A multimedia-based threat management and information security framework

This chapter focuses on the key challenges in the design of multimediabased scalable techniques for threat management and security of information infrastructures. It brings together several multimedia technologies and presents a conceptual architectural framework for an open, secure distributed multimedia application that is composed of multiple domains employing different security and privacy policies and various data analysis and mining tools for extracting sensitive information. The challenge is to integrate such disparate components to enable large701 E. Chocolate Avenue, Suite 200, Hershey PA 17033-1240, USA Tel: 717/533-8845; Fax 717/533-8661; URL-http://www.irm-press.com ITB11707 IRM PRESS This chapter appears in the book, Web and Information Security edited by Elena Ferrari and Bhavani Thuraisingham © 2006, Idea Group Inc. 216 Joshi, Shyu, Chen, Aref, and Ghafoor Copyright © 2006, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. scale multimedia applications and provide a mechanism for threat management. The proposed framework provides a holistic solution for large-scale distributed multi-domain multimedia application environments.

[1]  Chris Clifton,et al.  Real-time data mining of multimedia objects , 2001, Fourth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing. ISORC 2001.

[2]  M. Angela Sasse,et al.  Taming the wolf in sheep's clothing: privacy in multimedia communications , 1999, MULTIMEDIA '99.

[3]  Siani Pearson,et al.  Towards accountable management of identity and privacy: sticky policies and enforceable tracing services , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[4]  Elisa Bertino,et al.  Controlled access and dissemination of XML documents , 1999, WIDM '99.

[5]  Gregory D. Abowd,et al.  Securing context-aware applications using environment roles , 2001, SACMAT '01.

[6]  Hamid R. Nemati,et al.  Privacy-Preserving Data Mining and the Need for Confluence of Research and Practice , 2007, Int. J. Inf. Secur. Priv..

[7]  Elisa Bertino,et al.  A Content-Based Authorization Model for Digital Libraries , 2002, IEEE Trans. Knowl. Data Eng..

[8]  Bhavani Thuraisingham,et al.  Security Constraints in a Multilevel Secure Distributed Database Management System , 1995, IEEE Trans. Knowl. Data Eng..

[9]  Rangasami L. Kashyap,et al.  A multiresolution representation scheme for multimedia databases , 2005, Multimedia Systems.

[10]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[11]  Arif Ghafoor,et al.  Synchronization and Storage Models for Multimedia Objects , 1990, IEEE J. Sel. Areas Commun..

[12]  Ravi S. Sandhu,et al.  The NIST model for role-based access control: towards a unified standard , 2000, RBAC '00.

[13]  Hamid R. Nemati International Journal of Information Security and Privacy , 2007 .

[14]  Herman T. Tavani,et al.  Privacy protection, control of information, and privacy-enhancing technologies , 2001, CSOC.

[15]  Klaus R. Dittrich,et al.  Argos - A Configurable Access Control System for Interoperable Environments , 1995, DBSec.

[16]  Elisa Bertino,et al.  A generalized temporal role-based access control model , 2005, IEEE Transactions on Knowledge and Data Engineering.

[17]  Elisa Bertino,et al.  An access control model for video database systems , 2000, CIKM '00.

[18]  Paul Ashley,et al.  E-P3P privacy policies and privacy authorization , 2002, WPES '02.

[19]  Li Qin,et al.  Concept-level access control for the Semantic Web , 2003, XMLSEC '03.

[20]  Rik Van de Walle,et al.  MPEG-21: goals and achievements , 2001 .

[21]  Sabrina De Capitani di Vimercati,et al.  A fine-grained access control system for XML documents , 2002, TSEC.

[22]  Bhavani M. Thuraisingham,et al.  Web Data Mining and Applications in Business Intelligence and Counter-Terrorism , 2003 .

[23]  Pietro Iglio,et al.  Role templates for content-based access control , 1997, RBAC '97.

[24]  Gail-Joon Ahn,et al.  Role-based authorization constraints specification , 2000, TSEC.

[25]  Alfred Kobsa,et al.  Privacy through pseudonymity in user-adaptive systems , 2003, TOIT.

