Detecting VoIP Floods Using the Hellinger Distance (2009)
Hemant Sengar, Student Member, Haining Wang, Duminda Wijesekera, Senior Member, Sushil Jajodia, ...
Abstract—Voice over IP (VoIP), also known as Internet telephony, is gaining market share rapidly and now competes favorably as one of the visible applications of the Internet. Nevertheless, being...
HOMOTOPY CLASSIFICATION OF LENS SPACES FOR ONE-RELATOR GROUPS WITH TORSION (2009)
R p) where R is not a proper power and p ^ 2. Then given any integer q, relatively prime to p, we can construct the Lens space ^(pf q) for Ξ from the cellular model C(&) of the presentation...
ON 2-DIMENSIONAL CTF-COMPLEXES WITH A SINGLE 2-CELL (2009)
In this paper we are interested in finite connected 2-dimensional CTF-complexes, each with a single 2-celL We show any two such complexes have the same homotopy type if their fundamental groups are...
Sergio Mascetti, Dario Freni, Claudio Bettini, X. Sean Wang, Sushil Jajodia
Abstract. The evaluation of privacy-preserving techniques for LBS is often based on simulations of mostly random user movements that only partially capture real deployment scenarios. We claim that...
On the Anonymity and Traceability of Peer-to-Peer VoIP Calls (2009)
Shiping Chen, Xinyuan Wang, Sushil Jajodia
Voice over Internet Protocol is a technology that enables people to use the Internet, rather than the traditional public switched telephone network, as the transmission medium for voice...
ABSTRACT Balancing Confidentiality and Efficiency in Untrusted Relational DBMSs (2009)
Ernesto Damiani, Stefano Paraboschi, Pierangela Samarati, Sushil Jajodia
The scope and character of today’s computing environments are progressively shifting from traditional, one-on-one clientserver interaction to the new cooperative paradigm. It then becomes of...
V-COPS: a Vulnerability-based Cooperative Alert Distribution System (2009)
Shiping Chen, Dongyu Liu, Songqing Chen, Sushil Jajodia, Sybase Inc
The efficiency of promptly releasing security alerts of established analysis centers has been greatly challenged by the continuous emergence of various large scale network attacks, such as worms....
Advanced Transaction Processing in Multilevel Secure File Stores (2008)
Elisa Bertino A, Sushil Jajodia, Luigi Mancini, Indrajit Ray B
The concurrency control requirements for transaction processing in a multilevel secure le system are di erent from those in conventional transaction processing systems; in particular, there is the...
Fast Detection of Denial-of-Service Attacks on IP Telephony (2008)
Hemant Sengar, Haining Wang, Duminda Wijesekera, Sushil Jajodia
Abstract — Recently Voice over IP (VoIP) is experiencing a phenomenal growth. Being a real-time service, VoIP is more susceptible to Denial-of-Service (DoS) attacks than regular Internet services....
Network Flow Watermarking Attack on Low-Latency Anonymous Communication Systems (2008)
Xinyuan Wang, Shiping Chen, Sushil Jajodia
Many proposed low-latency anonymous communication systems have used various flow transformations such as traffic padding, adding cover traffic (or bogus packets), packet dropping, flow mixing, flow...
Detecting Novel Network Intrusions Using Bayes (2008)
Daniel Barbará, Ningning Wu, Sushil Jajodia
From the first appearance of network attacks, the internet worm, to the most recent one in which the servers of several famous e-business companies were paralyzed for several hours, causing huge...
DaTA – Data-Transparent Authentication Without Communication Overhead (2008)
Songqing Chen, Shiping Chen, Xinyuan Wang, Sushil Jajodia
Abstract — With the development of Internet computing techniques, continuous data streams from remote sites are commonly used in scientific and commercial applications. Correspondingly, there is...
Damage Quarantine and Recovery in Data Processing Systems (2008)
Peng Liu, Sushil Jajodia, Meng Yu
In this article, we address transparent Damage Quarantine and Recovery (DQR), a very important problem faced today by a large number of mission/life/business-critical applications and information...
Chapter 5 TOPOLOGICAL ANALYSIS OF NETWORK ATTACK VULNERABILITY (2008)
Abstract: To understand overall vulnerability to network attack, one must consider attacker exploits not just in isolation, but also in combination. That is, one must analyze how low-level...
Sushil Jajodia, Ravi Mukkamala
Abstract. Many algorithms exist in literature to manage replicated database objects. Some of these are dynamic and attempt to adapt to changing network configurations due to failures, particularly...
Gio Wiederhold Chairman, David Beech, Charles Bourne, Nick Farmer, Sushil Jajodia, David Kahaner, ...
b,-
Eui-hong Han, George Karypis, Vipin Kumar, Bamshad Mobasher, Mining Charu, C. Aggarwal, ...
The Bulletin of the Technical Committee on Data Engineering is published quarterly and is distributed to all TC members. Its scope includes the design, implementation, modelling, theory and...
Multiphase Damage Containment in Self-Healing Database Systems £ (2008)
Abstract. Damage containment is an important technique for building self-healing database systems that can survive malicious attacks or operational mistakes. However, existing damage containment...
Minimum-Cost Network Hardening Using Attack Graphs Abstract (2008)
Lingyu Wang, Steven Noel, Sushil Jajodia
In defending one’s network against cyber attack, certain vulnerabilities may seem acceptable risks when considered in isolation. But an intruder can often infiltrate a seemingly well-guarded...
Abstract Information Hiding: Steganography and (2008)
Zoran Duric, Michael Jacobs, Sushil Jajodia
The goal of steganography is to insert a message into a carrier signal so that it cannot be detected by unintended recipients. Due to their widespread use and availability of bits that can be changed...
Interactive Analysis of Attack Graphs Using Relational Queries ⋆ (2008)
Lingyu Wang, Chao Yao, Anoop Singhal, Sushil Jajodia
Abstract. Attack graph is important in defending against well-orchestrated network intrusions. However, the current analysis of attack graphs requires an algorithm to be developed and implemented,...
Reference Surviving Information Warfare Attacks on Databases (2008)
Prof Jajodia, Professor Sushil Jajodia, Mccollum Oakl, Mccollum Computer, Sushil Jajodia, Prof Jajodia, ...
� IWD vs. Fault tolerance � Our approach- Damage markings- Notion of consistency for damaged databases- Model encompasses o Normal transactions o Countermeasure transactions- Algorithm for...
ABSTRACT Multiple Coordinated Views for Network Attack Graphs (2008)
Steven Noel, Michael Jacobs, Pramod Kalapa, Sushil Jajodia
While efficient graph-based representations have been developed for modeling combinations of low-level network attacks, relatively little attention has been paid to effective techniques for...
Parity-based Inference Control for Multi-dimensional Range Sum Queries (2008)
Lingyu Wang, Yingjiu Li, Sushil Jajodia, Duminda Wijesekera
This paper studies the inference control of multi-dimensional range (MDR) sum queries. We show that existing inference control methods are usually inefficient for MDR queries. We then consider...
Trust Management Services in Relational Databases (2008)
Sabrina De, Capitani Vimercati, Sushil Jajodia
Trust management represents today a promising approach for supporting access control in open environments. While several approaches have been proposed for trust management and significant steps have...
Identifying Sensitive Associations in Databases for Release Control (2008)
Claudio Bettini, X. Sean Wang, Sushil Jajodia
Abstract. In a database system, authorization-based access-control is generally the first line of defense, preventing unauthorized accesses to secret or sensitive data. However, this mechanism is...
LHAP: a lightweight network access control protocol for ad hoc networks (2008)
Sencun Zhu, Shouhuai Xu, Sanjeev Setia, Sushil Jajodia
Abstract — Most ad hoc networks do not implement any network access control, leaving these networks vulnerable to resource consumption attacks where a malicious node injects packets into the...
