Secure Data Provenance and Inference Control with Semantic Web: 1st Edition (Hardback) book cover

Secure Data Provenance and Inference Control with Semantic Web

1st Edition

By Bhavani Thuraisingham, Tyrone Cadenhead, Murat Kantarcioglu, Vaibhav Khadilkar

Auerbach Publications

478 pages | 156 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781466569430
pub: 2014-08-01
$97.95
x
eBook (VitalSource) : 9780429101953
pub: 2014-08-01
from $46.98


FREE Standard Shipping!

Description

With an ever-increasing amount of information on the web, it is critical to understand the pedigree, quality, and accuracy of your data. Using provenance, you can ascertain the quality of data based on its ancestral data and derivations, track back to sources of errors, allow automatic re-enactment of derivations to update data, and provide attribution of the data source.

Secure Data Provenance and Inference Control with Semantic Web supplies step-by-step instructions on how to secure the provenance of your data to make sure it is safe from inference attacks. It details the design and implementation of a policy engine for provenance of data and presents case studies that illustrate solutions in a typical distributed health care system for hospitals. Although the case studies describe solutions in the health care domain, you can easily apply the methods presented in the book to a range of other domains.

The book describes the design and implementation of a policy engine for provenance and demonstrates the use of Semantic Web technologies and cloud computing technologies to enhance the scalability of solutions. It covers Semantic Web technologies for the representation and reasoning of the provenance of the data and provides a unifying framework for securing provenance that can help to address the various criteria of your information systems.

Illustrating key concepts and practical techniques, the book considers cloud computing technologies that can enhance the scalability of solutions. After reading this book you will be better prepared to keep up with the on-going development of the prototypes, products, tools, and standards for secure data management, secure Semantic Web, secure web services, and secure cloud computing.

Table of Contents

Introduction

Overview

Background

Motivation

Our Solutions and Contributions

Outline of the Book

Next Steps

References

Section I: Supporting Technologies

Introduction to Section I

Security and Provenance

Overview

Scalability and Security of Provenance

Access Control Languages and Provenance

Graph Operations and Provenance

Summary and Directions

References

Access Control and Semantic Web

Overview

Access Control

Semantic Web

Semantic Web and Security

Summary and Directions

References

The Inference Problem

Overview

The Inference Problem

Functions of an Inference Controller

Inference Strategies

Security Constraints

Machine Learning and Inference

Our Approach

Historical Perspective

A Note on the Privacy Problem

Summary and Directions

References

Inference Engines

Overview

Concepts for Inference Engines

Software Systems

Summary and Directions

References

Inferencing Examples

Overview

Inference Function

Classification of a Knowledge Base

Inference Strategies and Examples

Approaches to the Inference Problem

Inferences in Provenance

Summary and Directions

References

Cloud Computing Tools and Frameworks

Overview

Cloud Computing Tools

Cloud Computing Framework

RDF Integration

Provenance Integration

Secure Query Processing in a Cloud Environment

The Web Application Layer

The ZQL Parser Layer

The XACML Policy Layer

The Hive Layer

HDFS

Summary and Directions

References

Section I Conclusion

Section II Secure Data Provenance

Introduction to Section II

Scalable and Efficient RBAC for Provenance

Overview

Motivation and Contributions

Unified and Flexible Policies

Supporting Inferences in RBAC

Overview of Our Approach

Extending RBAC to Support Provenance

A Query-Retrieval Process

Example of a Policy Query

Example of a SWRL Rule

Example of a Trace

Output of the Trace

Comment

Experimental Evaluation

Summary and Directions

References

A Language for Provenance Access Control

Overview

Challenges and Drawbacks

Drawbacks of Current Access Control Mechanisms

Policy Language

Solution Based on Regular Expression Queries

Data Representation

Graph Data Model

Provenance Vocabulary

Path Queries

Graph Analysis

Analysis of Digraphs

Composition of Digraphs

Access Control Policy Architecture

Modules in Access Control Policy Architecture

Use Case: Medical Example

Query Templates

Additional Templates

Access Control Example

Prototype

Summary and Directions

References

Transforming Provenance Using Redaction

Overview

Graph Grammar

An Example Graph Transformation Step

Valid Provenance Graph

Discussion

Redaction Policy Architecture

Experiments

Summary and Directions

References

Section II Conclusion

Section III Inference Control

Introduction to Section III

Architecture for an Inference Controller

Overview

Design of an Inference Controller

Modular Design

Policy Processing

Parsing Process

High-Level Policy Translation

DL Rule Assembler

DL Policy Translation

Access Control Policy Assembler

Redaction Policy Assembler

Explanation Service Layer

Summary and Directions

References

Inference Controller Design

Overview

Design Philosophy

Inference Controller Process

Overview of a Query Process

Summary and Directions

References

Provenance Data Representation for Inference Control

Overview

Data Models for the Inference Controller

Separate Stores for Data and Provenance

Summary and Directions

References

Queries with Regular Path Expressions

Overview

Background

Regular Expressions

SPARQL Queries

Summary and Directions

References

Inference Control through Query Modification

Overview

Query Modification with Relational Data

SPARQL Query Modification

Query Modification for Enforcing Constraints

Overview of Query Modification

Graph Transformation of a SPARQL Query BGP

Match Pattern/Apply Pattern

Summary and Directions

References

Inference and Provenance

Overview

Invoking Inference Rules

Approaches to the Inference Problem

Inferences in Provenance

Implicit Information in Provenance

Use Cases of Provenance

Use Case: Who Said That?

