SLIDE 1
Security requires a particular mindset. Security professionals
- - at least the good ones -- see the world differently.
-- at least the good ones -- see the world differently. They can't - - PowerPoint PPT Presentation
-- at least the good ones -- see the world differently. They can't - - PowerPoint PPT Presentation
Security requires a particular mindset. Security professionals -- at least the good ones -- see the world differently. They can't walk into a store without noticing how they might shoplift. They can't use a computer without wondering about the
SLIDE 2
SLIDE 3
It seems easy
- “How hard can it be”
Hard
rd to test
- Working implementations don‟t mean a lot
Moving Target
- Attack Technologies advance. What is secure today may be
completely inappropriate tomorrow
Subtle issues
- Security „bugs‟ can be extremely subtle
Interaction of various complex subsystems
- Hard enough to get to right without an attacker
Multi- disciplinary
- Need to take into account user actions, economics
If you fail, really bad things can happen
SLIDE 4
SLIDE 5
The Economist, Sept. 2011
SLIDE 6
Successful “Anonymous” attacks in 2011
- Fine Gael Website, Government of Tunesia, National
Democratic Party Egypt, HBGary Federal, Westborrow babtist church, Sony, …
- Most of these where „simple‟ attacks on well known
weaknesses
SLIDE 7
It seems easy
- “How hard can it be”
Hard to test
- Working implementations don‟t mean a lot
Moving
ving Targe get
- Att
ttack ack Techn chnolo logi gies es advance.
- vance. What is secu
cure e to today y may be completel
- mpletely
y inappropr ppropriat iate e tomor morrow row
Subtle issues
- Security „bugs‟ can be extremely subtle
Interaction of various complex subsystems
- Hard enough to get to right without an attacker
Multi- disciplinary
- Need to take into account user actions, economics
If you fail, really bad things can happen
SLIDE 8
Standard Privacy approach (EU Directive 95/46/EC) Separate all personal identifiable information from the data. Now the data is considered save to use. Approach:
- Anonymise everything possible
- Get user consent for everything else
- Implement strict controls inside the companies
- Tough contracts with third parties
SLIDE 9
Netflix: online movie rental service In October 2006, released real movie ratings of
500,000 subscribers
- 10% of all Netflix users as of late 2005
- Names removed
- Information may be perturbed
- Numerical ratings as well as dates
- Average user rated over 200 movies
Task is to predict how a user will rate a movie
- Beat Netflix’s algorithm (called Cinematch) by 10%
- You get 1 million dollars
SLIDE 10
Most popular movie
rated by almost half the users!
Least popular: 4 users Most users rank movies
- utside top
100/500/1000
SLIDE 11
1 3 2 5 4 1 2 3 2 4
SLIDE 12
Extremely noisy, some data missing Most IMDb users are not in the Netflix dataset Here is what we learn from the Netflix record of
- ne IMDb user (not in his IMDb profile)
SLIDE 13
Fat Tail effect helps here: most people watch obscure movies (really!) Average subscriber has 214 dated ratings Two is enough to reduce to 8 candidate
records
Four is enough to identify uniquely (on
average)
Works even better with relatively rare ratings
“The Astro-Zombies” rather than “Star Wars”
SLIDE 14
It seems easy
- “How hard can it be”
Hard to test
- Working implementations don‟t mean a lot
Moving Target
- Attack Technologies advance. What is secure today may be
completely inappropriate tomorrow
Su
Subtle tle issue ues
- Security „bugs‟ can be extremely subtle
Interaction of various complex subsystems
- Hard enough to get to right without an attacker
Multi- disciplinary
- Need to take into account user actions, economics
If you fail, really bad things can happen
SLIDE 15
Example: “Using Memory Errors to Attack a Virtual Machine”
- S. Govindavajhala, A. Appel, 2003
If you don‟t know about those attacks, you won‟t defend against them.
SLIDE 16
It seems easy
- “How hard can it be”
Hard to test
- Working implementations don‟t mean a lot
Moving Target
- Attack Technologies advance. What is secure today may be
completely inappropriate tomorrow
Subtle issues
- Security „bugs‟ can be extremely subtle
Interac
eraction tion of va vario ious s compl plex ex subsystem systems
- Hard enough
- ugh to get to right witho
thout ut an attack cker
Multi- disciplinary
- Need to take into account user actions, economics
If you fail, really bad things can happen
SLIDE 17
Ariane Flight 501 London Ambulance Disaster
SLIDE 18
It seems easy
- “How hard can it be”
Hard to test
- Working implementations don‟t mean a lot
Moving Target
- Attack Technologies advance. What is secure today may be
completely inappropriate tomorrow
Subtle issues
- Security „bugs‟ can be extremely subtle
Interaction of various complex subsystems
- Hard enough to get to right without an attacker
Mult
lti- disciplin sciplinary ary
- Need
ed to take into
- acco
count t user actio ions, , econo
- nomic
mics
If you fail, really bad things can happen
SLIDE 19
“What is new, however, the password with which he can be opened, as well as the file open in the network are found. The Friday tried to reconstruct how it came about. By his testimony, Wikileaks founder Julian Assange has passed the password on an undisclosed person of his trust. This person published there, supposedly in the faith, it was only a temporary password. The newspaper writes the password consists of a “phrase” and was “for connoisseurs of matter to identify”. The Asian Sun, 28.9.11
SLIDE 20
Security is never a goal in itselfs, it always
serves another goal.
- Must integrate into business case, economics,
usability, …
Technology alone doesn‟t help.
- Other aspects as procedures, training, incident
response, legal protection, continuity plans, …
Not understanding technology is a road to
failure
- It is the glue between the other blocks. And your