Fragmentation and Encryption to Enforce Privacy in Data Storage (2008)
Valentina Ciriani, Sabrina De, Capitani Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, ...
Abstract. Privacy requirements have an increasing impact on the realization of modern applications. Technical considerations and many significant commercial and legal regulations demand today that...
Bo Zhu, Sushil Jajodia, Mohan S. Kankanhalli
Abstract: The decentralised, cooperative and self-organising nature of Peer-to-Peer (P2P) systems help to mitigate and even overcome many challenges which overwhelm the traditional client-server...
An Anonymous Routing Protocol with The Local-repair Mechanism for Mobile Ad Hoc Networks (2008)
Bo Zhu, Sushil Jajodia, Mohan S. Kankanhalli, Feng Bao, Robert H. Deng
Abstract — In this paper, we first define the requirements on anonymity and security properties of the routing protocol in mobile ad hoc networks, and then propose a new anonymous routing protocol...
Balancing Confidentiality and Efficiency (2008)
In Untrusted Relational, Ernesto Damiani, Stefano Paraboschi, Pierangela Samarati, Sushil Jajodia
The scope and character of today's computing environments are progressively shifting from traditional, one-on-one clientserver interaction to the new cooperative paradigm. It then becomes of...
Creating Objects in the Flexible Authorization (2008)
Framework Nicola Zannone, Nicola Zannone, Sushil Jajodia, Duminda Wijesekera
Access control is a crucial concern to build secure IT systems and, more specifically, to protect the confidentiality of information. However, access control is necessary, but not sufficient....
Proceedings Editors ’ addresses: (2008)
Sushil Jajodia, Pierangela Samarati, X. Sean Wang, Claudio Bettini, Sushil Jajodia, Pierangela Samarati, ...
Copyright c○2008 for the individual papers by the papers ’ authors. Copying permitted for private and academic purposes. Re-publication of material from this volume requires permission by the...
AFormal Framework for Single Level Decomposition of Multilevel Relations (2007)
In this paper, we consider multilevel relations in which security classi cations are assigned at the granularity of individual data elements. Usually these multilevel relations exist only at the...
A New Polyinstantiation Integrity ConstraintFor Multilevel Relations (2007)
Ravi Sandhu Sushil, Ravi S, Sushil Jajodia, Teresa Lunt
We propose a new polyinstantiation integrity constraint for multilevel relations based on the intuitive idea that every entity in a relation can have at most one tuple for every access class. We...
Cryptography and its Applications (2007)
Professor Sushil Jajodia, Sushil Jajodia
14.99> Encryption Algorithm Decryption Algorithm Plaintext Plaintext Ciphertext INSECURE CHANNEL K K Secret Key shared by A and B SECURE CHANNEL A B Notation l C = E(K,M) l M = D(K,C) l K: Key l...
Professor Sushil Jajodia, Dr. Sushil Jajodia, Dr. Sushil Jajodia, Dr. Sushil Jajodia, Smith Toy, Baker Admin, ...
EMP, MANAGER FROM EMP WHERE DEPT = 'Toy' NAME MANAGER Smith Jones Jones Baker TOY_EMP_MGR 4-03 8 Example CREATE VIEW AVSAL(DEPT, AVG) AS SELECT DEPT, AVG(SALARY) FROM EMP GROUP BY DEPT...
Professor Sushil Jajodia, Covert Channels, Sushil Jajodia
ions W Subjects W Objects W Rights l The rights in a cell specify the access of the subject (row) to the object (column) INFS 762 Prof Jajodia Fall 1999 Sushil Jajodia 1999 5 Users and Principals...
Kerberos Authentication Service (2007)
Professor Sushil Jajodia, Sushil Jajodia, Kerberos High
> 3 INFS 762 Fall 1999 Professor Jajodia 5 Physical Security l Public and private workstations ---None l Servers---Moderate (locked rooms, Known software) l Kerberos --- High 6 Encryption l Uses...
A Fair Locking Protocol for Multilevel Secure Databases (2007)
Sushil Jajodia, Luigi Mancini, Sanjeev Setia
Most concurrency control algorithms for multilevel secure databases based on kernelized architecture prevent covert channels between transactions at different security levels by preempting the high...
Preventing interval-based inference by random data perturbation (2007)
Yingjiu Li, Lingyu Wang, Sushil Jajodia
Abstract. Random data perturbation (RDP) method is often used in statistical databases to prevent inference of sensitive information about individuals from legitimate sum queries. In this paper, we...
TOWARDS SECURE XML FEDERATIONS (2007)
Lingyu Wang, Duminda Wijesekera, Sushil Jajodia
Abstract The integration of isolated XML repositories has drawn more and more interest recently. In this paper, we propose XML federations to provide global e-services while preserving the necessary...
Paul Ammann, Sushil Jajodia, Indrakshi Ray
Many researchers have investigated the process of decomposing transactions into smaller pieces to increase concurrency. The focus of the research is typically on implementing a decomposition supplied...
1 SEMANTIC-BASED DECOMPOSITION OF TRANSACTIONS (2007)
Paul Ammann, Sushil Jajodia, Indrakshi Ray
In some database applications the traditional approach of serializability, in which transactions appear to execute atomically and in isolation on a consistent database state, fails to satisfy...
Peng Ning, X. Sean Wang, Sushil Jajodia
This paper uses an algebraic approach to dene temporal granularities and calendars. All the granularities in a calendar are expressed as algebraic expressions based on a single \bottom "...
Avoiding Loss of Fairness Owing to Failures in Fair Data Exchange Systems (2007)
Peng Liu, Peng Ning, Sushil Jajodia
Fair exchange between mutually distrusted parties has been recognized as an important issue in electronic commerce. However, the correctness (fairness) of the existing fair exchange protocols that...
Claudio Bettini, X. Sean Wang, Sushil Jajodia, Jia-ling Lin
An important usage of time sequences is to discover temporal patterns. The discovery process usually starts with a user-specified skeleton, called an event structure, which consists of a number of...
Abstract A Query Facility for Common Intrusion Detection Framework (2007)
Peng Ning, X. Sean Wang, Sushil Jajodia
It is essential for intrusion detection systems to share information in order to discover attacks involving multiple sites. Common Intrusion Detection Framework (CIDF) is an important step towards...
The Role of Quasi-identifiers in k-Anonymity Revisited (2006)
Bettini, Claudio, Wang, X. Sean, Jajodia, Sushil
The concept of k-anonymity, used in the recent literature to formally evaluate the privacy preservation of published tables, was introduced based on the notion of quasi-identifiers (or QI for short)....
Replica Control Algorithms in Distributed Databases (2006)
The effects of commutative transactions on distributed database performance was analyzed. The benefits were found to be insignificant unless the number of transactions was large. Two distributed...
Solutions to the Polyinstantiation Problem (2006)
Polyinstantiation has generated a great deal of controversy lately. Some have argued that polyinstantiation and integrity are fundamentally incompatible, and have proposed alternatives to...
Voip intrusion detection through interacting protocol state machines (2006)
Hemant Sengar, Duminda Wijesekera, Haining Wang, Sushil Jajodia
Being a fast-growing Internet application, Voice over Internet Protocol (VoIP) shares the network resources with the regular Internet traffic, and is susceptible to the existing security holes of the...
Abstract Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts (2006)
Lingyu Wang, Anyi Liu, Sushil Jajodia
To defend against multi-step intrusions in high-speed networks, efficient algorithms are needed to correlate isolated alerts into attack scenarios. Existing correlation methods usually employ an...
Indistinguishability: the other aspect of privacy (2006)
Chao Yao, Lingyu Wang, Sean X. Wang, Sushil Jajodia
Abstract. Uncertainty and indistinguishability are two independent aspects of privacy. Uncertainty refers to the property that the attacker cannot tell which private value, among a group of values,...
