Nurit Gal-Oz

Security Issues in NoSQL Databases

applications has created the need to store large amount of data in distributed databases that provide high availability and scalability. In recent years, a growing number of companies have adopted various types of non-relational databases, commonly referred to as NoSQL databases, and as the applications they serve emerge, they gain extensive market interest. These new database systems are not relational by definition and therefore they do not support full SQL functionality. Moreover, as opposed to relational databases they trade consistency and security for performance and scalability. As increasingly sensitive data is being stored in NoSQL databases, security issues become growing concerns. This paper reviews two of the most popular NoSQL databases (Cassandra and MongoDB) and outlines their main security features and problems.

A Robust and Knot-Aware Trust-Based Reputation Model

Virtual communities become more and more heterogeneous as their scale increases. This implies that, rather than being a single, homogeneous community, they become a collection of knots (or sub-communities) of users. For the computation of a member’s reputation to be useful, the system must therefore identify the community knot to which this member belongs and to interpret its reputation data correctly. Unfortunately, to the best of our knowledge existing trust-based reputation models treat a community as a single entity and do not explicitly address this issue. In this paper, we introduce the knot-aware trust-based reputation model for large-scale virtual communities. We define a knot as a group of community members having overall “strong” trust relations between them. Different knots typically represent different view points and preferences. It is therefore plausible that the reputation of the same member in different knots assign may differ significantly. Using our knot-aware approach, we can deal with heterogeneous communities where a member’s reputation may be distributed in a multi modal manner. As we show, an interesting and beneficial feature of our knot-aware model is that it naturally prevents malicious attempts to bias community members’ reputation. Nurit Gal-Oz Deutsche Telekom Laboratories at Ben-Gurion University, Beer-Sheva, 84105, Israel, e-mail: galoz@cs.bgu.ac.il Ehud Gudes Deutsche Telekom Laboratories at Ben-Gurion University, Beer-Sheva, 84105, Israel, e-mail: ehud@cs.bgu.ac.il Danny Hendler Deutsche Telekom Laboratories at Ben-Gurion University, Beer-Sheva, 84105, Israel, e-mail: hendlerd@cs.bgu.ac.il

CCR: A Model for Sharing Reputation Knowledge Across Virtual Communities

Information sharing is a key objective in the age of Internet and virtual communities. Reputation information is an important part of a user’s identity and is both a sensitive and desired data for communities to share. At the same time, a reputation that a user has gained at some point in time can leverage her state in new communities. Communities use various trust and reputation models to compute the internal reputation of their members and each model may represent and quantify reputation in different manners. This paper introduces the Cross-Community Reputation (CCR) model that enables to bridge the gap between communities. The CCR model identifies the fundamental terms required for a meaningful sharing of reputation information among communities and proposes means to make them feasible. The model describes the actions taken in response to a request for CCR in three major stages – evaluation of reconditions, conversion of reputation values, and the matching of reputation attributes. The CCR model inherently supports policies specified by both communities and users.

Mining roles from web application usage patterns

Role mining refers to the problem of discovering an optimal set of roles from existing user permissions. In most role mining algorithms, the full set of user-permission assignments (UPA) is given as input. The challenge we are facing in the current paper is mining roles from actual web-application usage information. This information is collected by monitoring the access of users to application during a period of time. We analyze the actual permissions required to access the application in each users session, and construct a set of user-permission assignments, which result in an incomplete UPA. We propose an algorithm that uses the session permission information to overcome the deficient data. We show by example how each step of the algorithm overcomes by heuristic instances of higher uncertainty. We demonstrate by simulation the efficiency of our algorithm in handling different levels of deficient data.

TRIC: An Infrastructure for Trust and Reputation Across Virtual Communities

Virtual communities are gradually becoming an inherent part of modern life. Trust and reputation systems, which are considered key enablers of virtual communities, These systems support the accumulation of member reputation information and leverage this information to increase the likelihood of successful member interactions and to better protect the community from fraudulent members. Reputation information is an important part of a user’s identity, which makes this data both sensitive and desired for communities to share. Reputation sharing is also motivated by the individual user that can leverage her state in new communities using the reputation she gained in others. In previous work we have presented the Cross-Community Reputation (CCR) model for sharing reputation knowledge among communities. The CCR model identifies the fundamental terms required for a meaningful sharing of reputation information among communities and proposes means to make the information sharing feasible. This paper presents the TRIC infrastructure for enabling CCR systems. The major concerns of TRIC are to protect the user’s rights for privacy and control over her data and to draw some architecture guidelines that can be implemented in more than one way. We explain the major components required for this type of infrastructure and discuss known design alternatives and their tradeoffs in the case of TRIC.

