Lectures On Data Security

Operating systems provide the fundamental mechanisms for securing computer processing. Since the 1960s, operating systems designers have explored how to build "secure" operating systems - operating systems whose mechanisms protect the system against a motivated adversary. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this book, we examine past research that outlines the requirements for a secure operating system and research that implements example systems that aim for such requirements. For system designs that aimed to satisfy these requirements, we see that the complexity of software systems often results in implementation challenges that we are still exploring to this day. However, if a system design does not aim for achieving the secure operating system requirements, then its security features fail to protect the system in a myriad of ways. We also study systems that have been retrofit with secure operating system features after an initial deployment. In all cases, the conflict between function on one hand and security on the other leads to difficult choices and the potential for unwise compromises. From this book, we hope that systems designers and implementors will learn the requirements for operating systems that effectively enforce security and will better understand how to manage the balance between function and security. Table of Contents: Introduction / Access Control Fundamentals / Multics / Security in Ordinary Operating Systems / Verifiable Security Goals / Security Kernels / Securing Commercial Operating Systems / Case Study: Solaris Trusted Extensions / Case Study: Building a Secure Operating System for Linux / Secure Capability Systems / Secure Virtual Machine Systems / System Assurance

This tutorial volume is based on a summer school on cryptology and data security held in Aarhus, Denmark, in July 1998. The ten revised lectures presented are devoted to core topics in modern cryptololgy. In accordance with the educational objectives of the school, elementary introductions are provided to central topics, various examples are given of the problems encountered, and this is supplemented with solutions, open problems, and reference to further reading. The resulting book is ideally suited as an up-to-date introductory text for students and IT professionals interested in modern cryptology.

Secure data science, which integrates cyber security and data science, is becoming one of the critical areas in both cyber security and data science. This is because the novel data science techniques being developed have applications in solving such cyber security problems as intrusion detection, malware analysis, and insider threat detection. However, the data science techniques being applied not only for cyber security but also for every application area—including healthcare, finance, manufacturing, and marketing—could be attacked by malware. Furthermore, due to the power of data science, it is now possible to infer highly private and sensitive information from public data, which could result in the violation of individual privacy. This is the first such book that provides a comprehensive overview of integrating both cyber security and data science and discusses both theory and practice in secure data science. After an overview of security and privacy for big data services as well as cloud computing, this book describes applications of data science for cyber security applications. It also discusses such applications of data science as malware analysis and insider threat detection. Then this book addresses trends in adversarial machine learning and provides solutions to the attacks on the data science techniques. In particular, it discusses some emerging trends in carrying out trustworthy analytics so that the analytics techniques can be secured against malicious attacks. Then it focuses on the privacy threats due to the collection of massive amounts of data and potential solutions. Following a discussion on the integration of services computing, including cloud-based services for secure data science, it looks at applications of secure data science to information sharing and social media. This book is a useful resource for researchers, software developers, educators, and managers who want to understand both the high level concepts and the technical details on the design and implementation of secure data science-based systems. It can also be used as a reference book for a graduate course in secure data science. Furthermore, this book provides numerous references that would be helpful for the reader to get more details about secure data science.

FOSAD has been one of the foremost educational events established with the goal of disseminating knowledge in the critical area of security in computer systems and networks. Offering a timely spectrum of current research in foundations of security, FOSAD also proposes panels dedicated to topical open problems, and giving presentations about ongoing work in the field, in order to stimulate discussions and novel scientific collaborations. This book presents thoroughly revised versions of nine tutorial lectures given by leading researchers during three International Schools on Foundations of Security Analysis and Design, FOSAD, held in Bertinoro, Italy, in September 2010 and August/September 2011. The topics covered in this book include privacy and data protection; security APIs; cryptographic verification by typing; model-driven security; noninterfer-quantitative information flow analysis; and risk analysis.

As data represent a key asset for today's organizations, the problem of how to protect this data from theft and misuse is at the forefront of these organizations' minds. Even though today several data security techniques are available to protect data and computing infrastructures, many such techniques -- such as firewalls and network security tools -- are unable to protect data from attacks posed by those working on an organization's "inside." These "insiders" usually have authorized access to relevant information systems, making it extremely challenging to block the misuse of information while still allowing them to do their jobs. This book discusses several techniques that can provide effective protection against attacks posed by people working on the inside of an organization. Chapter One introduces the notion of insider threat and reports some data about data breaches due to insider threats. Chapter Two covers authentication and access control techniques, and Chapter Three shows how these general security techniques can be extended and used in the context of protection from insider threats. Chapter Four addresses anomaly detection techniques that are used to determine anomalies in data accesses by insiders. These anomalies are often indicative of potential insider data attacks and therefore play an important role in protection from these attacks. Security information and event management (SIEM) tools and fine-grained auditing are discussed in Chapter Five. These tools aim at collecting, analyzing, and correlating -- in real-time -- any information and event that may be relevant for the security of an organization. As such, they can be a key element in finding a solution to such undesirable insider threats. Chapter Six goes on to provide a survey of techniques for separation-of-duty (SoD). SoD is an important principle that, when implemented in systems and tools, can strengthen data protection from malicious insiders. However, to date, very few approaches have been proposed for implementing SoD in systems. In Chapter Seven, a short survey of a commercial product is presented, which provides different techniques for protection from malicious users with system privileges -- such as a DBA in database management systems. Finally, in Chapter Eight, the book concludes with a few remarks and additional research directions. Table of Contents: Introduction / Authentication / Access Control / Anomaly Detection / Security Information and Event Management and Auditing / Separation of Duty / Case Study: Oracle Database Vault / Conclusion

There are few more important issues currently doing the rounds than data security. That’s what makes this 290-page book so crucial to researchers and professionals in the area. It’s nothing less than the refereed proceedings of the 21st Annual Working Conference on Data and Applications Security held in Redondo Beach, CA, USA in July 2007. The book features 18 fully revised papers covering everything from secure query evaluation to temporal access control.

This Festschrift is in honor of Sushil Jajodia, Professor in the George Mason University, USA, on the occasion of his 70th birthday. This book contains papers written in honor of Sushil Jajodia, of his vision and his achievements. Sushil has sustained a highly active research agenda spanning several important areas in computer security and privacy, and established himself as a leader in the security research community through unique scholarship and service. He has extraordinarily impacted the scientific and academic community, opening and pioneering new directions of research, and significantly influencing the research and development of security solutions worldwide. Also, his excellent record of research funding shows his commitment to sponsored research and the practical impact of his work. The research areas presented in this Festschrift include membrane computing, spiking neural networks, phylogenetic networks, ant colonies optimization, work bench for bio-computing, reaction systems, entropy of computation, rewriting systems, and insertion-deletion systems.

As identity theft and corporate data vulnerability continue to escalate, corporations must protect both the valuable consumer data they collect and their own intangible assets. Both Congress and the states have passed laws to improve practices, but the rate of data loss persists unabated and companies remain slow to invest in information security. Engaged in a bottom-up investigation, Harboring Data reveals the emergent nature of data leakage and vulnerability, as well as some of the areas where our current regulatory frameworks fall short. With insights from leading academics, information security professionals, and other area experts, this original work explores the business, legal, and social dynamics behind corporate information leakage and data breaches. The authors reveal common mistakes companies make, which breaches go unreported despite notification statutes, and surprising weaknesses in the federal laws that regulate financial data privacy, children's data collection, and health data privacy. This forward-looking book will be vital to meeting the increasing information security concerns that new data-intensive business models will have.