Abstract Minimum-cost network hardening using attack graphs (2006)
Lingyu Wang, Steven Noel, Sushil Jajodia
In defending one’s network against cyber attack, certain vulnerabilities may seem acceptable risks when considered in isolation. But an intruder can often infiltrate a seemingly well-guarded...
The role of quasi-identifiers in k-anonymity revisited (2006)
Claudio Bettini, X. Sean Wang, Sushil Jajodia, Claudio Bettini, X. Sean Wang, Sushil Jajodia
The concept of k-anonymity, used in the recent literature (e.g., [10, 11, 7, 5, 1]) to formally evaluate the privacy preservation of published tables, was introduced
Maintaining Privacy on Derived Objects (2005)
Nicola Zannone, Sushil Jajodia, Fabio Massacci, Duminda Wijesekera
Checking for k-Anonymity Violation by Views (2005)
Chao Yao, X. Sean Wang, Sushil Jajodia
When a private relational table is published using views, secrecy or privacy may be violated.
Key Management for Multi-User Encrypted Databases (2005)
Ernesto Damiani Damiani, Sushil Jajodia
Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-service (DAS), where an organization's database is stored at an external service provider....
Policies, Models, and Languages for Access Control (2005)
Sabrina De, Capitani Vimercati, Pierangela Samarati, Sushil Jajodia
Access control is the process of mediating every request to data and services maintained by a system and determining whether the request should be granted or denied. Expressiveness and flexibility...
Practical broadcast authentication in sensor networks (2005)
Donggang Liu, Peng Ning, Sencun Zhu, Sushil Jajodia
Broadcast authentication is a critical security service in sensor networks; it allows a sender to broadcast messages to multiple nodes in an authenticated way. μTESLA and multi-level μTESLA have...
Protecting privacy against location-based personal identification (2005)
Claudio Bettini, X. Sean Wang, Sushil Jajodia
Abstract. This paper presents a preliminary investigation on the privacy issues involved in the use of location-based services. It is argued that even if the user identity is not explicitly released...
Understanding Complex Network Attack Graphs through Clustered Adjacency (2005)
We apply adjacency matrix clustering to network attack graphs for attack correlation, prediction, and hypothesizing. We self-multiply the clustered adjacency matrices to show attacker reachability...
Information Security Management. Education and Privacy (2004)
Deswarte, Yves, Cuppens, Frédéric, Jajodia, Sushil
This volume contains the papers presented at three workshops embedded in the 19th IFIP International Conference on Information Security (SEC2004), which was sponsored by the International Federation...
Security and Protection in Information Processing Systems (2004)
Deswarte, Yves, Cuppens, Frederic, Jajodia, Sushil, Wang, Lingyu
Security is probably the most critical factor for the development of the "Information Society". E-government, e-commerce, e-healthcare and all other e-activities present challenging security...
Correlating Intrusion Events and Building Attack Scenarios Through Attack Graph Distances (2004)
Steven Noel, Eric Robertson, Sushil Jajodia
We map intrusion events to known exploits in the network attack graph, and correlate the events through the corresponding attack graph distances. From this, we construct attack scenarios, and provide...
Correlating Intrusion Events and Building Attack Scenarios Through Attack Graph Distances (2004)
Steven Noel, Eric Robertson, Sushil Jajodia
We map intrusion events to known exploits in the network attack graph, and correlate the events through the corresponding attack graph distances. From this, we construct attack scenarios, and provide...
Correlating Intrusion Events and Building Attack Scenarios Through Attack Graph Distances (2004)
Steven Noel, Eric Robertson, Sushil Jajodia
We map intrusion events to known exploits in the network attack graph, and correlate the events through the corresponding attack graph distances. From this, we construct attack scenarios, and provide...
Gkmpan: An efficient group rekeying scheme for secure multicast in ad-hoc networks (2004)
Sencun Zhu, Sanjeev Setia, Shouhuai Xu, Sushil Jajodia
We present GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. Our protocol exploits the property of ad hoc networks that each member of a group is both...
An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected (2004)
False Data In, Sencun Zhu, Sanjeev Setia, Sushil Jajodia
Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with...
Gkmpan: An efficient group rekeying scheme for secure multicast in ad-hoc networks (2004)
Sencun Zhu, Sanjeev Setia, Shouhuai Xu, Sushil Jajodia
We present GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. Our protocol exploits the property of ad hoc networks that each member of a group is both...
Gkmpan: An efficient group rekeying scheme for secure multicast in ad-hoc networks (2004)
Sencun Zhu, Sanjeev Setia, Shouhuai Xu, Sushil Jajodia
We present GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. Our protocol exploits the property of ad hoc networks that each member of a group is both...
Gkmpan: An efficient group rekeying scheme for secure multicast in ad-hoc networks (2004)
Sencun Zhu, Sanjeev Setia, Shouhuai Xu, Sushil Jajodia
We present GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. Our protocol exploits the property of ad hoc networks that each member of a group is both...
Tamper Detection and Localization for Categorical Data Using Fragile Watermarks (2004)
Yingjiu Li, Huiping Guo, Sushil Jajodia
Today, database relations are widely used and distributed over the Internet. Since these data can be easily tampered with, it is critical to ensure the integrity of these data. In this paper, we...
A logic-based framework for attribute based access control (2004)
Lingyu Wang, Duminda Wijesekera, Sushil Jajodia
Attribute based access control (ABAC) grants accesses to services based on the attributes possessed by the requester. Thus, ABAC differs from the traditional discretionary access control model by...
Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng Ning
Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects false data into the network with...
LHAP: A Lightweight Hop-by-Hop Authentication Protocol For Ad-Hoc Networks (2003)
Sencun Zhu, Shouhuai Xu, Sanjeev Setia, Sushil Jajodia
Most ad hoc networks do not implement any network access control, leaving these networks vulnerable to resource consumption attacks where a malicious node injects packets into the network with the...
A learning-based approach to information release control (2003)
Claudio Bettini, X. Sean Wang, Sushil Jajodia
Abstract Controlled release of information from an organization is becoming important from various considerations: privacy, competitive information protection, strategic data control, and more. In...
Sencun Zhu, Shouhuai Xu, Sanjeev Setia, Sushil Jajodia
A prerequisite for secure communication between two nodes in an ad hoc network is that the nodes share a key to bootstrap their trust relationship. In this paper, we present a scalable and...
Performance optimizations for group key management schemes (2003)
Sencun Zhu, Sanjeev Setia, Sushil Jajodia
Scalable group rekeying is one of the biggest challenges that need to be addressed to support secure communications for large and dynamic groups. In recent years, many group key man-agement...
LHAP: A Lightweight Hop-by-Hop Authentication Protocol For Ad-Hoc Networks (2003)
Sencun Zhu, Shouhuai Xu, Sanjeev Setia, Sushil Jajodia
Abstract. Most ad hoc networks do not implement any network access control, leaving these networks vulnerable to resource consumption attacks where a malicious node injects packets into the network...
Sencun Zhu, Sanjeev Setia, Sushil Jajodia
Abstract. The Subset Difference Rekeying (SDR) method [8] is the most efficient stateless group rekeying method proposed in the literature. We study two important issues related to the SDR method....
Sencun Zhu, Shouhuai Xu, Sanjeev Setia, Sushil Jajodia
Abstract. We present a scalable distributed protocol that enables two mobile nodes in an ad hoc network to establish a pairwise shared key on the fly, without requiring the use of a on-line key...
Cardinality-based inference control in data cubes (2003)
Lingyu Wang, Duminda Wijesekera, Sushil Jajodia
This paper deals with the inference problem of data cube queries in on-line analytical processing (OLAP) systems. Even though OLAP systems restrict user accesses to predefined aggregations, the...
Precisely answering multi-dimensional range queries without privacy breaches (2003)
Lingyu Wang, Yingjiu Li, Duminda Wijesekera, Sushil Jajodia
This paper investigates the privacy breaches caused by multi-dimensional range (MDR) sum queries in OLAP systems. We show that existing inference control methods are generally ineffective or...
