how to delete data for realz this presentation will self
play

How to Delete Data for Realz: This Presentation Will Self-Destruct - PowerPoint PPT Presentation

Nov 10, 2023 •247 likes •599 views

#RSAC #RSAC SESSION ID: SESSION ID: PDAC-R10F How to Delete Data for Realz: This Presentation Will Self-Destruct In... Davi Ottenheimer Ian Smith President Research Scientist Flyingpenguin University of Washington @daviottenheimer

  1. #RSAC #RSAC SESSION ID: SESSION ID: PDAC-R10F How to Delete Data for Realz: This Presentation Will Self-Destruct In... Davi Ottenheimer Ian Smith President Research Scientist Flyingpenguin University of Washington @daviottenheimer @sesosek Rashomon Security

  2. #RSAC Rashomon = Solving “Uncertainty of Fact” * * “The Samurai Film,” Alain Silver, 1983 p 47 Rashomon Security

  3. #RSAC Rising Problem of “ unDEAD ” Data The Ghost Kohada Koheiji Rashomon Rashomon Katsushika Hokusai (1760-1849) Security Security

  4. #RSAC Data Lifecycle Store Access Create Modify Destroy Destroy Share Backup Rashomon Security

  5. #RSAC MSM Awareness Rashomon Security

  6. #RSAC Example: Internet of Snitches US Government collecting social media information from foreign travelers Data from pacemaker used to arrest man for arson, insurance fraud Rashomon Security

  7. #RSAC Example: Plaintext Distributed Data to Cloud Flask DB REST API bins/libs bins/libs Container Engine (Docker) Host OS Rashomon Security

  8. #RSAC Example: War of Words Rashomon Rashomon Security Security

  9. #RSAC “Use Bleach” to Purge History Rashomon Security

  10. #RSAC Broken Solutions Unlinking Overwriting Master Key Physical Destruction Rashomon Security

  11. #RSAC Classic PGP (No Forward Secrecy) is Classic Classic PGP (No Forward Secrecy) is Classic D sk_bob (E pk_bob (M)) E pk_bob (M) → Server → M sk = secret key pk = public key Rashomon Rashomon Security Security

  12. #RSAC Classic PGP (No Forward Secrecy) is Classic D sk_bob (E pk_bob (M)) → E pk_bob (M) → Server M Attacker with sk_bob can read all past messages Rashomon Rashomon Security Security

  13. #RSAC In Search of an Improved Trust Level Rashomon Security

  14. Distributed Expiring Auditable Data (DEAD) #RSAC 1. Automatic expiration timers 2. Always, even when replicated or offline 3. Audited Rashomon Security

  15. #RSAC Data, Prepare to be DEAD Rashomon Security

  16. #RSAC DEAD Example Architecture 1. Automatic: Access gone after expiration 2. Always: Stored keys disappear over time, destroying data 3. Audited: Action required for initial data access Rashomon Security

  17. #RSAC Split secret S into n pieces • Knowledge of any m of them makes S easy to compute. • Knowledge of any m - 1 or fewer leaves S completely undetermined. Plot: Vlsergey Rashomon Security

  18. #RSAC Automatic Key Expiration • Store(secret, expiration time) → index • Get(index) → secret, if not yet expired Expire in: Expire in: 72 hours 72 hours <index> Rashomon Security

  19. #RSAC Automatic Key Expiration • Store(secret, expiration time) → index • Get(index) → secret, if not yet expired <index> not found Rashomon Security

  20. #RSAC Always (Forward Secrecy) Backups Server Server D k (D sk_bob (E pk_bob (E k (M), I))) → M E pk_bob (E k (M), I) → I I E pk_bob (k) →S D sk_bob (S) → k S S Rashomon Security Alice, Bob: xkcd.com

  21. #RSAC Always (Forward Secrecy) Attacker with sk_bob cannot Backups read any expired messages Server Server Server D k (D sk_bob (E pk_bob (E k (M), I))) → M E pk_bob (E k (M), I) → I I E pk_bob (k) →S D sk_bob (S) → k D sk_bob (S) → k S S Rashomon Security Alice, Bob: xkcd.com

  22. #RSAC Audited (e.g. Cloud Delete) Flask DB REST API bins/libs bins/libs Container Engine (Docker) Host OS DEAD Service (audits key requests) Rashomon Security

  23. #RSAC Audited (e.g. Cloud Delete) Flask DB REST API bins/libs bins/libs Container Engine (Docker) Host OS DEAD Service (audits key requests) Rashomon Security

  24. #RSAC Resilient to Attack: Privacy DEAD secrets can not be read without the index %#&$!! Rashomon Security

