Descripción del tutorial de Pierangela Samarati:

Data Security

Ponente:

Pierangela Samarati
Professor at the Department of Information
Technology
University of Milan
samarati@pinky.crema.unimi.it

Abstract:

   An important requirement of any data management system is to provide security to its data. Guaranteeing security means protecting the data against unauthorized disclosure (secrecy) and unauthorized or improper modifications (integrity}), while at the same time ensuring their availability to legitimate users (no denials-of-service). Providing security requires the application of different mesures including authentication, access control, encryption, and auditing.

   After intoducing the security problem in its entirety, the tutorial will focus on security aspects related to access control and data protection. The tutorial will discuss the different issues to be considered when addressing data security; it will illustrate different access control policies that can be applied in protecting data (e.g., discretionary, mandatory, and role-based), and additional controls needed to protect data against indirect disclosure such as those due to inference. The tutorial will also discuss data security issues in open web-based systems.