Introduction to Biometrics

1
Introduction to Biometrics

• Dr. Bhavani Thuraisingham
• The University of Texas at Dallas
• Lecture 2
• Information Security
• August 24, 2005

2
Outline

• Operating Systems Security
• Network Security
• Designing and Evaluating Systems
• Web Security
• Other Security Technologies
• Data and Applications Security

3
Operating System Security

• Access Control
• Subjects are Processes and Objects are Files
• Subjects have Read/Write Access to Objects
• E.g., Process P1 has read acces to File F1 and
  write access to File F2
• Capabilities
• Processes must presses certain Capabilities /
  Certificates to access certain files to execute
  certain programs
• E.g., Process P1 must have capability C to read
  file F

4
Mandatory Security

• Bell and La Padula Security Policy
• Subjects have clearance levels, Objects have
  sensitivity levels clearance and sensitivity
  levels are also called security levels
• Unclassified
• Compartments are also possible
• Compartments and Security levels form a partially
  ordered lattice
• Security Properties
• Simple Security Property Subject has READ access
  to an object of the subjects security level
  dominates that of the objects
• Star () Property Subject has WRITE access to an
  object if the subjects security level is
  dominated by that of the objects\

5
Covert Channel Example

• Trojan horse at a higher level covertly passes
  data to a Trojan horse at a lower level
• Example
• File Lock/Unlock problem
• Processes at Secret and Unclassified levels
  collude with one another
• When the Secret process lock a file and the
  Unclassified process finds the file locked, a 1
  bit is passed covertly
• When the Secret process unlocks the file and the
  Unclassified process finds it unlocked, a 1 bit
  is passed covertly
• Over time the bits could contain sensitive data

6
Network Security

• Security across all network layers
• E.g., Data Link, Transport, Session,
  Presentation, Application
• Network protocol security
• Ver5ification and validation of network protocols
• Intrusion detection and prevention
• Applying data mining techniques
• Encryption and Cryptography
• Access control and trust policies
• Other Measures
• Prevention from denial of service, Secure
  routing, - - -

7
Steps to Designing a Secure System

• Requirements, Informal Policy and model
• Formal security policy and model
• Security architecture
• Identify security critical components these
  components must be trusted
• Design of the system
• Verification and Validation

8
Product Evaluation

• Orange Book
• Trusted Computer Systems Evaluation Criteria
• Classes C1, C2, B1, B2, B3, A1 and beyond
• C1 is the lowest level and A1 the highest level
  of assurance
• Formal methods are needed for A1 systems
• Interpretations of the Orange book for Networks
  (Trusted Network Interpretation) and Databases
  (Trusted Database Interpretation)
• Several companion documents
• Auditing, Inference and Aggregation, etc.
• Many products are now evaluated using the federal
  Criteria

9
Security Threats to Web/E-commerce
10
Approaches and Solutions

• End-to-end security
• Need to secure the clients, servers, networks,
  operating systems, transactions, data, and
  programming languages
• The various systems when put together have to be
  secure
• Composable properties for security
• Access control rules, enforce security policies,
  auditing, intrusion detection
• Verification and validation
• Security solutions proposed by W3C and OMG
• Java Security
• Firewalls
• Digital signatures and Message Digests,
  Cryptography

11
E-Commerce Transactions

• E-commerce functions are carried out as
  transactions
• Banking and trading on the internet
• Each data transaction could contain many tasks
• Database transactions may be built on top of the
  data transaction service
• Database transactions are needed for multiuser
  access to web databases
• Need to enforce concurrency control and recovery
  techniques

12
Types of Transaction Systems

• Stored Account Payment
• e.g., Credit and debit card transactions
• Electronic payment systems
• Examples First Virtual, CyberCash, Secure
  Electronic Transaction
• Stored Value Payment
• Uses bearer certificates
• Modeled after hard cash
• Goal is to replace hard cash with e-cash
• Examples E-cash, Cybercoin, Smart cards

13
What is E-Cash?

• Electronic Cash is stored in a hardware token
• Token may be loaded with money
• Digital cash from the bank
• Buyer can make payments to sellers token
  (offline)
• Buyer can pay to sellers bank (online)
• Both cases agree upon protocols
• Both parties may use some sort of cryptographic
  key mechanism to improve security

14
Other Security Technologies

• Data and Applications Security
• Middleware Security
• Insider Threat Analysis
• Risk Management
• Trust and Economics
• Biometrics

15
Developments in Data and Applications
Security 1975 - Present

• Access Control for Systems R and Ingres (mid
  1970s)
• Multilevel secure database systems (1980
  present)
• Relational database systems research prototypes
  and products Distributed database systems
  research prototypes and some operational systems
  Object data systems Inference problem and
  deductive database system Transactions
• Recent developments in Secure Data Management
  (1996 Present)
• Secure data warehousing, Role-based access
  control (RBAC) E-commerce XML security and
  Secure Semantic Web Data mining for intrusion
  detection and national security Privacy
  Dependable data management Secure knowledge
  management and collaboration

16
Developments in Data and Applications
Security Multilevel Secure Databases - I

• Air Force Summer Study in 1982
• Early systems based on Integrity Lock approach
• Systems in the mid to late 1980s, early 90s
• E.g., Seaview by SRI, Lock Data Views by
  Honeywell, ASD and ASD Views by TRW
• Prototypes and commercial products
• Trusted Database Interpretation and Evaluation of
  Commercial Products
• Secure Distributed Databases (late 80s to mid
  90s)
• Architectures Algorithms and Prototype for
  distributed query processing Simulation of
  distributed transaction management and
  concurrency control algorithms Secure federated
  data management