  25. #RSAC Resilient to Attack: Availability Rashomon Security Alice: xkcd.com

  26. #RSAC Resilient to Attack: Availability Rashomon Security Alice: xkcd.com

  27. #RSAC Resilient to Attack: Privacy + Availability Num. storage locations 1 2 3 4 5 n Quorum threshold 1/1 1/2 2/2 1/3 2/3 3/3 1/4 2/4 3/4 4/4 1/5 2/5 3/5 4/5 5/5 m / n Num. compromised to violate privacy 1 1 2 1 2 3 1 2 3 4 1 2 3 4 5 m Num. failed to violate availability 1 2 1 3 2 1 4 3 2 1 5 4 3 2 1 n - m + 1 S S 1 S 2 S 3 S 4 S 5 Rashomon Security

  28. #RSAC Resilient to Attack: Privacy + Availability Num. storage locations 1 2 3 4 5 n Quorum threshold 1/1 1/2 2/2 1/3 2/3 3/3 1/4 2/4 3/4 4/4 1/5 2/5 3/5 4/5 5/5 m / n Num. compromised to violate privacy 1 1 2 1 2 3 1 2 3 4 1 2 3 4 5 m Num. failed to violate availability 1 2 1 3 2 1 4 3 2 1 5 4 3 2 1 n - m + 1 S 1 S 2 S 3 S 4 S 5 Rashomon Security

  29. #RSAC Resilient to Attack: Privacy + Availability Num. storage locations 1 2 3 4 5 n Quorum threshold 1/1 1/2 2/2 1/3 2/3 3/3 1/4 2/4 3/4 4/4 1/5 2/5 3/5 4/5 5/5 m / n Num. compromised to violate privacy 1 1 2 1 2 3 1 2 3 4 1 2 3 4 5 m Num. failed to violate availability 1 2 1 3 2 1 4 3 2 1 5 4 3 2 1 n - m + 1 S %#&$!! %#&$!! S 1 S 2 S 3 S 4 S 5 Rashomon Security

  30. #RSAC Resilient to Attack: Privacy + Availability Num. storage locations 15 n Quorum threshold 8 / 15 m / n Num. compromised to violate privacy 8 m Num. failed to violate availability 8 n - m + 1 %#&$!! %#&$!! Example: 8/15 %#&$!! %#&$!! %#&$!! %#&$!! %#&$!! Rashomon Security

  31. #RSAC Distributed Expiring Auditable Data (DEAD) 1. Automatic expiration timers 2. Always, even when replicated or offline 3. Audited Rashomon Security

  32. #RSAC Apply 1. Identify data flows in your organization a. Source code b. Customer and operations data c. Internal communications d. API tokens, TLS certs, SSH keys, DB credentials e. Internet of snitches f. Partners and service providers 2. Assess unDEAD data risk (severity x probability) 3. Flag processes where DEAD required Rashomon Security

  33. #RSAC Apply: Russian Containers Rashomon Security

  34. #RSAC Get DEAD • Amazon KMS • Fugue Credstash • HashiCorp Vault • Kubernetes secret objects • Docker SwarmKit secrets • OpenStack Barbican Rashomon Rashomon Security Security

  35. #RSAC DEAD Data Demo Join our Focus-On session Learn how to make data DEAD • Automatic • Always • Audited Time: 2:45 - 3:30 PM Session Code: FON3-R11 Rashomon Security

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

How to Delete Data for Realz: This Presentation Will Self-Destruct In... (Focus-On) Davi

How to Delete Data for Realz: This Presentation Will Self-Destruct In... (Focus-On) Davi

#RSAC SESSION ID: SESSION ID: FON3-R11 How to Delete Data for Realz: This Presentation Will Self-Destruct In... (Focus-On) Davi Ottenheimer Ian Smith President Research Scientist Flyingpenguin University of Washington @daviottenheimer

605 views • 23 slides
Control Alt Delete: Control Data, Use Alternatives, and Delete Risks APRIL 30 PRIL 30

Control Alt Delete: Control Data, Use Alternatives, and Delete Risks APRIL 30 PRIL 30

Control Alt Delete: Control Data, Use Alternatives, and Delete Risks APRIL 30 PRIL 30 MA MAY 2 Y 2, 2 , 2018 Keynote Address: Big Data/Big Privacy Keynote Speaker: Nora Young (Host &amp; Creator, Spark (CBC)) As individuals,

428 views • 10 slides
Deletion Can only delete a tuple/tuples. Cannot delete values for particular attibutes delete

Deletion Can only delete a tuple/tuples. Cannot delete values for particular attibutes delete

Deletion Can only delete a tuple/tuples. Cannot delete values for particular attibutes delete from r where P Deletes all tuples t in r for which P(t) is true. delete operates on one relation only . delete from r deletes all tuples

