Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Introduction to the Course
January 20, 2012

 This unit provides an overview of the course. The course describes concepts, developments, challenges, and directions in data and applications security. Topics include
database security, distributed data management security, object security, data warehouse security, data mining for security applications, privacy, secure semantic web, secure digital libraries, secure knowledge management and secure sensor information management, biometrics

 Outline of Course
 Course Work
 Course Rules
 Contact

 Unit #1: Introduction to Data and Applications
 Part I: Background
-
Unit #2: Data Management
-
Unit #3: Information Security
-
Unit #4: Information Management
 Part II: Discretionary Security
-
Unit #5: Concepts
-
Unit #6: Policy Enforcement
 Part III: Mandatory Security
-
Unit #7: Concepts
-
Unit #8: Architectures

 Part IV: Secure Relational Data Management
-
Unit #9: Data Model
-
Unit #10: Functions
-
Unit #11: Prototypes and Products
 Part V: Inference Problem
-
Unit #12: Concepts
-
Unit #13: Constraint Processing
-
Unit #14: Conceptual Structures
 Part VI: Secure Distributed Data Management
-
Unit #15: Secure Distributed data management
-
Unit #16: Secure Heterogeneous Data Integration
-
Unit #17: Secure Federated Data Management

 Part VII: Secure Object Data Management
-
Unit #18: Secure Object Management
-
Unit #19: Secure Distributed Objects and Modeling Applications
-
Unit #20: Secure Multimedia Systems
 Part VIII: Data Warehousing, Data Mining and Security
-
Unit #21: Secure Data Warehousing
-
Unit #22: Data Mining for Security Applications
-
Unit #23: Privacy
 Part IX: Secure Information Management
-
Unit #24: Secure Digital Libraries
-
Unit #25: Secure Semantic Web (web services, XML security)
-
Unit #26: Secure Information and Knowledge Management

 Part X: Emerging Technologies
-
Unit #27: Secure Dependable Data Management
-
Unit #28: Secure Sensor and Wireless Data Management
-
Unit #29: Other Emerging Technologies
 Unit #30 Conclusion to the Course
 Guest Lectures Some guest lectures may be included
 Some other topics
 Review for exams

 2 Exams: 20 points each
-
Exam #1: March 9; Exam #2: May 4
 Programming Project and demonstration, 16 points
-
April 27
 Term Paper and presentation: 12 points
-
April 13
 4 Homework assignments: 8 points each
-
February 17, March 2, March 30, April 20

 XML Security
 Inference Problem
 Privacy
 Secure Biometrics
 Intrusion Detection
 E-Commerce Security
 Secure Sensor Information Management
 Secure Distributed Systems
 Secure Semantic Web
 Secure Data Warehousing
 Insider Threat Analysis
 Secure Multimedia Systems

 Abstract
 Introduction
 Background on the Topic
 Survey of various techniques, designs etc,
 Analyze the techniques, designs etc. and give your opinions
 Directions for further work
 Summary and Conclusions
 References

 Abstract
 Introduction
 Background on the Topic and Related Work
 Discuss strengths and weaknesses of your work and others’ work
 Give your own design
 Directions for further work
 Summary and Conclusions
 References

 Overview of the Project
 Design of the System
 Input/Output
 Future Enhancements
 References

 Quivery Modification on XML Documents
 Access control for web systems
 Intrusion detection system
 Access control for multimedia systems
-
E.g., access control for image, video
 Role-based access control system
 Access control for object systems
 Secure data warehouse

 Course attendance is mandatory; unless permission is obtained from instructor for missing a class with a valid reason
(documentation needed for medical emergency for student or a close family member – e.g., spouse, parent, child). Attendance will be collected every lecture. 5 points will be deducted out of 100 for each lecture missed without approval.
 Each student will work individually
 Late assignments will not be accepted. All assignments have to be turned in just after the lecture on the due date
 No make up exams unless student can produce a medical certificate or give evidence of close family emergency
 Copying material from other sources will not be permitted unless the source is properly referenced
 Any student who plagiarizes from other sources will be reported to the appropriate UTD authroities

 For more information please contact
-
Dr. Bhavani Thuraisingham
-
Professor of Computer Science and
-
Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of
Texas at Dallas Richardson, TX 75080
-
Phone: 972-883-4738
-
Fax: 972-883-2399
-
Email: bhavani.thuraisingham@utdallas.edu
-
URL: http://www.utdallas.edu/~bxt043000/

