Upload
jeffery-wilkinson
View
214
Download
0
Embed Size (px)
DESCRIPTION
Statistical Databases l Census Bureau has been focusing for decades on statistical inference and statistical database l Collections of data such as sums and averages may be given out but not the individual data elements l Techniques include - Perturbation where results are modified - Randomization where random samples are used to compute summaries l Techniques are being used now for privacy preserving data mining
Citation preview
Trustworthy Semantic Web
Dr. Bhavani ThuraisinghamThe University of Texas at Dallas
Inference Problem
March 4, 2011
History Statistical databases (1970s – present) Inference problem in databases (early 1980s - present) Inference problem in MLS/DBMS (late 1980s – present) Unsolvability results (1990) Logic for secure databases (1990) Semantic data model applications (late 1980s - present) Emerging applications (1990s – present) Privacy (2000 – present)
Statistical Databases Census Bureau has been focusing for decades on statistical
inference and statistical database Collections of data such as sums and averages may be given out
but not the individual data elements Techniques include - Perturbation where results are modified - Randomization where random samples are used to compute
summaries Techniques are being used now for privacy preserving data mining
Security Constraints / Access Control Rules / Policies
Simple Constraint: John cannot access the attribute Salary of relation EMP
Content-based constraint: If relation MISS contains information about missions in the Middle East, then John cannot access MISS
Association-based Constraint: Ship’s location and mission taken together cannot be accessed by John; individually each attribute can be accessed by John
Release constraint: After X is released Y cannot be accessed by John
Aggregate Constraint: Ten or more tuples taken together cannot be accessed by John
Dynamic Constraint: After the Mission, information about the mission can be accessed by John
Security Constraints/Policies for Healthcare Simple Constraint: Only doctors can access medical records Content-based constraint: If the patient has Aids then this
information is private Association-based Constraint: Names and medical records taken
together is private Release constraint: After medical records are released, names
cannot be released Aggregate Constraint: The collection of patients is private,
individually public Dynamic Constraint: After the patient dies, information about him
becomes public
Inference Problem in MLS/DBMS
Inference is the process of forming conclusions from premises
If the conclusions are unauthorized, it becomes a problem
Inference problem in a multilevel environment
Aggregation problem is a special case of the inference problem - collections of data elements is Secret but the individual elements are Unclassified
Association problem: attributes A and B taken together is Secret - individually they are Unclassified
Revisiting Security Constraints / Policies Simple Constraint: Mission attribute of SHIP is Secret Content-based constraint: If relation MISSION contains information
about missions in Europe, then MISSION is Secret Association-based Constraint: Ship’s location and mission taken
together is Secret; individually each attribute is Unclassified Release constraint: After X is released Y is Secret Aggregate Constraint: Ten or more tuples taken together is Secret Dynamic Constraint: After the Mission, information about the
mission is Unclassified Logical Constraint: A Implies B; therefore if B is Secret then A must
be at least Secret
Enforcement of Security Constraints
User Interface Manager
ConstraintManager
Security Constraints
Query Processor:
Constraints during query and release operations
Update Processor:
Constraints during update operation
Database Design Tool
Constraints during database design operation
DatabaseData Manager
Query Algorithms
Query is modified according to the constraints Release database is examined as to what has been released Query is processed and response assembled Release database is examined to determine whether the response
should be released Result is given to the user Portions of the query processor are trusted
Update Algorithms
Certain constraints are examined during update operation Example: Content-based constraints The security level of the data is computed Data is entered at the appropriate level Certain parts of the Update Processor are trusted
Database Design Algorithms
Certain constraints are examined during the database design time- Example: Simple, Association and Logical Constraints
Schema are assigned security levels Database is partitioned accordingly Example:- If Ships location and mission taken together is Secret, then
SHIP (S#, Sname) is Unclassified, LOC-MISS(S#, Location, Mission) is Secret LOC(Location) is Unclassified- MISS(Mission) is Unclassified
Example Security-Enhanced Semantic Web
Security Policies
Ontologies
Rules
Semantic Web Engine
RDF, OWLDocumentsWeb Pages, Databases
Inference Engine/Inference Controller
Interface to the Security-Enhanced Semantic WebTechnology
to be developed by project