523 views • 4 slides
Review Linked List Struktur Data &amp; Algoritme insert, find, delete operations take O(n)

Review Linked List Struktur Data &amp; Algoritme insert, find, delete operations take O(n)

Review Linked List Struktur Data &amp; Algoritme insert, find, delete operations take O(n) Stack &amp; Queue ( Data Structures &amp; Algorithms ) insert, find, delete operations take O(1) but the access is restricted Hash Table

665 views • 9 slides
SQL Workshop Insert, Update, Delete Doug Shook Test Tables So far we have only read data

SQL Workshop Insert, Update, Delete Doug Shook Test Tables So far we have only read data

SQL Workshop Insert, Update, Delete Doug Shook Test Tables So far we have only read data When testing code that may change data, it is important to NEVER use the production DB Run the statements on test tables before deploying

588 views • 31 slides
Trees Weiss sec. 7.3.5 (preview) ch. 18 (sort of) Data Structures So Far Arrays random

Trees Weiss sec. 7.3.5 (preview) ch. 18 (sort of) Data Structures So Far Arrays random

Trees Weiss sec. 7.3.5 (preview) ch. 18 (sort of) Data Structures So Far Arrays random access, fixed size, hard to insert/delete java.util.ArrayList random access, dynamic resize, hard to insert/delete Linked Lists

846 views • 15 slides
Space Invaders Game Instructions Set up the Environment Delete Scratchy Sprite (right click,

Space Invaders Game Instructions Set up the Environment Delete Scratchy Sprite (right click,

Space Invaders Game Instructions Set up the Environment Delete Scratchy Sprite (right click, delete) Create backdrop Select Backdrop from tabs Edit it Make it completely black If you want, add some stars (small white dots)

605 views • 31 slides
SQL CRUD Create, Read, Update, Delete 1 / 11 CRUD Operations in SQL Create (INSERT) Read

SQL CRUD Create, Read, Update, Delete 1 / 11 CRUD Operations in SQL Create (INSERT) Read

SQL CRUD Create, Read, Update, Delete 1 / 11 CRUD Operations in SQL Create (INSERT) Read (SELECT - covered later) Update (UPDATE) Delete (DELETE, DROP) 2 / 11 INSERT Command General form is INSERT INTO &lt;table_name&gt;

444 views • 11 slides
A. Acres Homes Carver &amp; Cebra BGE, Inc. 9 Location 10 Request Delete Cebra St (MJ-

A. Acres Homes Carver &amp; Cebra BGE, Inc. 9 Location 10 Request Delete Cebra St (MJ-

A. Acres Homes Carver &amp; Cebra BGE, Inc. 9 Location 10 Request Delete Cebra St (MJ- 4-80/100) and add Carver Rd and Cebra St as Major Collectors to DeSoto St MTFP AMENDMENT REQUEST ADD REALIGN DELETE RECLASSIFY Street Class

303 views • 5 slides
Strategic Code Deletion Michael Feathers R7K Research &amp; Conveyance (everyone wants to delete

Strategic Code Deletion Michael Feathers R7K Research &amp; Conveyance (everyone wants to delete

Strategic Code Deletion Michael Feathers R7K Research &amp; Conveyance (everyone wants to delete code) When Can We Delete Code? Varieties of Useless Code And another one.. Low Value code No wikipedia entry (yet) :-) Coverage gprof

830 views • 70 slides
Revising poor design (1) Student Web Presence Guidelines Cut, delete, edit, review The more

Revising poor design (1) Student Web Presence Guidelines Cut, delete, edit, review The more

Revising poor design (1) Student Web Presence Guidelines Cut, delete, edit, review The more you delete, the more you simplify. The more you simplify the more you increase the chances of your users suceeding on your website

211 views • 8 slides
C3.1 AND/OR Graphs The heuristics we will consider can all be understood in terms of

C3.1 AND/OR Graphs The heuristics we will consider can all be understood in terms of

Planning and Optimization October 27, 2016 C3. Delete Relaxation: AND/OR Graphs Planning and Optimization C3.1 AND/OR Graphs C3. Delete Relaxation: AND/OR Graphs C3.2 Forced Nodes Malte Helmert and Gabriele R oger C3.3 Most and Least

331 views • 8 slides
SQL Queries select, from, where : the 3 clauses. select = project of algebra. Lists the

SQL Queries select, from, where : the 3 clauses. select = project of algebra. Lists the

Modifying content Newly created relation is empty. Insert by insert into employee values (Smith, 2000.00, 2, 3) Delete all tuples delete from employee Remove a relation completely drop table r Alter the schema (add attributes) alter

529 views • 4 slides
Why important ? You must know how to: Create a file Create a folder Delete

