cryptographic enforcement of segregation of duty
play

Cryptographic Enforcement of Segregation of Duty , - PowerPoint PPT Presentation

Dec 04, 2022 •359 likes •750 views

Cryptographic Enforcement of Segregation of Duty , old russian proverb rely yet verify 17.11.2015 thomas maus DeepSec 2015 Thomas Maus thomas.maus alumni.uni-karlsruhe.de

  1. Cryptographic Enforcement of Segregation of Duty ● “доверяй, но проверяй” – old russian proverb “ rely yet verify ” 17.11.2015 thomas maus ● DeepSec 2015 ● Thomas Maus ◉ thomas.maus alumni.uni-karlsruhe.de

  2. Introduction ● started with IT 1979 – school experiment ● Computer Science, University of Karlsruhe ◉ study + research ◉ EISS = European Institute of System Security ● 1993: self-employed IT security consultant ● some representive talks: ◉ risk analysis + mgmt (DECUS 2003 + others) 17.11.2015 thomas maus ◉ eHealth (in)security (21C3+22C3, various others) ◉ crypto-analytic password quality measures (various) ◉ RFID (in)security (various) ◉ Tale Telling Timings (various)

  3. Introduction … ● home-town: Trier ◉ situated between Eifel and Hunsrück ◉ low population density ➜ scarce public transport facilities ● hitchhiking? ◉ too dangerous … 17.11.2015 thomas maus

  4. Introduction … ● IT supported + secured hitchhiking? ● objectives: ◉ anonymity as far as possible ◎ at least strong pseudonymity ◎ no tracking ◉ crime prevention + prosecution ◎ mutually verifiable registration status ◎ “on-line” transaction registry 17.11.2015 thomas maus ◎ tracking of missing persons by police + next of kin ◉ coordination + matching of travel opportunities and wishes ◉ integration into public transport system ◎ tickets ◎ payment of transport providers

  5. Introduction … ● school administration SW of federal state ◉ developed by participants of school experiment ◉ i.e. mostly by pupils! ◉ chosen by proven computer versatility ◉ e.g. successful hacking of school computer ;-) ● challenge: ◉ forestall impeachment of pupil programmer's 17.11.2015 thomas maus graduation diploma ◉ build confidence in correctness → reliance

  6. Introductory Conclusions ● multi-lateral security needed ● multiple security dimensions ◉ “classical”: confidentiality+integrity+availability ◉ correctness ◉ verifiability / auditability ◉ separation of duties ◉ non-repudation / proof of volition vs. error 17.11.2015 thomas maus ◉ privacy ◎ transparency + control for subject ◎ non-traceability / data minimization ◎ robustness against inference and extrapolation ◉ …

  7. Example for Illustration: Data Retention ● soft or social Science Fiction ◉ “how a technology could transform a society” ◉ hard science core = cryptography ◎ ¼ century around: public-key cryptography ◎ construct of ideas open for debate ◉ soft socio-political outer shell ◎ fictional stances of society and various personas ◎ only for demonstration purposes 17.11.2015 thomas maus ◎ suspense of disbelief requested

  8. Visualization of Cryptographic Instruments ● asymmetric keys of cyan persona (Alice) ◉ private key ◉ public key ● asymmetric keys of red persona (Bob) ● usage examples ◉ sealed (signed) with red private key content- ⚜ ⚜ ◉ encrypted with cyan public key content 17.11.2015 thomas maus ◉ first sealed, then encrypted content- ⚜ ⚜ ◉ first encrypted, then sealed content ⚜ ⚜ ◉ typically implicit and invisible: symmetric keys ◉ decryption possible by Alice or Bob, with detached seal by Carol content ⚜ ⚜

  9. Our fictitious Society: Dramatis Personae ● civil society ◉ constitutional democracy ◉ politically participating citizens (citoyen) ◉ civil rights organisations ● investigative authorities ◉ police detectives ◉ public prosecutor 17.11.2015 thomas maus ● examining magistrate (=Ermittlungsrichter) ● (federal) privacy commissioner ● telecommunication service providers