A learning-based approach to information release control (2003)
Claudio Bettini, X. Sean Wang, Sushil Jajodia
Abstract: Controlled release of information from an organization is becoming important from various considerations: privacy, competitive information protection, strategic data control, and more. In...
Sencun Zhu, Shouhuai Xu, Sanjeev Setia, Sushil Jajodia
A prerequisite for secure communication between two nodes in an ad hoc network is that the nodes share a key to bootstrap their trust relationship. In this paper, we present a scalable and...
Sencun Zhu, Sanjeev Setia, Sushil Jajodia
Abstract. We study two important issues related to the Subset Difference Rekeying (SDR) method [4]. First, we present a reliable key distribution scheme, called WFEC-BKR, that enables members to...
LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks (2003)
Sencun Zhu, Sanjeev Setia, Sushil Jajodia
protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the immediate network neighborhood of...
Implementation Issues in Multilevel Security for Object-Oriented Databases (2002)
This report concentrates on implementation issues associated with the security model for object-oriented databases. The discussion of model is conducted from the implementation point of view. Certain...
Provisions and obligations in policy management and security applications (2002)
Claudio Bettini, Sushil Jajodia, X. Sean Wang, Duminda Wijesekera
Policies are widely used in many different systems and applications. Recently, it has been recognized that a “yes/no ” response to every scenario is just not enough for many modern systems and...
Cardinality-based inference control in sum-only data cubes (2002)
Lingyu Wang, Duminda Wijesekera, Sushil Jajodia
Abstract. This paper deals with the inference problems in data warehouses and decision support systems such as on-line analytical processing (OLAP) systems. Even though OLAP systems restrict user...
Sanjeev Setia, Sencun Zhu, Sushil Jajodia
Scalable group rekeying is one of the important problems that needs to be addressed in order to support secure multicast communications for large and dynamic groups. One of the challenging issues...
A privacy-enhanced microaggregation method (2002)
Yingjiu Li, Sencun Zhu, Lingyu Wang, Sushil Jajodia
Abstract. Microaggregation is a statistical disclosure control technique for protecting microdata (i.e., individual records), which are important products of statistical offices. The basic idea of...
Yingjiu Li, Sencun Zhu, X. Sean Wang, Sushil Jajodia
In this paper, we study the problem of mining frequent itemsets along with their temporal patterns from large transaction sets. In our model, users define a large set of temporal patterns that are...
Auditing interval-based inference (2002)
Yingjiu Li, Lingyu Wang, X. Sean Wang, Sushil Jajodia
Abstract. In this paper we study the feasibility of auditing intervalbased inference. Sensitive information about individuals is said to be compromised if an accurate enoughinterval, called inference...
Secure selective exclusion in ad hoc wireless network (2002)
Roberto Di Pietro, Luigi V. Mancini, Sushil Jajodia
Abstract: A wireless sensor network can be seen as a large number (hundreds of thousand) of small (a few cubic millimetres) devices, battery powered, with very limited hardware resources. Such a...
Recovery from Malicious Transactions (2002)
Paul Ammann, Sushil Jajodia, Senior Member, Peng Liu
Abstract—Preventive measures sometimes fail to deflect malicious attacks. In this paper, we adopt an information warfare perspective, which assumes success by the attacker in achieving partial, but...
Enhancing Profiles for Anomaly Detection Using Time Granularities (2002)
Yingjiu Li, Ningning Wu, Sushil Jajodia, X. Sean Wang
Recently, association rules have been used to generate profiles of "normal" behavior for anomaly detection. However, the time factor (especially in terms of multiple time...
Provisions and obligations in policy management and security applications (2002)
Claudio Bettini, Sushil Jajodia, X. Sean Wang, Duminda Wijesekera
Policies are widely used in many different systems and applications. Recently, it has been recognized that a "yes/no " response to every scenario is just not enough for many modern...
Auditing interval-based inference (2002)
Yingjiu Li, Lingyu Wang, X. Sean Wang, Sushil Jajodia
Abstract. In this paper we study the feasibility of auditing intervalbased inference. Sensitive information about individuals is said to be compromised if an accurate enough interval, called...
Provisions and obligations in policy management and security applications (2002)
Claudio Bettini, Sushil Jajodia, X. Sean Wang, Duminda Wijesekera
Policies are widely used in many systems and applications. Recently, it has been recognized that a “yes/no ” response to every scenario is just not enough for many modern systems and...
Abstract Consistent policy enforcement in distributed systems using mobile policies q,qq (2002)
Susan Chapin, Don Faatz, Sushil Jajodia, Amgad Fayad
This paper briefly traces the evolution of information system architectures from mainframe-connected terminals to distributed multi-tier architectures. It presents the challenges facing developers of...
ADAM: A Testbed for Exploring the Use of Data Mining in Intrusion Detection * (2001)
Daniel Barbard, Julia Couto, Sushil Jajodia, Ningning Wu
Intrusion detection systems have traditionally been based on the characterization of an attack and the tracking of the activity on the system to see if it matches that characterization. Recently, new...
ADAM: A testbed for exploring the use of data mining in intrusion detection (2001)
Daniel Barbara, Julia Couto, Sushil Jajodia, Ningning Wu
Intrusion detection systems have traditionally been based on the characterization of an attack and the tracking of the activity on the system to see if it matches that characterization. Recently,...
Multi-phase damage confinement in database systems for intrusion tolerance (2001)
Preventive measures sometimes fail to defect malicious attacks. With cyber attacks on data-intensive applications becoming an ever more serious threat, intrusion tolerant database systems are a...
ADAM: Detecting Intrusions by Data Mining (2001)
Daniel Barbará, Julia Couto, Sushil Jajodia, Leonard Popyack, Ningning Wu
Abstract — Intrusion detection systems have traditionally been based on the characterization of an attack and the tracking of the activity on the system to see if it matches that characterization....
Abstraction-Based Intrusion Detection in Distributed Environments (2001)
Peng Ning, Sushil Jajodia, Xiaoyang Sean Wang
Abstraction is an important issue in intrusion detection, since it not only hides the difference between heterogeneous systems, but also allows generic intrusion detection models. However,...
Abstraction-Based Intrusion Detection in Distributed Environments (2001)
Peng Ning, Sushil Jajodia, Xiaoyang Sean Wang
Abstraction is an important issue in intrusion detection, since it not only hides the difference between heterogeneous systems, but also allows generic intrusion detection models. However,...
Discovering Calendar-based Temporal Association rules (2001)
Yingjiu Li, Peng Ning, X. Sean Wang, Sushil Jajodia
A temporal association rule is an association rule that holds during specific time intervals. An example can be that eggs and coffee are frequently sold together in morning hours. This paper studies...
Abstraction-Based Intrusion Detection In (2001)
Distributed Environments Peng, Peng Ning, Sushil Jajodia, Xiaoyang Sean Wang
This article presents a hierarchical model to support attack specification and event abstraction in distributed intrusion detection. The model involves three concepts: system view, signature, and...
Flexible Transaction Dependencies in Database Systems (2000)
Mancini, Luigi V., Ray, Indrajit, Jajodia, Sushil, Bertino, Elisa
Numerous extended transaction models have been proposed in the literature to overcome the limitations of the traditional transaction model for advanced applications characterized by their long...
Using attribute certificates with mobile policies in electroniccommerce applications (2000)
Vinti Doshi, Amgad Fayad, Sushil Jajodia, Roswitha Maclean
Many electronic commerce applications including those developed for business-to-consumer (B2C) and business-to-business (B2B) uses, require operations in computing environments that are truly...
Secure databases: Constraints, inference channels, and monitoring disclosures (2000)
Er Brodsky, Csilla Farkas, Sushil Jajodia, Senior Member
AbstractÐThis paper investigates the problem of inference channels that occur when database constraints are combined with nonsensitive data to obtain sensitive information. We present an integrated...
