQueue Deadlines SvM1 Message-triggered(MT) Service Methods(SvMs) Remote TMOClients SvM2 Concurrency Control

  10. Access Control mechanisms Role Based Access Control (RBAC) model Users (TMO objects) are associated with roles Roles are associated with permissions (Write, Read, Execution, All) A user has permission only if the user has an authorized role which is associated with that permission Inadequate for distributed real-time system Server side centralized model Need constraints on temporal behaviors of spontaneous methods in TMO RT-RBAC (Jungin Kim and Thuraisingham)

  11. RT-UCON (Jungin Kim and Thuraisingham) Basic authorization components for access control in TMO Continuity: dynamic and seamless constraints Mutability: control the scope of access Conditions: control the amount of access, access time Obligations: pre-conditions for determining access decisions Adequate for distributed real-time system Space and Time domain; Server and Client side control; Dynamic and Flexible Implemented access control through a separated object Checks access right, maintain access policies in the system ODS: stores static and dynamic access policies SpM: controls access policies in ODS SvM: handles access decision requests

  12. Secure CAMIN (Jungin Kim and Thuraisingham) • Mission: Defend target objects both in the sea and on the land from the hostile objects in the sky • Access control checks policies and security levels • Some malicious objects are added

  13. Secure Sensor/Stream Information Management • Sensor network consists of a collection of autonomous and interconnected sensors that continuously sense and store information about some local phenomena • May be employed in battle fields, seismic zones, pavements • Data streams emanate from sensors; for geospatial applications these data streams could contain continuous data of maps, images, etc. Data has to be fused and aggregated • Continuous queries are posed, responses analyzed possibly in real-time, some streams discarded while rest may be stored • Recent developments in sensor information management include sensor database systems, sensor data mining, distributed data management, layered architectures for sensor nets, storage methods, data fusion and aggregation • Secure sensor data/information management has received very little attention; need a research agenda

  14. Secure Sensor/Stream Information Management: Data Manager

  15. Policy Specification and Enforcement: Elena Ferrari and Barbara Carminati et al • Example: Aurora Stream Model develop by Stonebraker et al • Model Operators • Filter: Select on streams based on predicates; results is a sequence of streams • Map: Project onto attributes by applying certain functions • Aggregate: Aggregate/fuse streams • Secure Model Operators • Secure Filter: Form of secure selection where access to resulting streams are controlled • Secure Map: Access to resulting attributes are controlled • Secure Aggregation: Access to resulting stream is controlled • Access to original streams are controlled but not to the results

  16. Secure Sensor/Stream Information Management: Inference/Aggregation Control

  17. Additional security constraints for Additional security constraints for Federated Privacy Controller Federated Privacy Controller Inference Control Inference Control Integrated Policy for the Sensor Integrated Policy for the Sensor Federated Data Management Federated Data Management Network Network Export Export Export Export Export Export Export Export Policy Policy Engine Engine Policy Engine Engine Policy Export Export Export Export Policy Engine Engine Policy Generic Generic Privacy Privacy Privacy Generic Privacy Generic Policy for A Policy for A Controller Controller Controller Controller Policy for C Policy for C Privacy Generic Privacy Generic Controller Controller Policy for B Policy for B Component Component Component Component Data System Policy Policy Data System for Sensor A for Sensor A for Agency A for Agency A Component Component Component Component Data System Policy Data System Policy for Sensor C for Sensor C For Agency C For Agency C Component Component Component Component Data System Data System Policy Policy for Agency B for Sensor B for Sensor B for Agency B Secure Sensor/Stream Information Management:Security Policy Integration (MURI Project)

  18. Real-time Knowledge Discovery (RT-KDD) • How does a data mining technique meet the timing constraint? • E.g., if an association rule mining algorithm has a 5 minutes constraint, then should it output as many rules as possible within 5 minutes • How does this affect the accuracy of the results? • Will there be an increase in false positives and negatives? • Approximate data mining • Are there techniques analogous to techniques in approximate query processing • Are incomplete results better than no results • What are the applications for RT-KDD • Give the results to the first responder/law enforcement official in 5 minutes so that he can take appropriate actions • Secure RT-KDD?

  19. Secure Sensor/Stream Information Management: Directions • Individual sensors may be compromised and attacked; need techniques for detecting, managing and recovering from such attacks • Aggregated sensor data may be sensitive; need secure storage sites for aggregated data; variation of the inference and aggregation problem? • Security has to be incorporated into sensor database management • Policies, models, architectures, queries, etc. • Evaluate costs for incorporating security especially when the sensor data has to be fused, aggregated and perhaps mined in real-time • Data may be emanating from sensors and other devices at multiple locations • Data may pertain to individuals (e.g. video information, images, surveillance information, etc.); Data may be mined to extract useful information; Need to maintain privacy

  20. Secure Stream based Execution Model:Integrate Kalogeraki stream model with UCON • QoS based Infrastructure support for hosting stream based applications • Component Discovery • Data summarization and dissemination to propagate components and resource information to the appropriate nodes • Bloom filter data structure based techniques • QoS aware composition • For each application request the user specifies the data source, application graph (describing the application components and their invocations) and real-0time requirements • Apply UCON model as the basis for security • Integrate concepts from RT-UCON with stream based policies • Our approach: Specify security policies and prove that the resulting system is secure

More Related