  10. Civil Rights Dramatis Personae: Civil Society ● ultimate democratic sovereign ◉ votes + referenda ◉ political parties ◉ NGOs ● objectives ◉ active political participation ◉ protect ◎ 17.11.2015 thomas maus constitutional democracy ◎ fundamental human + civil rights ◉ vigilant about ◎ panopticon effect ◎ correct exercise of office by representatives + officials ◉ crime prevention + prosecution

  11. Dramatis Personae: Investigative Authorities ● obligations ◉ crime investigation for prevention + prosecution ● conflicting interests ◉ fundamental civil rights ◎ privacy of correspondence, posts + telecommunications ◎ privacy of the home ◎ … ● intentions 17.11.2015 thomas maus ◉ tactical secrecy of investigation ◉ earning + keeping public confidence ◉ auditability ◉ exoneration capabilities ● public prosecutor's keys

  12. Dramatis Personae: Examining Magistrate ● obligations ◉ individual decisions within legal framework ◉ crime investigation ↔ fundamental rights ● conflicting interests ◉ enable optimal crime investigation ◉ protect fundamental civil rights ● intentions 17.11.2015 thomas maus ◉ tactical secrecy of investigation ◉ earning + keeping public confidence ◉ auditability ◉ exoneration capabilities ● examining magistrate's keys

  13. ☂ Dramatis Personae: Federal Privacy Commissioner ● obligations ◉ formal control of disclosure requests ◉ official auditing + statistics + reporting ◉ investigation + information in special cases: e.g. medical doctors, lawyers, priests, … ◉ official investigation of complaints ◉ destruction of own private key in certain cases ● intentions 17.11.2015 thomas maus ◉ protection of fundamental rights within statutes ◉ earning + keeping public confidence ● federal privacy commissioner's keys

  14. Dramatis Personae: Telecommunication ✆ Service Providers ● obligations ◉ provide legally required data structures to investigation authorities ● intentions ◉ compliance ◉ minimal involvement ◉ exoneration capabilities 17.11.2015 thomas maus ➜ rapid erasure of cleartext connection data ● telecommunication provider's keys (pars pro toto)

  15. Manifold Imaginable Socio-Political Decisions ● much flexibility needed within framework! ● creative leeway + areas of decisions ◉ initial data for investigation services? ◉ keeper of data? ◉ sequence of workflows? ◉ veto powers? ◉ … 17.11.2015 thomas maus

  16. Initial Data for Investigation Services ● selection of data to be disclosed ● general data structure ◉ “handle” → “opaque protected data” ◉ “handle” = ◎ information freely available to investigators ◎ not perceived as impairing fundamental rights ◉ “opaque protected data” = ◎ information pertaining to fundamental rights 17.11.2015 thomas maus ◎ accessible only via safeguarded procedure ○ crypto-enforced ○ segregation of duty ○ review + control ○ auditability

  17. Initial Data: The “Handle” ● subset of communication data as selector ● example of inappropriate handles ◉ (calling id, precise start time, precise end time) ◉ (called id, precise start time, precise end time) ☢ correlate time stamps → infere speaking parties ● dilution of precision / obscuration of handles! ◉ protection against inference + extrapolation 17.11.2015 thomas maus ◉ balanced with specificity ● example of diluted handles ◉ (calling id, diluted start time, diluted duration) ◉ (called id, diluted start time, diluted duration) ◉ (diluted location, diluted time period)

  18. Initial Data: The “Handle” ● subset of communication data as selector ● example of inappropriate handles ◉ (calling id, precise start time, precise end time) ◉ (called id, precise start time, precise end time) e.g. ☢ correlate time stamps → infere speaking parties ● per minute ● ⌊5 minutes⌋ ● dilution of precision / obscuration of handles! ● ⌊¼ hours⌋ ◉ protection against inference + extrapolation ● … 17.11.2015 thomas maus ◉ balanced with specificity ● depending on time-of-day ● example of diluted handles ◉ (calling id, diluted start time, diluted duration) ◉ (called id, diluted start time, diluted duration) ◉ (diluted location, diluted time period)