Modeling requests among cooperating intrusion detection systems (2000)
Peng Ning, X. Sean Wang, Sushil Jajodia
It is important for intrusion detection systems (IDSs) to share information in order to discover attacks involving multiple sites. However, no framework exists for an IDS to request from and send to...
An algebraic representation of calendars (extended abstract (2000)
Peng Ning, X. Sean Wang, Sushil Jajodia
This extended abstract uses an algebraic approach to define granularities and calendars. All the granularities in a calendar are expressed as algebraic expressions based on a single "bottom...
Discovering temporal patterns in multiple granularities (2000)
Yingjiu Li, X. Sean Wang, Sushil Jajodia
{yli2, xyang, j aj odia}grau. edu Abstract. Many events repeat themselves as the time goes by. For example, an institute pays its employees on the first day of every month. However, events may not...
CARDS: A distributed system for detecting coordinated attacks (2000)
Jiahai Yang, Peng Ning, X. Sean Wang, Sushil Jajodia
Abstract A major research problem in intrusion detection is the efficient Detection of coordinated attacks over large networks. Issues to be resolved include determining what data should be...
Secure databases: Constraints, inference channels, and monitoring disclosures (2000)
Alexander Brodsky, Csilla Farkas, Sushil Jajodia
This paper investigates the problem of inference channels that occur when database constraints are combined with non-sensitive data to obtain sensitive information. We present an integrated security...
An algebraic representation of calendars (extended abstract (2000)
Peng Ning, X. Sean Wang, Sushil Jajodia
This extended abstract uses an algebraic approach to de ne granularities and calendars. All the granularities in a calendar are expressed as algebraic expressions based on a single \bottom "...
A query facility for common intrusion detection framework (2000)
Peng Ning, X. Sean Wang, Sushil Jajodia
It is essential for intrusion detection systems to share information in order to discover attacks involving multiple sites. Common Intrusion Detection Framework (CIDF) is an important step towards...
CARDS: A distributed system for detecting coordinated attacks (2000)
Jiahai Yang, Peng Ning, X. Sean Wang, Sushil Jajodia
Abstract A major research problem in intrusion detection is the efficient Detection of coordinated attacks over large networks. Issues to be resolved include determining what data should be...
Avoiding Loss of Fairness Owing to Process Crashes in Fair Data Exchange Protocols (2000)
Peng Liu, Peng Ning, Sushil Jajodia
Fair exchange between two or more potentially mutually distrusted parties has been identified as an important issue in electronic commerce. However, the correctness (fairness) of the existing fair...
Intrusion Confinement by Isolation in Information Systems (2000)
Peng Liu, Sushil Jajodia, Catherine D. Mccollum
System protection mechanisms such as access controls can be fooled by authorized but malicious users, masqueraders, and misfeasors. Intrusion detection techniques are therefore used to supplement...
Intrusion Confinement By Isolation In Information Systems (2000)
Peng Liu, Sushil Jajodia, Catherine D. Mccollum
System protection mechanisms such as access controls can be fooled by authorized but malicious users, masqueraders, and misfeasors. Intrusion detection techniques are therefore used to supplement...
Kronos: A Scalable Group Re-Keying Approach for Secure Multicast (2000)
Sanjeev Setia, Samir Koussih, Sushil Jajodia
In this paper, we describe a novel approach to scalable group re-keying for secure multicast. Our approach, which we call Kronos, is based upon the idea of periodic group re-keying. We first motivate...
Application-level isolation using data inconsistency detection (1999)
Amgad Fayad, Sushil Jajodia, Catherine D. Mccollum
Recently, application-level isolation was introduced as an effective means of containing the damage that a suspicious user could inflict on data. In most cases, only a subset of the data items needs...
Pierangela Samarati, Sushil Jajodia
The term data security refers to the protection of information against possible violations that can compromise its secrecy (or confidentiality), integrity, or availability. Secrecy is compromised if...
A Fault Tolerance Approach to Survivability (1999)
Paul Ammann, Sushil Jajodia, Peng Liu
Attacks on computer systems have received a great deal of press attention; however, most of the focus has been on how an attacker can disrupt an organization's operations. Although attack...
Rewriting Histories: Recovering from Malicious Transactions (1999)
Peng Liu, Paul Ammann, Sushil Jajodia
We consider recovery from malicious but committed transactions. Traditional recovery mechanisms do not address this problem, except for complete rollbacks, which undo the work of good transactions as...
Peng Liu, Paul Ammann, Sushil Jajodia
Update anywhere-anytime-anyway transactional replication has unstable behavior as the workload scales up. To reduce this problem, a two-tier replication algorithm is proposed in [GHOS96] that allows...
A Fault Tolerance Approach to Survivability (1999)
Paul Ammann, Sushil Jajodia, Peng Liu
Attacks on computer systems have received a great deal of press attention; however, most of the focus has been on how an attacker can disrupt an organization's operations. Although attack...
A Fault Tolerance Approach to Survivability (1999)
Sushil Jajodia, Peng Liu, Paul Ammann
Attacks on computer systems have received a great deal of press attention; however, most of the focus has been on how an attacker can disrupt an organization's operations. Although attack...
A Role for Digital Watermarking in Electronic Commerce (1999)
Neil F. Johnson, Zoran Duric, Sushil Jajodia
Digital media are subject to illicit distribution and owners of such data are cautious about making their work available without some method of identifying ownership and copyright. Digital watermarks...
Recovering watermarks from images (1999)
Zoran Duric, Neil F. Johnson, Sushil Jajodia
Many techniques for watermarking of digital images have appeared recently. Most of these techniques are sensitive to cropping and/or a ne distortions (e.g., rotation and scaling). In this paper we...
Recovery of watermarks from distorted images (1999)
Neil F. Johnson, Zoran Duric, Sushil Jajodia
Abstract. Many techniques for watermarking of digital images have appeared in numerous publications. Most of these techniques are sensitive to cropping and/or a ne distortions (e.g., rotation and...
On “fingerprinting” images for recognition (1999)
Neil F. Johnson, Zoran Duric, Sushil Jajodia
A central task in multimedia systems is image management (storage and retrieval). As information is disseminated across vast networks, such as the Internet, methods of locating authored media are...
This report presents the results of research on the allocation of binary cartesian product database files across several stores (such as disks) which are accessible in parallel so that the average...
Basic Database Operations on the Butterfly Parallel Processor: Experiment Results. (1998)
Rosenau, Todd J., Jajodia, Sushil
The next phase in speeding up database queries will be through the use of highly parallel computers. This paper will discuss the basic database operations (select, project, natural join, and scaler...
A Survey of Object-Oriented Database Technology. (1998)
Thomas, Boshan, Agrawal, Akhil, Jajodia, Sushil, Kogan, Boris
For many applications, traditional data base models and technologies have proven inadequate, and this has led to research and development of database technologies based on the object-oriented...
Integrating and Object-Oriented Data Model with Multilevel Security. (1998)
A new security model for object-oriented database systems is presented. This model is a departure from the traditional security models based on the passive object - active subject paradigm. This...
An Algorithm for Dynamic Data Distribution Preliminary Version. (1998)
Wolfson, Ouri, Jajodia, Sushil
The replication scheme of a distributed database determines how many replicas of each object are created, and to which processors these replicas are allocated. This scheme critically affects the...
Trusted Recovery from Information Attacks (1998)
Jajodia, Sushil, Ammann, Paul, Liu, Peng
Preventive measures sometimes fail to deflect malicious attacks. In this work, we adopt an information warfare perspective which assumes success by the attacker in achieving partial, but not complete...
An architecture for supporting interoperability among temporal databases (1998)
Claudio Bettini, X. Seanwang, Sushil Jajodia
Abstract. A significant property of temporal data is their richness of semantics. Although several temporal data models and query languages have been designed specifically to handle the temporal...
