Trust management with confidentiality for data sharing, ERBAC for secure data warehouse, ERP.

摘要

My thesis consists of two different research topics. My first part of the thesis deals with the development of trust management techniques without disclosing confidential information. The objective of the project is to simulate a peer to peer communication network in which each system acts as a software agent. Each agent as a set of information with it and the aim of the simulation is to gather as much as information possible from the other agents in the network co-existing in the same session. The agents start to collect the information related to that of they already have in their database. The information has three things linked with it. Data, Token number of the message which is in sequential order provides more information, Domain level of the data which shows the access level of the data. There can be multiple copies of the information in the network. The combination of data and token number for any information is unique. The domain levels various in different users. They collect and share information through neighbors and maintain a trust table for the all the agents in the session. The trust level is stored in the history, if the same agent comes in contact in the future session the trust level from the previous sessions are loaded. The agents increase the trust additively for any new or correct information, if they find any discrepancy in the information which can be found by the multiple copies existing in different agents or the mismatch in the token number and data combination the trust level of that corresponding agent is reduced. This goes on until the session ends or any agent collects all information required. The end of the simulation gives the amount of information gained and lost in each session.; The second part of the research deals with finding the issues in designing and building a secure data warehouse. The research clearly finds out the security issues, discusses the technologies available in designing secure data warehouses, the design steps involved and their issues and advantages. The main objective of the research is to design a security component for data warehouse. The design phase discusses the existing Role based access control techniques which are used by most of the existing data management systems. Finds the issues in RBAC, Defines a unified framework which unites RBAC and usage control (UCON) proposed as Extended Role based access controls. The research includes simulation of an inventory system with ERBAC implemented which show cases all possible advantages. The second part of the project also includes a research in implementing the above proposed ERBAC into an Enterprise wide system which is similar to that of a data warehouse. The project also illustrates the advantages of the ERBAC component in an Enterprise wide system.