  19. Initial Data: The “Handle” ● subset of communication data as selector ● example of inappropriate handles ◉ (calling id, precise start time, precise end time) ◉ (called id, precise start time, precise end time) ☢ correlate time stamps → infere speaking parties e.g. ● dilution of precision / obscuration of handles! ● per minute ◉ protection against inference + extrapolation ● {<1, <2, <3, <5, <10, <15, …} minutes 17.11.2015 thomas maus ◉ balanced with specificity ● example of diluted handles ◉ (calling id, diluted start time, diluted duration) ◉ (called id, diluted start time, diluted duration) ◉ (diluted location, diluted time period)

  20. Initial Data: The “Handle” ● subset of communication data as selector ● example of inappropriate handles ◉ (calling id, precise start time, precise end time) ◉ (called id, precise start time, precise end time) ☢ correlate time stamps → infere speaking parties ● dilution of precision / obscuration of handles! e.g. ◉ protection against inference + extrapolation ● cell base station 17.11.2015 thomas maus ● precinct ◉ balanced with specificity ● geo coord ⌊arc minute⌋ ● example of diluted handles ● … ◉ (calling id, diluted start time, diluted duration) ● depending on area ◉ (called id, diluted start time, diluted duration) ◉ (diluted location, diluted time period)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Specication and Enforcement of Static Specication and Enforcement of Static Separation-of-Duty

Specication and Enforcement of Static Specication and Enforcement of Static Separation-of-Duty

Specication and Enforcement of Static Specication and Enforcement of Static Separation-of-Duty Policies in Usage Control Jianfeng Lu, Ruixuan Li, Zhengding Lu, Ji Jinwei Hu, and Xiaopu Ma i H d Xi M Huazhong University of Science and

625 views • 25 slides
OSHAs General Duty Clause: A Guide to Enforcement &amp; Legal Defenses Adele L. Abrams, Esq.,

OSHAs General Duty Clause: A Guide to Enforcement &amp; Legal Defenses Adele L. Abrams, Esq.,

OSHAs General Duty Clause: A Guide to Enforcement &amp; Legal Defenses Adele L. Abrams, Esq., CMSP Law Office of Adele L. Abrams P.C. www.safety-law.com 301-595-3520 Eastern Office 303-228-2170 Western Office Overview General Duty Clause

642 views • 10 slides
Duty of Candour - introduction The Duty of Candour is a legal duty on hospital, community and

Duty of Candour - introduction The Duty of Candour is a legal duty on hospital, community and

Duty of Candour - introduction The Duty of Candour is a legal duty on hospital, community and mental health trusts to inform and apologise to patients if there have been mistakes in their care that have led to significant harm Duty of

296 views • 10 slides
Simulating Chromosome Segregation Qi Zheng Simulating Chromosome Segregation Qi Zheng

Simulating Chromosome Segregation Qi Zheng Simulating Chromosome Segregation Qi Zheng

High Performance Research Computing Simulating Chromosome Segregation Qi Zheng Simulating Chromosome Segregation Qi Zheng Department of Epidemiology &amp; Biostatistics, Texas A&amp;M University What motivated this study? The

211 views • 10 slides
From randomness to segregation Schelling segregation, Ising models and network cascades George

From randomness to segregation Schelling segregation, Ising models and network cascades George

From randomness to segregation Schelling segregation, Ising models and network cascades George Barmpalias (Chinese Academy of Sciences) Richard Elwes (University of Leeds) Andy Lewis-Pye (London School of Economics) 1 More than two millennia ago,

800 views • 40 slides
Hammond and Axelrods model is not useful for studying ethnocentrism The Segregation Model

Hammond and Axelrods model is not useful for studying ethnocentrism The Segregation Model

Fredrik Jansson Hammond and Axelrods model is not useful for studying ethnocentrism The Segregation Model Schelling 1971 ncase.me/polygons The Segregation Model The Segregation Model The Dissemination of Culture Model Axelrod 1997 The