Temporal Semantic Assumptions and Their Use in Databases (1998)
Claudio Bettini, X. Sean Wang, Ieee Computer Society, Sushil Jajodia, Senior Member
Abstract—Data explicitly stored in a temporal database are often associated with certain semantic assumptions. Each assumption can be viewed as a way of deriving implicit information from...
ASEP: A Secure and Flexible Commit Protocol for MLS Distributed Database Systems (1998)
Indrajit Ray, Luigi V. Mancini, Sushil Jajodia, Elisa Bertino
The classical Early Prepare commit protocol (EP), used in many commercial systems, is not suitable for use in multilevel secure distributed databases systems that employ a locking protocol for...
A General Framework for Time Granularity and its Application to Temporal Reasoning (1998)
Claudio Bettini, X. Sean Wang, Sushil Jajodia
This paper presents a general framework to define time granularity systems. We identify the main dimensions along which different systems can be characterized, and investigate the formal...
A fair locking protocol for multilevel secure databases (1998)
Most concurrency control algorithms for multilevel secure databases based on kernelized architecture prevent covert channels between transactions at different security levels by preempting the high...
Steganalysis: The investigation of hidden information (1998)
Neil F. Johnson, Sushil Jajodia
The goal of steganography is to avoid drawing suspicion to the transmission of a hidden message. If suspicion is raised, then this goal is defeated. Discovering and rendering useless such covert...
Steganalysis: The Investigation of Hidden Information (1998)
Neil Johnson And, Neil F. Johnson, Sushil Jajodia
The goal of steganography is to avoid drawing suspicion to the transmission of a hidden message. If suspicion is raised, then this goal is defeated. Discovering and rendering useless such covert...
Steganalysis: The Investigation of Hidden Information (1998)
Neil Johnson And, Neil F. Johnson, Sushil Jajodia
The goal of steganography is to avoid drawing suspicion to the transmission of a hidden message. If suspicion is raised, then this goal is defeated. Discovering and rendering useless such covert...
Exploring Steganography: Seeing the Unseen (1998)
Neil F. Johnson, Sushil Jajodia, George Mason
this article we discuss image files and how to hide
Steganalysis: The Investigation of Hidden Information (1998)
Neil F. Johnson, Sushil Jajodia
The goal of steganography is to avoid drawing suspicion to the transmission of a hidden message. If suspicion is raised, then this goal is defeated. Discovering and rendering useless such covert...
Mining Temporal Relationships with Multiple Granularities in Time Sequences (1998)
Claudio Bettini, X. Sean Wang, Sushil Jajodia
This paper reports the progress in this front. A more detailed study can be found in [4]. In this paper, we focus on algorithms for discovering sequential relationships when a rough pattern of...
Abstraction-Based Misuse Detection: High-Level Specifications and Adaptable Strategies (1998)
Jia-ling Lin, X. Sean Wang, Sushil Jajodia
ion-Based Misuse Detection: High-Level Specifications and Adaptable Strategies Jia-Ling Lin, X. Sean Wang, Sushil Jajodia Center for Secure Information Systems George Mason University, Fairfax, VA...
Application-Level Isolation to Cope With Malicious Database Users (1998)
Sushil Jajodia, Peng Liu, Catherine D. Mccollum
System protection mechanisms such as access controls can be fooled by authorized but malicious users, masqueraders, and misfeasors. Intrusion detection techniques are therefore used to supplement...
ASEP: A Secure and Flexible Commit (1998)
Protocol For Mls, Indrajit Ray, Luigi V. Mancini, Sushil Jajodia, Senior Member, Elisa Bertino
this article, please send e-mail to: tkde@computer.org, and reference IEEECS Log Number 104383
Implementing semantic-based decomposition of transaction (1997)
Sushil Jajodia, Indrakshi Ray, Paul Ammann
Abstract. In some database applications, performance requirements are not satisfied by the traditional approach of serializability, in which transactions appear to execute atomically and in isolation...
Applying formal methods to semantic-based decomposition of transactions (1997)
Paul Ammann, Sushil Jajodia, Indrakshi Ray
In some database applications the traditional approach of serializability, in which transactions appear to execute atomically and in isolation on a consistent database state, fails to satisfy...
Applying formal methods to semantic-based decomposition of transactions (1997)
Paul Ammann, Sushil Jajodia, Indrakshi Ray
In some important database applications, performance requirements are not satisfied by the traditional approach of serializability, in which transactions appear to execute atomically and in isolation...
An Adaptive Data Replication Algorithm (1997)
Ouri Wolfson, Sushil Jajodia, Yixiu Huang
This paper addresses the performance of distributed database systems. Specifically, we present an algorithm for dynamic replication of an object in distributed systems. The algorithm is adaptive in...
Satisfiability of Quantitative Temporal (1997)
Constraints With Multiple, Claudio Bettini, X. Sean Wang, Sushil Jajodia
Most work on temporal constraints has ignored the subtleties involved in dealing with multiple time granularities. This paper considers a constraint satisfaction problem (CSP) where binary...
Providing Flexibility in Information Flow Control for Object-Oriented Systems (1997)
Elena Ferrari, Pierangela Samarati, Elisa Bertino, Sushil Jajodia
This paper presents an approach to control information flow in object-oriented systems that takes into account, besides authorizations on objects, also how the information has been obtained and/or...
A Unified Framework for Enforcing Multiple Access Control Policies (1997)
Sushil Jajodia, Pierangela Samarati, V. S. Subrahmanian, Elisa Bertino
Although several access control policies can be devised for controlling access to information, all existing authorization models, and the corresponding enforcement mechanisms, are based on a specific...
Logical Design for Temporal Databases with Multiple Temporal Types (1997)
X. Sean Wang, Claudio Bettini, Alexander Brodsky, Sushil Jajodia
The purpose of good database logical design is to eliminate data redundancy and insertion and deletion anomalies. In order to achieve this objective for temporal databases, the notions of temporal...
An Architecture for Supporting Interoperability among Temporal Databases (1997)
Claudio Bettini, X. Sean Wang, Sushil Jajodia
. A significant property of temporal data is their richness of semantics. Although several temporal data models and query languages have been designed specifically to handle the temporal data, users...
A Logical Language for Expressing Authorizations (1997)
Sushil Jajodia Center, Sushil Jajodia, Pierangela Samarati, V. S. Subrahmanian
A major drawback of existing access control systems is that they have all been developed with a specific access control policy in mind. This means that all protection requirements (i.e., accesses to...
Surviving Information Warfare Attacks on Databases (1997)
Paul Ammann, Sushil Jajodia, Catherine D. Mccollum, Barbara T. Blaustein
We consider the problem of surviving information warfare attacks on databases. We adopt a fault tolerance approach to the different phases of an attack. To maintain precise information about the...
A Logical Language for Expressing Authorizations (1997)
Sushil Jajodia, Pierangela Samarati, V. S. Subrahmanian
A major drawback of existing access control systems is that they have all been developed with a specific access control policy in mind. This means that all protection requirements (i.e., accesses to...
Redistributing Secret Shares to New Access Structures and Its Applications (1997)
Proactive secret sharing deals with refreshing secret shares, i.e., redistributing the shares of a secret to the original access structure. In this paper we focus on the general problem of...
Logical Design for Temporal Databases with Multiple Granularities (1997)
X. Sean Wang, Claudio Bettini, Alexander Broadsky, Sushil Jajodia, Name Sushil Jajodia
ing with credit is permitted. To copy otherwise, to republish, to Post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications...
Satisfiability of Quantitative Temporal Constraints with Multiple Granularities (1997)
Claudio Bettini, X. Sean Wang, Sushil Jajodia
Most work on temporal constraints has ignored the subtleties involved in dealing with multiple time granularities. This paper considers a constraint satisfaction problem (CSP) where binary...