Use Case: Cheating Dictator

Processing Rules

Summary and Directions

References

Implementing the Inference Controller

Overview

Implementation Architecture

Provenance in a Health Care Domain

Populating the Provenance Knowledge Base

Generating and Populating the Knowledge Base

Generating Workflows

Policy Management

Supporting Restrictions

Explanation Service Layer

Generators

Selecting Background Information

Background Generator Module

Annotating the Workflow

Generating Workflows

Incomplete Information in the Databases

Use Case: Medical Example

Semantic Associations in the Workflow

Implementing Constraints

Query Modification for Enforcing Constraints

Summary and Directions

References

Section III Conclusion

Section IV Unifying Framework

Introduction to Section IV

Risk and Inference Control

Overview

Risk Model

User’s System

Internal Knowledge Base System

Controller

Adding Provenance

Semantic Framework for Inferences

Ontologies

Rules

Query Logs

Summary and Directions

References

Novel Approaches to Handle the Inference Problem

Overview

Motivation for Novel Approaches

Inductive Inference

Learning by Examples

Security Constraints and Inductive Inference

Probabilistic Deduction

Formulation of the Inference Problem

Probabilistic Calculus

Probabilistic Calculus and Database Security

A Note on Algorithmic Information Theory

Mathematical Programming

Nonmonotonic Reasoning

Inferencing in an MP Environment

Mathematical Programming and Database Security

Game Theory

Noncooperative and Cooperative Games

Query Processing as a Noncooperative Game

Ehrenfeucht–Fraisse Game

Adversarial Mining and Inference

Summary and Directions

References

A Cloud-Based Policy Manager for Assured Information Sharing

Overview

Architecture

Overview

Modules in Our Architecture

User Interface Layer

Policy Engines

Data Layer

Features of Our Policy Engine Framework

Develop and Scale Policies

Justification of Resources

Policy Specification and Enforcement

Cloud-Based Inference Control

Summary and Directions

References

Security and Privacy with Respect to Inference

Introduction

Trust, Privacy, and Confidentiality

Current Successes and Potential Failures

Motivation for a Framework

CPT Framework

Role of the Server

CPT Process

Advanced CPT

Trust, Privacy, and Confidentiality Inference Engines

Confidentiality Management

Privacy Management

Trust Management

Integrated System

Summary and Directions

References

Big Data Analytics and Inference Control

Overview

Big Data Management and Analytics

Security and Privacy for Big Data

Inference Control for Big Data

Summary and Directions

References

Unifying Framework

Overview

Design of Our Framework

Global Inference Controller

Inference Tools

Summary and Directions

References

Summary and Directions

About This Chapter

Summary of the Book

Directions for Secure Data Provenance and Inference Control

Where Do We Go from Here?

Section IV Conclusion

Appendix A: Data Management Systems, Developments, and Trends

Overview

Developments in Database Systems

Status, Vision, and Issues

Data Management Systems Framework

Building Information Systems from the Framework

From Data to Big Data

Relationship between the Texts

Summary and Directions

References

Appendix B: Database Management and Security

Overview

Database Management

Overview

Relational Data Model

Database Management Functions

Query Processing

Transaction Management

Storage Management

Metadata Management

Database Integrity

Distributed Data Management

Discretionary Security

Overview

Access Control Policies

Authorization Policies

RBAC Policies

Administration Policies

SQL Extensions for Security

Query Modification

Other Aspects

Identification and Authentication

Auditing a Database System

Views for Security

MAC

Overview

MAC Policies

Granularity of Classification

Summary and Directions

References

Appendix C: A Perspective of the Inference Problem

Overview

Statistical Database Inference

Approaches to Handling the Inference Problem in an MLS/DBMS

Complexity of the Inference Problem

Summary and Directions

References

Appendix D: Design and Implementation of a Database Inference Controller

Overview

Background

Security Constraints

Approach to Security Constraint Processing

Consistency and Completeness of the Constraints

Design of the Query Processor

Security Policy

Functionality of the Query Processor

Query Modification

Response Processing

Design of the Update Processor

Security Policy

Functionality of the Update Processor

Handling Security Constraints during Database Design

Overview

Security Control Processing and Release Control

Distributed Inference Control

Summary and Directions

References

Index

Subject Categories

BISAC Subject Codes/Headings:
COM051230
COMPUTERS / Software Development & Engineering / General
COM053000
COMPUTERS / Security / General
COM060000
COMPUTERS / Internet / General