589 views • 26 slides
CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools

CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools

CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools Cryptographic Tools Cryptographic algorithms important element in security services Review various types of elements symmetric encryption secure

1.27k views • 23 slides
FIT FOR DUTY PHYSICAL AND PSYCHOLOGICAL AWARENESS WHAT TO LOOK FOR WHAT TO LISTEN FOR FIT

FIT FOR DUTY PHYSICAL AND PSYCHOLOGICAL AWARENESS WHAT TO LOOK FOR WHAT TO LISTEN FOR FIT

FIT FOR DUTY PHYSICAL AND PSYCHOLOGICAL AWARENESS WHAT TO LOOK FOR WHAT TO LISTEN FOR FIT FOR DUTY VS IMPAIRMENT Fit for Duty: Fit-for-duty means that an individual is in a healthy physica ysical l and psycholog ychologica ical l

435 views • 25 slides
Rheology and Segregation Segregation of of Rheology and Granular Mixtures in Dense Flows

Rheology and Segregation Segregation of of Rheology and Granular Mixtures in Dense Flows

Rheology and Segregation Segregation of of Rheology and Granular Mixtures in Dense Flows Granular Mixtures in Dense Flows Devang Khakhar Department of Chemical Engineering Indian Institute of Technology Bombay Mumbai, India Unifying

695 views • 33 slides
Cryptographic protocols Cryptographic protocols small programs designed to secure Introduction

Cryptographic protocols Cryptographic protocols small programs designed to secure Introduction

Cryptographic protocols Cryptographic protocols small programs designed to secure Introduction to cryptographic protocols communication (various security goals) Bruno Blanchet use cryptographic primitives (e.g. encryption, hash function,

451 views • 14 slides
Segregation and Lynching Motivation Lynching Data Measuring Lisa D. Cook Segregation Trevon

Segregation and Lynching Motivation Lynching Data Measuring Lisa D. Cook Segregation Trevon

Segregation and Lynching Lisa D. Cook Trevon D. Logan John M. Parman Introduction Segregation and Lynching Motivation Lynching Data Measuring Lisa D. Cook Segregation Trevon D. Logan Results John M. Parman March 27, 2015 Segregation

419 views • 22 slides
in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order

in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order

Monitoring of enforcement in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order Ordering enforcement Authorities court notary public Enforcement order certificate of enforcement

540 views • 12 slides
Cryptographic Logical Relations What is the contextual equivalence for cryptographic

Cryptographic Logical Relations What is the contextual equivalence for cryptographic

Cryptographic Logical Relations What is the contextual equivalence for cryptographic protocols and how to prove it? Yu ZHANG Including joint work with J. Goubault-Larrecq, D. Nowak and S. Lasota EVEREST, INRIA Sophia-Antipolis February

487 views • 37 slides
How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic

How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic

Department of Informatics Security and Privacy Maximilian Blochberger How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic pitfalls by design Goal Raise awareness of cryptographic misuse Disclaimer

910 views • 29 slides
Asylum seekers and refugees Lisa Doyle Refugee Council Duty, Duty, Duty: Bridging Race Equality,

Asylum seekers and refugees Lisa Doyle Refugee Council Duty, Duty, Duty: Bridging Race Equality,

Asylum seekers and refugees Lisa Doyle Refugee Council Duty, Duty, Duty: Bridging Race Equality, Community Cohesion and Well-Being in Schools 4 th December 2008 Asylum is a human right www.refugeecouncil.org.uk Mobility Forced

508 views • 7 slides
ACCOUNTING SEGREGATION Use of the system and experiences in Norway A presentation by Ulf Hoberg

ACCOUNTING SEGREGATION Use of the system and experiences in Norway A presentation by Ulf Hoberg

ACCOUNTING SEGREGATION Use of the system and experiences in Norway A presentation by Ulf Hoberg The Directorate of Customs and Excise Tollvesenet ACCOUNTING SEGREGATION OR THE USE OF FUNGIBLE MATERIALS MEANING THE STORAGE AND USE OF