 Multilevel Object Security
-
Bhavani M. Thuraisingham: Mandatory Security in Object-
Oriented Database Systems. OOPSLA 1989 : 203-210
 Distributed Inference Control
-
Bhavani M. Thuraisingham, William Ford : Security
Constraints in a Multilevel Secure Distributed Database
Management System. IEEE Trans. Knowl. Data Eng. 7 (2):
274-293 (1995)
 Secure Geospatial Systems
-
Elisa Bertino, Bhavani M. Thuraisingham, Michael Gertz ,
Maria Luisa Damiani : Security and privacy for geospatial data: concepts and research directions. SPRINGL 2008 : 6-
19
 Additional papers for assignment 1

 Lecture 1: Introduction (this unit)
 Lecture 2: Security Modules
 Lecture 3: Data, Info and Knowledge Management
 Lecture 4: Access Control
 Lecture 5: Policies
 Lecture 6: Assignment #1
 Lecture 7: Multilevel Database Management
 Lecture 8: Dr. Hamlen guest lecture
 Lecture 9: Inference Problem 1
 Lecture 10: Inference Problem 2
 Lecture 11: Assignment #2
 Lecture 12: Secure distributed, heterogeneous, federated data
 Lecture 13: Secure objects

 Elisa Bertino , Barbara Carminati , Elena Ferrari , Bhavani M.
Thuraisingham, Amar Gupta : Selective and Authentic Third-Party
Distribution of XML Documents. IEEE Trans. Knowl. Data Eng.
16 (10): 1263-1278 (2004)
 Timothy W. Finin , Anupam Joshi , Lalana Kagal , Jianwei Niu , Ravi S.
Sandhu , William H. Winsborough , Bhavani M. Thuraisingham:
ROWLBAC: representing role based access control in OWL.
SACMAT 2008 : 73-82
 Barbara Carminati , Elena Ferrari , Raymond Heatherly , Murat
Kantarcioglu , Bhavani M. Thuraisingham: A semantic web based framework for social network access control. SACMAT 2009 : 177-186
 Jungin Kim , Bhavani M. Thuraisingham: Dependable and Secure
TMO Scheme. ISORC 2006 : 133-140

 Lecture 14: Data warehousing, data mining and security
(March 2, 2012)
 Lecture 15: Blank
 Lecture 16: Privacy (March 9, 2012)
 Lecture 17: Assignment #3
 Lecture 18: Lecture by Dr. Tahseen (March 23, 2012)
 Lecture 19: Data Mining for Malware detection (March 23,
2012)
 Lecture 20: Attacks to databases (March 23, 2012)
 Lecture 21: Threats to info security by Dr. Goel (Module 1 only)
 Lecture 22: Intro to semantic web (March 30, 2012)
 Lecture 23: Trustworthy semantic web (March 30, 2012)

 Lecture 24: Secure Third Party Publication of XML data (April
6, 2012)
 Lecture 25: NIST Project, Guest lecture Ms. Jyothsna (April 6)
 Lecture 26: Security for web services (April 13, 2012)
 Lecture 27: Secure Social Networks (April 13, 2012)
 Lecture 28: Comprehensive overview of cloud computing
(April 20, 2012)
 Lecture 29: Secure knowledge management and web security
(April 13, 2012)
 Lecture 30: Assured Cloud Computing (April 20, 2012)
 Lecture 31: Assignment #4
 Lecture 32: Dependable data management (April 27, 2012)
 Lecture 33: Digital Forensics and Biometrics (April 27, 2012)
 Lecture 34: Lecture by Dr. Neda (given on April 20, 2012)

 Module 1: Cyber Security, Data management, Data Security Intro
 Module 2: Discretionary security and policy management for data
 Module 3: Multilevel secure data management
 Module 4: Distributed, Heterogeneous and federated data management and Assured Information Sharing
 Module 5: Secure object and multimedia management
 Module 6: Data warehousing, Data Mining for security (malware) and
Privacy Aspects
 Module 7: Semantic Web and Security
 Module 8:Secure web services, Secure Knowledge Management and
Social networking
 Module 9: Secure Cloud Data Management
 Module 10: Secure Dependable and Real-time data management
 Module 11: Misc topics: Digital Forensics, Biometric cs, etc.