Download Trusted - Piazza

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
Document related concepts
no text concepts found
Transcript 
Lecture 2
CMSC 818J: Privacy enhancing technologies
Logistics
 Piazza?
 Short presentations sign-up
[Recap] Privacy: End-to-End Solution
Users
Devices/
Client-side
software
Network
Cloud platform
Application
(provides computation
and storage)
This Week
 Software architectures that offer data protection from
the ground up
 For cloud services
 On client devices
 A more in-depth overview for the rest of the semester
 Today: the vision, the glue, and the challenges
 Rest of semester: components
[Recap] Cloud computing
 Cloud computing – storage and computation move into the
cloud
[Recap] Paradigm Shift
Today
Future
Cloud Model
User
7
Trust Model
 Applications can be buggy, compromised, or malicious
 Cloud platform may be buggy, compromised or malicious
 including computation and storage provider
 Cloud operators can be nosey or malicious
How can we secure our
data in the cloud?
Why is the problem hard?
 Solution 1: Encrypt data stored in cloud
 How does the cloud compute over your data?
 Fully homomorphic encryption?
 Data mining over multiple users’ data?
 Spam detection, advertising
 Economics
 Tension between privacy and utility
Stake holders
User
Application
provider
Platform
provider
Usability, functionality,
performance
Easy app development,
$$
$$
Cloud Model
User
12
Key Challenges
User
How can we protect our data against
compromised applications?
How can we protect our data
against a compromised computation
provider?
13
How can we protect our data
against a compromised storage
provider?
Roadmap
 Step 1: Assume cloud platform is trusted, how can we secure
against untrusted applications?
 Application confinement
 Information flow control/access control
 Cloud platform is root of trust
 Step 2: How to secure against an untrusted cloud platform?
 Trusted computing and code attestation
 Secure software systems
 Secure storage
Roadmap
 Step 1: Assume cloud platform is trusted, how can we secure
against untrusted applications?
 Application confinement
 Information flow control/access control
 Cloud platform is root of trust
 Step 2: How to secure against an untrusted cloud platform?
 Trusted computing and code attestation
 Secure software systems
 Secure storage
Untrusted Applications: The Threats
Untrusted 3rd-party application
User
Tax filing
app
Trusted computation/storage provider
Untrusted Applications: The Threats
Untrusted 3rd-party application
User
Tax filing
app
Trusted computation/storage provider
Application confinement
User
Tax filing
app
Trusted computation/storage provider
Application confinement
User
Tax filing
app
Trusted computation/storage provider
Access and information flow control
User
Share data with
my doctor
Medical
advisory
app
Trusted computation/storage provider
Access and information flow control
User
Share data with
my friend
Google
docs
Trusted computation/storage provider
Access and information flow control
User
Application
Finance
Readers:
[Alice]
Photos
Work
Medical
[Alice, Bob] [Alice, Charles] [Alice, David]
Trusted computation/storage provider
Pros, cons, and challenges
Pros, cons, and challenges
 Scalability, scalability, scalability!
 Usability
 Economics
 Applicability
 What about data mining applications?
 What about applications and services that call each other (e.g.,
google maps API)
Two Types of Applications
Type 1:
Silo-based applications
Type 2:
Data intelligence
Bob
Recommendations
Traffic advice
Bob’s financial
documents
25
Alice
Bob
Charlie
David
….
Threats for statistical releases
I want information
about Batman’s
whereabouts
Alice
Bob
……
Location Database
Data
mining
Mean, std
Classification
Clustering
Is releasing aggregate statistics safe?
People who bought
also bought
Amazon
Defense: differential privacy, data sanitization
Sealed container
Recommendations
Traffic advice
Alice
Bob
Charlie
……
Platform for Private Data (PPD)
Roadmap
 Step 1: Assume cloud platform is trusted, how can we secure
against untrusted applications?
 Application confinement
 Information flow control/access control
 Cloud platform is root of trust
 Step 2: How to secure against an untrusted cloud platform?
 Trusted computing and code attestation
 Secure software systems
 Secure storage
How can you trust a remote system?
Trusted Platform
Module (TPM)
Code attestation
What code are
you running?
Trusted Platform
Module (TPM)
Here’s a digest
of my code.
Verifier
Bootstrapping Trust Through
Trusted Hardware
Untrusted
components
Cloud Server
Monitor, enforce!
Privacy policy
32
Trusted Platform
Module (TPM)
Privacy
evidence
Securing storage
 Confidentiality
 Encryption
 Integrity checking
 Authenticated data structures
 Hiding access patterns
 Oblivious storage
Support for untrusted storage
backend modules
File system,
DB
Key/value store
Integrity
check
Putting it All Together: Platform for Private Data
Sealed container
Usable API
User
App developer
• Monitor
• Enforce
Privacy policy
TPM
35
Privacy
evidence
User
Apps
Secure data capsules
Privacy
evidence
Isolation
Information
flow control
Data
sanitization
Audit
engine
…
BStore
BStore authors’ slides
BStore discussions: pros, cons,
challenges?
BStore discussions: pros, cons,
challenges?
 Pros:




Users can choose storage provider
Centralizes access control
Centralizes storage security
Lowers bar of entry for small vendors?
 Cons, challenges:




Does not support cross-user sharing
Does not defend against untrusted apps
Should users trust apps to delegate access rights?
Incremental deployment?
Related documents
ASTR2050 Introduction to Astronomy and Astrophysics Studio lab April 1, 2005
ASTR2050 Introduction to Astronomy and Astrophysics Studio lab April 1, 2005
I am a tornado - Santee School District
I am a tornado - Santee School District
1 - OnCourse
1 - OnCourse
Operating System Research Worksheet
Operating System Research Worksheet
Formation of the Solar System
Formation of the Solar System
Weather Vocabulary PowerPoint
Weather Vocabulary PowerPoint
Water cycle crossword
Water cycle crossword
mossberg on cloud
mossberg on cloud
Slides
Slides
Click here to Schedule of Presentation
Click here to Schedule of Presentation
Clouds
Clouds
secure operating system
secure operating system
CLOUD ADOPTION
CLOUD ADOPTION
Designing Trusted Operating Systems Operating Systems
Designing Trusted Operating Systems Operating Systems
Design and Implementation of Security Operating System based on
Design and Implementation of Security Operating System based on
Trusted Hardware
Trusted Hardware
Enhanced Security Models for Operating Systems: A Cryptographic
Enhanced Security Models for Operating Systems: A Cryptographic