429 views • 11 slides
Webinar 31 July 2014 1 Webinar Cara Blockley Low Carbon Projects Manager 2 Webinar format

Webinar 31 July 2014 1 Webinar Cara Blockley Low Carbon Projects Manager 2 Webinar format

Webinar 31 July 2014 1 Webinar Cara Blockley Low Carbon Projects Manager 2 Webinar format 10 minutes 30 minutes presentation questions &amp; answers Submit written questions online during the webinar 3 Agenda Introduction Technology

679 views • 27 slides
Teaching Code Arthur Carabott April 2015 @acarabott arthurcarabott.com My Teaching Code

Teaching Code Arthur Carabott April 2015 @acarabott arthurcarabott.com My Teaching Code

Teaching Code Arthur Carabott April 2015 @acarabott arthurcarabott.com My Teaching Code Code+Music Music Why teach? What to teach Am I wrong? Why teach? The whole art of teaching is only the art of awakening the natural

669 views • 52 slides
WELCOME TO PHASE ONE OF ALLENTOWN 2030, OUR CITYS COMPREHENSIVE PLAN! TELL US WHAT YOU

WELCOME TO PHASE ONE OF ALLENTOWN 2030, OUR CITYS COMPREHENSIVE PLAN! TELL US WHAT YOU

WELCOME TO PHASE ONE OF ALLENTOWN 2030, OUR CITYS COMPREHENSIVE PLAN! TELL US WHAT YOU THINK! YOU THINK! LETS IMAGINE OUR FUTURE TOGETHER! WELCOME! At our first meeting on 13 November 2018, we were welcomed by: Reverend Charles

1.47k views • 122 slides
Reaching Ubiquity through I nvisibility Eric Vtillard Chief Architect Trusted Logic w w w .

Reaching Ubiquity through I nvisibility Eric Vtillard Chief Architect Trusted Logic w w w .

Reaching Ubiquity through I nvisibility Eric Vtillard Chief Architect Trusted Logic w w w . t r u s t e d - l o g i c . f r Cassis04 Marseille March 2004 Ubiquity Ubiquity, n. The state of being everywhere at once. I

741 views • 45 slides
Strategy for City Transformation (Part 4) Sunday November 25, Strategy for City Transformation

Strategy for City Transformation (Part 4) Sunday November 25, Strategy for City Transformation

Strategy for City Transformation (Part 4) Sunday November 25, Strategy for City Transformation (Review) What do we mean by City Transformation? By City Transformation we are primarily talking about spiritual transformation resulting

380 views • 34 slides
Re-configuring the Care Economy for Gender Convergence 3 October 2019 The Point, Level 7, Mercu

Re-configuring the Care Economy for Gender Convergence 3 October 2019 The Point, Level 7, Mercu

Re-configuring the Care Economy for Gender Convergence 3 October 2019 The Point, Level 7, Mercu UEM 9.30am 12.00pm Care, the macroeconomy and womens work Jayati Ghosh Jawaharlal Nehru University, New Delhi Khazanah Research Institute,

939 views • 71 slides
CMSC 110 Lectures Grading Introduc/on to Compu/ng MW

CMSC 110 Lectures Grading Introduc/on to Compu/ng MW

9/4/13 Administrivia CMSC 110: Introduc/on to Compu/ng Fall 2013 Course Website: h=p://www.cs.brynmawr.edu Instructor: Jia Tao, Ph.D. (jtao@cs.brynmawr.edu)

207 views • 8 slides
On behalf of Laura M. Dember, Gloria D. Coronado, Jerry Suls, David A. Chambers, Sean Rundell,

On behalf of Laura M. Dember, Gloria D. Coronado, Jerry Suls, David A. Chambers, Sean Rundell,

Presented by Karin Johnson and Gila Neta On behalf of Laura M. Dember, Gloria D. Coronado, Jerry Suls, David A. Chambers, Sean Rundell, David H. Smith, Benmei Liu, Stephen Taplin, Catherine M. Stoney, Margaret Farrell, Russell E. Glasgow Report

496 views • 25 slides

More recommend