Multilevel Secure Transaction Processing: Status and Prospects (1997)
Vijayalakshmi Atluri, Sushil Jajodia, Thomas F. Keefe, Catherine McCollum, Ravi Mukkamala
Since 1990, transaction processing in multilevel secure database management systems (DBMSs) has been receiving a great deal of attention from the database research community. Transaction processing...
Redistributing Secret Shares to New Access Structures and Its Applications (1997)
Proactive secret sharing deals with refreshing secret shares, i.e., redistributing the shares of a secret to the original access structure. In this paper we focus on the general problem of...
Logical design for temporal databases with multiple granularities (1997)
X. Sean Wang, Alexander Brodsky, Sushil Jajodia
The purpose of good database logical design is to eliminate data redundancy and insertion and deletion anomalies. In order to achieve this objective for temporal databases, the notions of temporal...
Applying formal methods to semantic-based decomposition of transactions (1997)
Paul Ammann, Sushil Jajodia, Indrakshi Ray
In some database applications the traditional approach of serializability, in which transactions appear to execute atomically and in isolation on a consistent database state, fails to satisfy...
Applying formal methods to semantic-based decomposition of transactions (1997)
Paul Ammann, Sushil Jajodia, Indrakshi Ray Z
In some important database applications, performance requirements are not sat-is ed by the traditional approach of serializability, in which transactions appear to execute atomically and in isolation...
Acting Chief, Partnerships and Processes ACKNOWLEDGMENTS (1996)
This report is the third of five companion documents to the Trusted Database Management System
Acting Chief, Partnerships and Processes ACKNOWLEDGMENTS (1996)
This report is the third of five companion documents to the Trusted Database Management System
Secure Locking Protocols for Multilevel Database Management Systems (1996)
Sushil Jajodia, Luigi V. Mancini, Indrajit Ray
While there are several secure concurrency control protocols for multilevel database management systems, most of them employ timestamp ordering or multiple versions of data or a hybrid protocol that...
An Advanced Commit Protocol for MLS Distributed Database Systems (1996)
Indrajit Ray, Elisa Bertino, Sushil Jajodia, Luigi Mancini
The classical Early Prepare commit protocol (EP), used in many commercial systems, is not suitable for use in multilevel secure distributed database systems that employ a locking protocol for...
An Advanced Commit Protocol for MLS Distributed Database Systems (1996)
Indrajit Ray, Elisa Bertino, Sushil Jajodia, Luigi Mancini
The classical Early Prepare commit protocol (EP), used in many commercial systems, is not suitable for use in multilevel secure distributed database systems that employ a locking protocol for...
Supporting Multiple Access Control Policies in Database Systems (1996)
Elisa Bertino, Sushil Jajodia, Pierangela Samarati
Although there are several choices of policies for protection of information, access control models have been developed for a fixed set pre-defined access control policies that are then built into...
Secure Mediated Databases (1996)
Candan Sushil Jajodia, K. S. Candan, Sushil Jajodia, V. S. Subrahmanian
With the evolution of the information superhighway, there is now an immense amount of information available in a wide variety of databases. Furthermore, users often have the ability to access legacy...
Secure Mediated Databases (1996)
K. S. Candan, Sushil Jajodia, V. S. Subrahmanian
With the evolution of the information superhighway, there is now an immense amount of information available in a wide variety of databases. Furthermore, users often have the ability to access legacy...
Claudio Bettini, X. Sean Wang, Sushil Jajodia
) Claudio Bettini Dept. of Computer Science (DSI) University of Milan via Comelico 39, 20135 Milan, Italy bettini@dsi.unimi.it X. Sean Wang, Sushil Jajodia Dept. of Info.& Software Systems Eng....
Extend Ed, Claudio Bettini, X. Sean Wang, Sushil Jajodia
) Claudio Bettini Dept. of Computer Science (DSI) University of Milan via Comelico 39, 20135 Milan, Italy bettini@dsi.unimi.it X. Sean Wang, Sushil Jajodia Dept. of Info.& Software Systems Eng....
Secure Mediated Databases (1996)
Candan Sushil, K. S. Candan, Sushil Jajodia, V. S. Subrahmanian
With the evolution of the information superhighway, there is now an immense amount of information available in a wide variety of databases. Furthermore, users often have the ability to access legacy...
A General Framework and Reasoning Models for Time Granularity (1996)
Claudio Bettini, X. Sean Wang, Sushil Jajodia
This paper presents a general framework to define time granularity systems. We identify the main choices differentiating the systems and investigate the formal relationships among granularities in...
Ensuring Atomicity of Multilevel Transactions (1996)
Paul Ammann, Sushil Jajodia, Indrakshi Ray
Ensuring atomicity is a major outstanding problem with present methods of handling multilevel transactions. The chief difficulty is that a high section of a transaction may be unable to complete due...
Globally consistent event ordering in one-directional distributed environments (1996)
Paul Ammann, Sushil Jajodia, Phyllis Frankl Z
We consider communication structures for event ordering algorithms in distributed environments where information ows only in one direction. Example applications are multilevel security and...
Information security : an integrated collection of essays (1995)
Abrams, Marshall D. (ed.), Jajodia, Sushil (ed.), Podell, Harold J. (ed.)
Incluye índice
Abrams, Marshall D. (ed.), Jajodia, Sushil (ed.), Podell, Harold J. (ed.)
Incluye índice
Using formal methods to reason about semantics-based decomposition of transactions (1995)
Paul Ammann, Sushil Jajodia, Indrakshi Ray
Many researchers have investigated the process of decomposing transactions into smaller pieces to increase concurrency. The research typically focuses on implementinga decomposition supplied by the...
Orange Locking: Channel-Free Database Concurrency Control Via Locking (1995)
John Mcdermott And, John Mcdermott, Sushil Jajodia
The concurrency control lock (e.g. file lock, table lock) has long been used as a canonical example of a covert channel in a database system. Locking is a fundamental concurrency control technique...
Temporal Semantic Assumptions and Their Use in Database Query Evaluation (1995)
Claudio Bettini, X. Sean Wang, Sushil Jajodia
Temporal data explicitly stored in a temporal database are often associated with certain semantic assumptions. Each assumption can be viewed as a way of deriving implicit information from the...
Orange Locking: Channel-Free Database Concurrency Control Via Locking (1995)
John McDermott, Sushil Jajodia
The concurrency control lock (e.g. file lock, table lock) has long been used as a canonical example of a covert channel in a database system. Locking is a fundamental concurrency control technique...
For Relational Databases, Elisa Bertino, Pierangela Samarati, Sushil Jajodia, Senior Member
We propose two extensions to the authorization model for relational databases defined originally by Griffiths and Wade.
Temporal Modules: An Approach Toward Federated Temporal Databases (1993)
X. Sean Wang, Sushil Jajodia, V. S. Subrahmanian
In a federated database environment, different constituents of the federation may use different temporal models or physical representations for temporal information. This paper introduces a new...
Referential Integrity in Multilevel Secure Databases (1993)
Ravi S. Sandhu, Ravi S. S, Sushil Jajodia
This paper studies referential integrityinmultilevel relations with element-level labeling. Our principal contribution is resolution of an impasse left by previous work in this area. We show that the...
Oliver Costich Sushil, Sushil Jajodia
In most models of trusted database systems, transactions are considered to be single-level subjects. As a consequence, users are denied the ability to execute some transactions which can be run on...
Temporal Modules: An Approach Toward Federated Temporal Databases (1993)
X. Sean Wang, Sushil Jajodia, V. S. Subrahmanian
In a federated database environment, different constituents of the federation may use different temporal models or physical representations for the temporal information. This paper introduces a new...
Referential Integrity In Multilevel Secure Databases (1993)
Ravi S. Sandhu, Ravi S. S, Sushil Jajodia
This paper studies referential integrity in multilevel relations with element-level labeling. Our principal contribution is resolution of an impasse left by previous work in this area. We show that...
