Computer Science 9616a
Database Security and Privacy
No class Nov. 11.
Classes start Wed., Sept. 16, 2015, in MC 316, at 2:30.
The class will move to 3:30 to 5:30 starting Sept. 23. It will still be in MC316 for that one week.
Starting Sept. 30, we will meet in MC320, from 3:30 to 5:50 on Wednesdays until the end of term.
Professor: Sylvia Osborn, MC 378
email: sylvia at csd dot uwo dot ca
Some confidential course information is posted on owl.
Go to owl.uwo.ca and log in with your Western username and password.
· Set 1, Introduction and DAC for relations
· Set 2 MAC and MAC for relations
· Set 3, Role-based Access Control (RBAC)
· Nyanchama and Osborn on the Role Graph Model
· Set 4, DAC for OODB
· Set 5, MAC for OODB
· Set 6, Statistical DB security
· Set 7, Access control for XML
· Set 8, Privacy
Part 1 (updated Oct. 13) (updated again Oct. 20)
Some web sites/Books:
Security, Privacy and Trust in Modern Data Management, Springer book available on-line through the library.
Security and Trust in On-line Social Networks – a short book in the Morgan & Claypool
series on Information Security, Privacy & Trust
Short book by Elena Ferrari, “Access Control in Data Management Systems”,
downloadable from Morgan & Claypool Publishers
Database Security, Castano, et al., ACM Press. There is a copy in the Taylor Library
Some Overview Papers:
Assignment from 2010 (good model for test questions)
Journals specializing in Security and Privacy (list adapted from Cipher) - not necessarily Database Security and Privacy
Journal of Privacy Technology (JOPT), Editor-in-Chief: Latanya Sweeney, http://www.jopt.org/.
IEEE Security and Privacy Magazine, Editor-in-Chief: Carl E. Landwehr, http://computer.org/security/.
ACM Transactions on Information and System Security, Editor-in-Chief: Gene Tsudik, http://www.acm.org/tissec
IEEE Transactions on Dependable and Secure Computing, Editor-in-Chief: Virgil D. Gligor, http://www.computer.org/tdsc/
The Kluwer International Series on ADVANCES IN INFORMATION SECURITY. (Book Series)
Journal of Computer Security, Editor-in-Chief: Sushil Jadodia and Jonathan Millen, http://www.mitre.org/jcs.
Computers & Security, Editor-in-Chief: Dimitris Gritzalis, http://www.elsevier.com/locate/issn/01674048
International Journal of Information Security, Editors-in-Chief: D. Gollmann; J. Lopez; E. Okamoto, http://link.springer.de/link/service/journals/10207/index.htm.
International Journal of Network Security, Editors-in-Chief: Min-Shiang Hwang, http://ijns.nchu.edu.tw/
International Journal of Security and Networks, Editors-in-Chief: Yang Xiao, http://www.inderscience.com/ijsn/
International Journal of Critical Infrastructure Protection, Editors-in-Chief: Sujeet Shenoi, http://www.elsevier.com/locate/ijcip
IEEE Transactions on Information Forensics and Security, Editors-in-Chief: Nasir D. Memon, http://www.ieee.org/organizations/society/sp/tifs.html
Conferences relevant to Database Security (list far from complete)
IFIP Database Security, known as DBSEC on DBLP: http://spdp.di.unimi.it/~ifip113/conferences
ACM SACMAT, Symposium on Access Control Models and Technologies: http://www.sacmat.org/2015/history.php
ESORICS, European Symposium on Research in Computer Security: http://dblp.uni-trier.de/db/conf/esorics/index.html