Why important ? You must know how to: Create a file Create a folder Delete

Why important ? You must know how to: Create a file Create a folder Delete a file Delete a folder Show current Path Navigate through folders Show content in folder Show content in file Copy

667 views • 13 slides
Lead {Delete the words that are not your own} Introduction Slide Introduction to Teen Activism

Lead {Delete the words that are not your own} Introduction Slide Introduction to Teen Activism

Topic: Teen Activist Your Name Introduction Slide Lead {Delete the words that are not your own} Introduction Slide Introduction to Teen Activism {Delete the words that are not your own} Introduction Slide Claim with 3 supporting reasons

606 views • 6 slides
Lecture 2: Stacks and CSE 373: Data Structures and Queues Algorithms CSE 373 19 SP - KASEY

Lecture 2: Stacks and CSE 373: Data Structures and Queues Algorithms CSE 373 19 SP - KASEY

Lecture 2: Stacks and CSE 373: Data Structures and Queues Algorithms CSE 373 19 SP - KASEY CHAMPION 1 Q: Which data structure implementation of the Warm Up List ADT would you choose to optimize for the delete function? Instructions

511 views • 16 slides
February, 2020 Present an overview of the clinical quality and patient safety plan Provide

February, 2020 Present an overview of the clinical quality and patient safety plan Provide

Provident Quality and Safety Plan Overview February, 2020 Present an overview of the clinical quality and patient safety plan Provide focus areas of the quality plan The ultimate goal is to meet the Cook County Healths Mission

291 views • 15 slides
PCORI In Practice: Highlighting PCORnet Opportunities for General Internists September 8, 2015

PCORI In Practice: Highlighting PCORnet Opportunities for General Internists September 8, 2015

PCORI In Practice: Highlighting PCORnet Opportunities for General Internists September 8, 2015 Welcome and Introductions We welcome your questions and comments via the chat function on the right side of your screen We welcome your comments

930 views • 44 slides
For over 3 30 ye year ars In InHealth h has b as been a a trust sted n name in health

For over 3 30 ye year ars In InHealth h has b as been a a trust sted n name in health

For over 3 30 ye year ars In InHealth h has b as been a a trust sted n name in health thca care. Our narrative-based documentation solutions allow physicians to capture a comprehensive patient story and continue to meet meaningful use

306 views • 14 slides
Internal Medicine Resident Scheduling System Bit, Nibble, or Byte Agenda 1. Introductions

Internal Medicine Resident Scheduling System Bit, Nibble, or Byte Agenda 1. Introductions

Internal Medicine Resident Scheduling System Bit, Nibble, or Byte Agenda 1. Introductions 2. Problem Background 3. Project Goals 4. Requirements 5. Project Plan 6. Immediate Future 7. Questions 2 Your MSD Team Bit - Taylor

568 views • 15 slides
safety and performance IMDRF Open Session Brussels, 13 November 2013 Jess Rueda Rodrguez

safety and performance IMDRF Open Session Brussels, 13 November 2013 Jess Rueda Rodrguez

GMTA Perspective Continuous improvement product safety and performance IMDRF Open Session Brussels, 13 November 2013 Jess Rueda Rodrguez Health Systems Focus on Quality of Care The Virtuous Circle of Quality Care How do medical

292 views • 6 slides
The science behind FRMS : the causes of fatigue Philippe Cabon, PhD Evaluation AERES Projet de

The science behind FRMS : the causes of fatigue Philippe Cabon, PhD Evaluation AERES Projet de

The science behind FRMS : the causes of fatigue Philippe Cabon, PhD Evaluation AERES Projet de recherche 1 du LATI From intuition to science Fatigue is not only a scientific concept, it is used in the daily life and it is a subjective

136 views • 13 slides
Ministerial presentation summary Your Excellency, Honorable Deputies We are facing a popular

Ministerial presentation summary Your Excellency, Honorable Deputies We are facing a popular

Ministerial presentation summary Your Excellency, Honorable Deputies We are facing a popular protest in which people question the legitimacy of all of us. Let us all be humble and admit that restoring confidence is done with deeds, not promises.

288 views • 8 slides
ON GOING RESEARCH IN THE COLLEGE HEALTH SCIENCES, UNIVERSITY OF NAIROBI A presentation by:

ON GOING RESEARCH IN THE COLLEGE HEALTH SCIENCES, UNIVERSITY OF NAIROBI A presentation by:

ON GOING RESEARCH IN THE COLLEGE HEALTH SCIENCES, UNIVERSITY OF NAIROBI A presentation by: Prof. Isaac O. Kibwage Principal, College of Health Sciences (CHS), University of Nairobi University of Nairobi ISO 9001:2008 1 Certified

598 views • 55 slides

More recommend