17
Developments in Data and Applications
Security Multilevel Secure Databases - II

• Inference Problem (mid 80s to mid 90s)
• Unsolvability of the inference problem Security
  constraint processing during query, update and
  database design operations Semantic models and
  conceptual structures
• Secure Object Databases and Systems (late 80s to
  mid 90s)
• Secure object models Distributed object systems
  security Object modeling for designing secure
  applications Secure multimedia data management
• Secure Transactions (1990s)
• Single Level/ Multilevel Transactions Secure
  recovery and commit protocols

18
Some Directions and Challenges for Data and
Applications Security - I

• Secure semantic web
• Single/multiple security models?
• Different application domains
• Secure Information Integration
• How do you securely integrate numerous and
  heterogeneous data sources on the web and
  otherwise
• Secure Sensor Information Management
• Fusing and managing data/information from
  distributed and autonomous sensors
• Secure Dependable Information Management
• Integrating Security, Real-time Processing and
  Fault Tolerance
• Data Sharing vs. Privacy
• Federated database architectures?

19
Some Directions and Challenges for Data and
Applications Security - II

• Data mining and knowledge discovery for intrusion
  detection
• Need realistic models real-time data mining
• Secure knowledge management
• Protect the assets and intellectual rights of an
  organization
• Information assurance, Infrastructure protection,
  Access Control
• Insider cyber-threat analysis, Protecting
  national databases, Role-based access control for
  emerging applications
• Security for emerging applications
• Geospatial, Biomedical, E-Commerce, etc.
• Other Directions
• Trust and Economics, Trust Management/Negotiation,
  Secure Peer-to-peer computing,

20
Layered Architecture for Dependable
Semantic Web

• Adapted from Tim Berners Lees description of the
  Semantic Web

• Some Challenges Security and Privacy cut across
  all layers Integration of Services Composability

21
Secure Sensor Information Management Directions
for Research

• Individual sensors may be compromised and
  attacked need techniques for detecting, managing
  and recovering from such attacks
• Aggregated sensor data may be sensitive need
  secure storage sites for aggregated data
  variation of the inference and aggregation
  problem?
• Security has to be incorporated into sensor
  database management
• Policies, models, architectures, queries, etc.
• Evaluate costs for incorporating security
  especially when the sensor data has to be fused,
  aggregated and perhaps mined in real-time
• Need secure dependable information management for
  sensor data

22
Secure Dependable Information Management

• Dependable information management includes
• secure information management
• fault tolerant information
• High integrity and high assurance computing
• Real-time computing
• Conflicts between different features
• Security, Integrity, Fault Tolerance, Real-time
  Processing
• E.g., A process may miss real-time deadlines when
  access control checks are made
• Trade-offs between real-time processing and
  security
• Need flexible security policies real-time
  processing may be critical during a mission while
  security may be critical during non-operational
  times

23
Secure Dependable Information Management Example
Next Generation AWACS
Navigation
Display
Consoles
Data Analysis Programming
Processor
Data Links
(14)
Group (DAPG)

Sensors
Refresh
Channels
Multi-Sensor
Sensor

• Security being considered after
• the system has been designed
• and prototypes implemented
• Challenge Integrating real-time
• processing, security and
• fault tolerance

Tracks
Detections

• Technology provided by the project

Future
Future
Future
App
App
App
MSI
Data
App
Mgmt.
Data
Xchg.
Infrastructure Services
Real-time Operating System
Hardware
24
Research Directions for Privacy

• Why this interest now on privacy?
• Data Mining for National Security
• Data Mining is a threat to privacy
• Balance between data sharing/mining and privacy
• Privacy Preserving Data Mining
• Inference Problem as a Privacy Problem
• Data Sharing Across Coalitions

25
Data Mining to Handle Security Problems

• Data mining tools could be used to examine audit
  data and flag abnormal behavior
• Much recent work in Intrusion detection
• e.g., Neural networks to detect abnormal patterns
• Tools are being examined to determine abnormal
  patterns for national security
• Classification techniques, Link analysis
• Fraud detection
• Credit cards, calling cards, identity theft etc.

26
What can we do? Privacy Preserving Data Mining

• Prevent useful results from mining
• limit data access to ensure low confidence and
  support
• Extra data (cover stories) to give false
  results with Providing only samples of data can
  lower confidence in mining results
• Idea If adversary is unable to learn a good
  classifier from the data, then adversary will be
  unable to learn good
• rules, predictive functions
• Approach Only make a sample of data available
• Limits ability to learn good classifier
• Several recent research efforts have been
  reported

27
Inference Problem as a Privacy Problem Privacy
Constraint Processing
User Interface Manager
Privacy Constraints
Constraint Manager
Database Design Tool Constraints during database
design operation
Update Processor Constraints during update
operation
Query Processor Constraints during query and
release operations
DBMS
Database
28
Secure Data Sharing Across Coalitions
Data/Policy for Coalition
Export
Export
Data/Policy
Data/Policy
Export
Data/Policy
Component
Component
Data/Policy for
Data/Policy for
Agency A
Agency C
Component
Data/Policy for
Agency B