CAMLS: a constraint-based apriori algorithm for mining long sequences

Mining sequential patterns is a key objective in the field of data mining due to its wide range of applications. Given a database of sequences, the challenge is to identify patterns which appear frequently in different sequences. Well known algorithms have proved to be efficient, however these algorithms do not perform well when mining databases that have long frequent sequences. We present CAMLS, Constraint-based Apriori Mining of Long Sequences, an efficient algorithm for mining long sequential patterns under constraints. CAMLS is based on the apriori property and consists of two phases, event-wise and sequence-wise, which employ an iterative process of candidate-generation followed by frequency-testing. The separation into these two phases allows us to: (i) introduce a novel candidate pruning strategy that increases the efficiency of the mining process and (ii) easily incorporate considerations of intra-event and inter-event constraints. Experiments on both synthetic and real datasets show that CAMLS outperforms previous algorithms when mining long sequences.

Schemes for Privately Computing Trust and Reputation

Trust and Reputation systems in distributed environments attain widespread interest as online communities are becoming an inherent part of the daily routine of Internet users. Several models for Trust and Reputation have been suggested recently, among them the Knots model [8]. The Knots model provides a member of a community with a method to compute the reputation of other community members. Reputation in this model is subjective and tailored to the taste and choices of the computing member and those members that have similar views, i.e. the computing member’s Trust-Set. A discussion on privately computing trust in the Knots model appears in [16]. The present paper extends and improves [16] by presenting three efficient and private protocols to compute trust in trust based reputation systems that use any trust-sets based model. The protocols in the paper are rigorously proved to be private against a semi-honest adversary given standard assumptions on the existence of an homomorphic, semantically secure, public key encryption system. The protocols are analyzed and compared in terms of their privacy characteristics and communication complexity.

Privacy issues with sharing reputation across virtual communities

This paper outlines the privacy concerns in the Cross-Community Reputation (CCR) model for sharing reputation knowledge across communities. These privacy concerns are discussed and modeled, and a policy-based approach that copes with them is presented.

Identifying Knots of Trust in Virtual Communities

Knots of trust are groups of community members having overall “strong” trust relations between them. In previous work we introduced the knot aware trust based reputation model. According to this model, in order to provide a member with reputation information relative to her viewpoint, the system must identify the knot to which that member belongs and interpret its reputation data correctly. In the current paper we present the problem of identifying knots which is modeled as a graph clustering problem, where vertices correspond to individuals and edges describe trust relationships between them. We propose a new perspective for clustering that reflects the subjective idea of trust and the nature of the community. A class of weight functions is suggested for assigning edge weights and their impact on the stability and strength of knots is demonstrated. Finally we show the efficiency of knots of high quality for providing their members with relevant reputation information.

Sharing-habits based privacy control in social networks

We study users behavior in online social networks (OSN) as a means to preserve privacy. People widely use OSN for a variety of objectives and fields, like updating their profiles and shared media, browsing the internet for social or professional interactions, or reacting to friends shared data. Each OSN has different characteristics, requirements, and vulnerabilities of the private data shared. Sharing-habits refers to users’ patterns of sharing information. Sharing-habits are implied by the communication between users and their peers. While social networks allow users to have some control over the dissemination of their information, most users are not aware that the private information they share might leak to users with whom they do not wish to share it. Most access control models define access rules in terms of the degree of relationship required to access ones data. These rules are not refined enough to allow for dynamic denial of content from certain peers of the community. In this thesis we address the growing need of social network users to share information with close fiends while hiding it from others. We apply several different well-known strategies from graph-flow theory to an OSN graph with sharing-habits insights, to control the information flow among OSN users. The goal of the method we present is to allow maximum information sharing while enforcing a user’s pre-defined privacy criteria. We analyze the user’s community within a predefined distance, and enable the user to define the required privacy level for each shared information. The user can define with whom he would like to share the entire shared information, what would be the maximum fraction of data he is willing to share with undesired recipients, and what would be the minimum percentage amount he is willing to avoid from his community acquaintances, in order to achieve maximum privacy level. Our method is evaluated using partial real data from well known social networks and the results are analyzed in terms of correctness and run-time.