Oliver Costich, Sushil Jajodia
In most models of trusted database systems, transactions are considered to be single-level subjects. As a consequence, users are denied the ability to execute some transactions which can be run on...
Polyinstantiation for Cover Stories (1992)
Ravi S. Sandhu, Ravi S. S, Sushil Jajodia
. In this paper we study the use of polyinstantiation, for the purpose of implementing cover stories in multilevel secure relational database systems. We de#ne a particular semantics for...
An Algorithm for Dynamic Data Distribution (1992)
this paper we propose a practical algorithm, called Dynamic-Data-Allocation (DDA), that changes the replication scheme of an object (i.e. the processors which store a replica of the object)...
Polyinstantiation for Cover Stories (1992)
Ravi S. Sandhu, Ravi S. S, Sushil Jajodia
. In this paper we study the use of polyinstantiation, for the purpose of implementing cover stories in multilevel secure relational database systems. We define a particular semantics for...
Enforcing Primary Key Requirements in Multilevel Relations (1991)
The notion of a primary key is considered a fundamental concept in the classical (single-level) relational model. For example, it forms the basis for several normal forms and is used when the...
Toward a multilevel secure relational data model (1991)
Although there are several e orts underway to build multilevel secure relational database management systems, there is no clear consensus regarding what a multilevel secure relational data model...
Supporting Timing-Channel Free Computations In Multilevel Secure Object-Oriented Databases (1991)
Ravi S. Sandhu, Ravi S. S, Roshan Thomas, Sushil Jajodia
In an earlier paper #3#, Jajodia and Kogan proposed a message #lter approach to enforcing mandatory securityinmultilevel object-oriented databases. The key idea in the message #lter model is that all...
A Novel Decomposition of Multilevel Relations Into Single-Level Relations (1991)
Sushil Jajodia, Ravi Sandhu, Ravi S
In this paper we give a new decomposition algorithm that breaks a multilevel relation into single-level relations and a new recovery algorithm which reconstructs the original multilevel relation from...
Honest Databases That Can Keep Secrets (1991)
Ravi S. Sandhu, Ravi S. S, Sushil Jajodia
Polyinstantiation has generated a great deal of controversy lately. Some have argued that polyinstantiation and integrity are fundamentally incompatible, and have proposed alternatives to...
A Secure Kernelized Architecture for Multilevel Object-Oriented Databases (1991)
Ravi Sandhu, Ravi S, Roshan Thomas, Sushil Jajodia
We present a secure kernelized architecture for multilevel object-oriented database management systems. Our architecture is based on the notion of a message #lter proposed by Jajodia and Kogan. It...
Honest Databases That Can Keep Secrets (1991)
Ravi Sandhu, Ravi S. S, Sushil Jajodia
Polyinstantiation has generated a great deal of controversy lately. Some have argued that polyinstantiation and integrity are fundamentally incompatible, and have proposed alternatives to...
Enforcing Primary Key Requirements in Multilevel Relations (1991)
Sushil Jajodia, Ravi S. Sandhu, Ravi S. S
this paper, we take another step along this direction, and examine ways to preserve primary key requirements in multilevel relations. Of course, any solution we give will have to be secure and free...
A Secure Kernelized Architecture for Multilevel Object-Oriented Databases (1991)
Ravi Sandhu, Ravi S, Roshan Thomas, Sushil Jajodia
We present a secure kernelized architecture for multilevel object-oriented database management systems. Our architecture is based on the notion of a message filter proposed by Jajodia and Kogan. It...
A Novel Decomposition of Multilevel Relations Into Single-Level Relations (1991)
Sushil Jajodia, Ravi Sandhu, Ravi S
In this paper we give a new decomposition algorithm that breaks a multilevel relation into single-level relations and a new recovery algorithm which reconstructs the original multilevel relation from...
Toward a Multilevel Secure Relational Data Model (1991)
Although there are several efforts underway to build multilevel secure relational database management systems, there is no clear consensus regarding what a multilevel secure relational data model...
Supporting Timing-Channel Free Computations In Multilevel Secure Object-Oriented Databases (1991)
Ravi S. Sandhu, Ravi S. S, Roshan Thomas, Sushil Jajodia
In an earlier paper [3], Jajodia and Kogan proposed a message filter approach to enforcing mandatory security in multilevel object-oriented databases. The key idea in the message filter model is that...
Integrity Principles and Mechanisms in Database Management Systems (1991)
Our objective in this paper is to answer the following question: what mechanisms are required in a general-purpose multiuser database management system (DBMS) to facilitate the integrity objectives...
3rd International Conference on Entity-relationship Approach (1990)
Davis, Carl G, Jajodia, Sushil, Ng, Peter Ann Beng, Yeh, Raymond Tzau Yau
Transaction processing in multilevel-secure databases using replicated architecture (1990)
Elisa Bertino, Sushil Jajodia, Luigi Mancini, Indrajit Ray
b;4
Integrity Mechanisms in Database Management Systems (1990)
Ravi Sandhu, Ravi S, Sushil Jajodia
Our goal in this paper is to answer the following question: what mechanisms are required in a general-purpose multiuser database management system (DBMS) to facilitate the integrity objectives of...
Restricted Polyinstantiation or How to Close Signaling Channels Without Duplicity (1990)
Ravi Sandhu, Ravi S, Sushil Jajodia
.We dispel the mistaken notion that polyinstantiation in multilevel secure databases amounts to lying and#or instilling confusion about the #true" values of data. On the contrary we show it is...
Update Semantics for Multilevel Relations (1990)
Sushil Jajodia, Ravi Sandhu, Edgar Sibley
In this paper we give a formal operational semantics for update operations on multilevel relations, i.e., relations in which individual data elements are classi#ed at di#erent levels. For this...
Integrity Mechanisms In Database Management Systems (1990)
Ravi Sandhu, Ravi S, Sushil Jajodia
. Our goal in this paper is to answer the following question: what mechanisms are required in a general-purpose multiuser database management system (DBMS) to facilitate the integrity objectives of...
Polyinstantiation Integrity In Multilevel Relations (1990)
. Polyinstantiation integrity (PI) as defined in the SeaView multilevel relational data model consists of a functional dependency component and a multivalued dependency component. We show that the...
Update Semantics for Multilevel Relations (1990)
Sushil Jajodia, Ravi S, Edgar Sibley
In this paper we give a formal operational semantics for update operations on multilevel relations, i.e., relations in which individual data elements are classified at different levels. For this...
A New Polyinstantiation Integrity Constraint For Multilevel Relations (1990)
Ravi Sandhu, Sushil Jajodia, Teresa Lunt
We propose a new polyinstantiation integrity constraint for multilevel relations based on the intuitive idea that every entity in a relation can have at most one tuple for every access class. We...
Restricted Polyinstantiation or How to Close Signaling Channels Without Duplicity (1990)
. We dispel the mistaken notion that polyinstantiation in multilevel secure databases amounts to lying and/or instilling confusion about the "true" values of data. On the contrary we show...
A Formal Framework for Single Level Decomposition of Multilevel Relations (1990)
In this paper, we consider multilevel relations in which security classifications are assigned at the granularity of individual data elements. Usually these multilevel relations exist only at the...
This article emphasizes that though prevention and detection get much attention but recovery is also an equally important phase of information warfare defense. Prevention is just one phase of...
This article emphasizes that though prevention and detection get much attention but recovery is also an equally important phase of information warfare defense. Prevention is just one phase of...
A Theoretical Formulation for Degrees of Isolation in Databases
Vijayalakshmi Atluri, Elisa Bertino, Sushil Jajodia
Although isolation is one of the desirable properties, most commercial database management systems do not provide complete isolation to transactions. They offer different degrees---0, 1, 2, or 3---of...