Next Generation Web Security Concerns

The evolution of the web, cyber security, and the limitations of existing security mechanisms to safeguard data and applications on the next generation web are highlighted. Factors like impact of cyber attacks, cyber security components, web evolution, research limitations, and secure XML views are discussed along with examples.

• Security Concerns
• Cyber Attacks
• Web Evolution
• Research Limitations
• Secure XML Views

jeva_969 Follow

Uploaded on Mar 06, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Csilla Farkas Department of Computer Science and Engineering University of South Carolina farkas@cec.sc.edu

2. Who is Impacted by Cyber Attacks? Source: http://www.cagle.com/2010/05/internet-privacy/

3. What is Cyber Security? Highly Technical People, processes, and technology Legislation and Regulation Risk management

4. Web Evolution Past: Human usage HTTP Static Web pages (HTML) Current: Human and some automated usage Interactive Web pages Web Services (WSDL, SOAP, SAML) Semantic Web (RDF, OWL, RuleML, Web databases) XML technology (data exchange, data representation) Future: Semantic Web Services

5. ARE THE EXISTING SECURITY MECHANISMS SUFFICIENT TO PROVIDE DATA AND APPLICATION SECURITY OF THE NEXT GENERATION WEB?

6. Limitation of Research Syntax-based No association protection Limited handling of updates No data or application semantics No inference control

7. Secure XML Views - Example medicalFiles <medicalFiles> UC <countyRec> S <patient> S <name>John Smith </name> UC <phone>111-2222</phone> S </patient> <physician>Jim Dale </physician> UC </countyRec> <milBaseRec> TS <patient> S <name>Harry Green</name> UC <phone>333-4444</phone> S </patient> <physician>Joe White </physician> UC <milTag>MT78</milTag> TS </milBaseRec> </medicalFiles> milBaseRec countyRec milTag MT78 physician Jim Dale physician Joe White patient patient name phone 111-2222 name phone 333-4444 John Smith Harry Green View over UC data

8. Secure XML Views - Example cont. medicalFiles <medicalFiles> <countyRec> <patient> <name>John Smith</name> </patient> <physician>Jim Dale</physician> </countyRec> <milBaseRec> <patient> <name>Harry Green</name> </patient> <physician>Joe White</physician> </milBaseRec> </medicalFiles> milBaseRec countyRec physician Jim Dale physician Joe White patient patient name name John Smith Harry Green View over UC data

9. Secure XML Views - Example cont. medicalFiles <medicalFiles> <tag01> <tag02> <name>John Smith</name> </tag02> <physician>Jim Dale</physician> </tag01> <tag03> <tag02> <name>Harry Green</name> </tag02> <physician>Joe White</physician> </tag03> </medicalFiles> milBaseRec countyRec physician Jim Dale physician Joe White patient patient name name John Smith Harry Green View over UC data

10. Secure XML Views - Example cont. medicalFiles <medicalFiles> UC <countyRec> S <patient> S <name>John Smith</name> UC </patient> <physician>Jim Dale</physician> UC </countyRec> <milBaseRec> TS <patient> S <name>Harry Green</name> UC </patient> <physician>Joe White</physician> UC </milBaseRec> </medicalFiles> countyRec milBaseRec physician Jim Dale physician Joe White patient patient name name John Smith Harry Green View over UC data

11. Secure XML Views - Example cont. medicalFiles <medicalFiles> <name>John Smith</name> <physician>Jim Dale</physician> <name>Harry Green</name> <physician>Joe White</physician> </medicalFiles> physician Jim Dale name physician Joe White name John Smith Harry Green View over UC data

12. Secure XML Views - Solution Multi-Plane DTD Graph (MPG) Minimal Semantic Conflict Graph (association preservation) Cover story Transformation rules

13. Multi-Plane DTD Graph MPG = DTD graph over multiple security planes <milBaseRec> <milTag> TopSecret UC D,medicalFiles <countyRec> S TS <patient> D, countyRec D, milBaseRec Secret <phone> UC S TS D, physician D, patient D, milTag <physician> <name> UC S <medicalFiles> D, name D, phone Unclassified

14. Transformation - Example <milBaseRec> MPG <milTag> TS MSCG <countyRec> <patient> name phone S <phone> physician <medicalFiles> Security Space Secret UC <physician> <name>

15. Transformation - Example <milBaseRec> <milTag> TS <countyRec> <patient> name S <phone> physician <emrgRec> <medicalFiles> MSCG UC <physician> <name> SP MPG

16. Transformation - Example <milBaseRec> <milTag> TS <countyRec> <patient> S <phone> <emrgRec> <medicalFiles> MSCG UC <physician> <name> SP MPG

17. Transformation - Example <milBaseRec> <milTag> TS medicalFiles <countyRec> <patient> emergencyRec S <phone> <emrgRec> physician name <medicalFiles> UC <physician> <name> SP Data Structure MPG

18. The Inference Problem General Purpose Database: Non-confidential data + Metadata Undesired Inferences Semantic Web: Non-confidential data + Metadata (data and application semantics) + Computational Power + Connectivity Undesired Inferences

19. Association Graph Association similarity measure Distance of each node from the association root Difference of the distance of the nodes from the association root Complexity of the sub-trees originating at nodes Example: XML document: Association Graph: Public Air show Public, AC fort address fort address

20. Correlated Inference Concept Generalization: weighted concepts, concept abstraction level, range of allowed abstractions Public Object[]. waterSource :: Object basin :: waterSource place :: Object district :: place address :: place base :: Object fort :: base fort address Public basin district ? Confidential base Water source

21. Correlated Inference (cont.) place base Object[]. waterSource :: Object basin :: waterSource place :: Object district :: place address :: place base :: Object fort :: base Public fort Base address Place Public basin district Water source Water Source Confidential base Water source 21

22. Inference Removal Relational databases: limit access to data Web inferences Cannot redesign public data outside of protection domain Cannot modify/refuse answer to already published web page Protection Options Release misleading information Remove information Control access to metadata

23. Big Data Analytics: Are there new questions? Technologies Big Data characteristics Volume Variety Velocity live database, fast growth

24. Past: The Inference Problem Access Control Confidential Public Organizational Data X Attacker Data Integration and Inferences Ontology Web Data

25. Present: Big Data Inferences Private ? Data Integration and Inferences Ontology Web Data Secure ?

26. Future: Research Challenges Security for raw data Flexible access control Data removal Security for metadata Protection need of novel, new concept Metadata guided attacks Cross-context attacks Correlate data across multiple contexts Semantic Web Technologies

27. Need for Visualization Context 1 Context 2 Context 3

28. Questions?

29. National Center of Academic Excellence in Information Assurance Education National Training Standards, Knowledge Units

30. CIAE Mission OUTREACH RESEARCH EDUCATION

31. CIAE Mission OUTREACH RESEARCH EDUCATION IA courses IA specialization Applied Computing Graduate IA Certificate Higher Educational Institutes K-12 Cyber Security Education Industry Partnership

32. CIAE Mission RESEARCH External funding Peer-reviewed publications Ph.D. graduates OUTREACH EDUCATION