[26]  Vijayalakshmi Atluri,et al.  Self-manifestation of composite multimedia objects to satisfy security constraints , 2003, SAC '03.

[27]  Carla E. Brodley,et al.  Feature Subset Selection and Order Identification for Unsupervised Learning , 2000, ICML.

[28]  Jan Jürjens,et al.  Identification of Vulnerabilities in Web Services using Model-Based Security , 2010 .

[29]  Min Chen,et al.  A decision tree-based multimodal data mining framework for soccer goal detection , 2004, 2004 IEEE International Conference on Multimedia and Expo (ICME) (IEEE Cat. No.04TH8763).

[30]  Walid G. Aref,et al.  Digital government security infrastructure design challenges , 2001 .

[31]  G. Dhillon Information Security Management: Global Challenges in the New Millennium , 2000 .

[32]  Elisa Bertino,et al.  TRBAC: a temporal role-based access control model , 2000, RBAC '00.

[33]  Serhan Dagtas,et al.  Extraction of TV highlights using multimedia features , 2001, 2001 IEEE Fourth Workshop on Multimedia Signal Processing (Cat. No.01TH8564).

[34]  Min Chen,et al.  Image database retrieval utilizing affinity relationships , 2003, MMDB '03.

[35]  Fabio Roli,et al.  Fusion of multiple classifiers for intrusion detection in computer networks , 2003, Pattern Recognit. Lett..

[36]  Melissa Dark,et al.  Information Assurance and Security Ethics in Complex Systems: Interdisciplinary Perspectives , 2010 .

[37]  Bhavani M. Thuraisingham,et al.  Web Data Mining & Business Intelligence Analysis , 2003 .

[38]  Elisa Bertino,et al.  Secure interoperation in a multi-domain environment , 2004 .

[39]  Dou Long,et al.  Fusion of detection probabilities and comparison of multisensor systems , 1990, IEEE Trans. Syst. Man Cybern..

[40]  Jianping Fan,et al.  Medical video mining for efficient database indexing, management and access , 2003, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405).

[41]  Walid G. Aref,et al.  Scheduling for shared window joins over data streams , 2003, VLDB.

[42]  Roshan K. Thomas,et al.  Flexible team-based access control using contexts , 2001, SACMAT '01.

[43]  James A. Hendler,et al.  DAML+OIL: An Ontology Language for the Semantic Web , 2002, IEEE Intell. Syst..

[44]  Jane Hunter,et al.  Enhancing the semantic interoperability of multimedia through a core ontology , 2003, IEEE Trans. Circuits Syst. Video Technol..

[45]  Paul Ashley,et al.  From privacy promises to privacy management: a new approach for enforcing privacy throughout an enterprise , 2002, NSPW '02.

[46]  Elisa Bertino,et al.  Access-control language for multidomain environments , 2004, IEEE Internet Computing.

[47]  Bhavani M. Thuraisingham,et al.  Policy Enforcement System for Inter-Organizational Data Sharing , 2010, Int. J. Inf. Secur. Priv..

[48]  Jianping Fan,et al.  VDBMS: A testbed facility for research in video database benchmarking , 2004, Multimedia Systems.

[49]  Elisa Bertino,et al.  Securing XML Documents with Author-X , 2001, IEEE Internet Comput..

[50]  James A. Landay,et al.  Modeling Privacy Control in Context-Aware Systems , 2002, IEEE Pervasive Comput..

[51]  Geoffrey Smith,et al.  Managing security policies in a distributed environment using eXtensible markup language (XML) , 2001, SAC.

[52]  Elisa Bertino,et al.  Access Control in Dynamic XML-Based Web-Services with X-RBAC , 2003, ICWS.

[53]  Basit Shafiq,et al.  A model for secure multimedia document database system in a distributed environment , 2002, IEEE Trans. Multim..

[54]  Min Chen,et al.  DETECTION OF SOCCER GOAL SHOTS USING JOINT MULTIMEDIA FEATURES AND CLASSIFICATION RULES , 2003 .