lecture outline
play

Lecture Outline Announcements: Homework for next week out by this - PowerPoint PPT Presentation

Aug 26, 2022 •432 likes •840 views

Lecture Outline Announcements: Homework for next week out by this evening Guest lecture a week from Friday Bill Marczak on Abusive Surveillance Today: broader notions relating to authentication Architecting to resist

  1. Lecture Outline • Announcements: – Homework for next week out by this evening – Guest lecture a week from Friday • Bill Marczak on Abusive Surveillance • Today: broader notions relating to authentication – Architecting to resist subverted clients – Imprinting – Multi-party identities (Ecommerce, web advertising) – Bot-or-Not (CAPTCHAs)

  2. Architecting to Resist Subverted Clients

  3. Threats? • Sniffing, MITM (network; app-level relay) ⇒ Theft of password and/or authenticator • 3 rd -party manipulation of automation – E.g. CSRF (browser fetching of images) – E.g. XSS (browser execution of JS replies) • Password security – Blind guessing / bruteforcing – Reuse (breaches) – Phishing • Compromised client: hijacking

  4. Tackling Transaction Generators? • How about using a separate system? – Very inconvenient • Desired properties: – Compatible w/ existing legacy OS’s – Can run general web applications – No need to trust host OS – Small TCB: attestable via TPM

  5. Cloud Terminal Architecture Trusted hypervisor mediates all physical I/O events

  6. Cloud Terminal Architecture Only hypervisor has access to user’s credentials: the user doesn’t know their own passwords

  7. Cloud Terminal Architecture User signals Hypervisor to begin a secure session using a specific hardware keystroke combination (“Secure Attention Key”)

  8. Cloud Terminal Architecture Upon this request, a “thin client” UI runs in the hypervisor context (= trusted)

  9. Cloud Terminal Architecture It’s locked down to only talk to services previously registered with the Hypervisor – user can’t be phished

  10. Cloud Terminal Architecture After selecting which service to interact with (e.g., user’s bank ), Hypervisor interacts using untrusted host OS for networking & storage

  11. Cloud Terminal Architecture Doing so reduces TCB

  12. Cloud Terminal Architecture End-to-end encryption obviates need to trust host OS; only threat is DoS

  13. Cloud Terminal Architecture Hypervisor ensures authenticity of remote service by (correctly) validating TLS certificate

  14. Cloud Terminal Architecture Hypervisor authenticates user to service using password in key store

  15. Cloud Terminal Architecture Remote service (e.g., user’s bank ) renders interaction UI locally using kiosk software

  16. Cloud Terminal Architecture UI is presented to user using VNC- style low-level frame buffer protocol

  17. Cloud Terminal Architecture Rendered directly into video hardware by RUI client + hypervisor

  18. Cloud Terminal Architecture Malware has no capability to observe what’s displayed

  19. Cloud Terminal Architecture User interacts using physical hardware events mediated by hypervisor directly to RUI client

  20. Cloud Terminal Architecture Malware has no opportunity to influence interaction

  21. Tackling Transaction Generators • Desired properties: – Compatible w/ existing legacy OS’s • They run in VMs controlled by hypervisor – Can run general web applications • Anything that remote site can render into VNC-style framebuffer protocol – No need to trust host OS • Hypervisor provides strong isolation – Small TCB: attestable via TPM • Working implementation: 22 KLOC

  22. Architectural Elements? • Abstractions: – Interactions via “dumb” separate terminal • Placement of functionality: – Move rendering into controlled environment – Add trusted hypervisor w/ local secrets/smarts – Require interactions to come from physical hardware – Use E2E principle to leverage untrustworthy code • State: – Isolated to trusted component • Naming: – Use existing PKI system + TPM

  23. Imprinting

  24. Device Authentication: IOT For IOT device + home controller, want secure, impermanent associations. Impermanent: so you can sell your device but a thief cannot.

  25. Resurrecting Duckling Imprinting on Mother: Device shares key on 1 st contact with controller Metempsychosis: Upon death, soul progresses to a new body Reverse metempsychosis: Upon death, new soul can enter the body Resistance to assassination: Only mother can kill her ducklings Escrowed seppuku: Thief can’t “kill” device ⇒ no utility for anyone Manufacturer can kill too who buys it from them

  26. https://www.citrix.com/blogs/2015/04/20/resurrecting-duckling-a-model-for-securing-iot-devices/

  27. Imprinting in Other Contexts • What is SSH’s PKI model? – It doesn’t have one: Leap-of-Faith • Pros: – Ease of deployment • Cons: – Security properties require users to non-satisfice – No revocation model – Disaster if attacker gets there first

  28. Persistent Ungrounded Identity • Idea: systems generate (unanchored!) public key and consistently include it w/ (signed) messages – Provides recipient a lever for “ this is the same entity I talked with previously ” … – … even though actual identity (“persona”) not known “Assurance through continuity”

  29. Persistent Ungrounded Identity • Idea: systems generate (unanchored!) public key and consistently include it w/ (signed) messages – Provides recipient a lever for “ this is the same entity I talked with previously ” … – … even though actual identity (“persona”) not known • E.g.: consistently sign your email/texts – Recipient can associate reputation w/ each persona, use them for whitelisting – User can migrate persona to additional systems • E.g.: use for SBGP instead of a PKI – Game theory result: deployment gains a network effect

  30. Persistent Ungrounded Identity • Idea: systems generate (unanchored!) public key and consistently include it w/ (signed) messages – Provides recipient a lever for “ this is the same entity I talked with previously ” … Issues? – … even though actual identity (“persona”) not known Key compromise is a disaster • E.g.: consistently sign your email/texts No apparent handle for revocation – Recipient can associate reputation w/ each persona, use them for whitelisting – User can migrate persona to additional systems • E.g.: use for SBGP instead of a PKI – Game theory result: deployment gains a network effect

  31. Multi-Party Identities

  32. Cashier-as-a-Service (CAAS) Abstract Ecommerce workflow: 1. Shopper surfs Merchant’s site 2. Shopper sends over …/place_order.html 3. Merchant sends back redir. to CAAS.com 4. Shopper interacts with CAAS 5. CAAS interacts with Merchant 6. CAAS redirects shopper back to Merchant

  33. CAAS Attack #1 ? S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment?orderID= X &price= Y [ C records payment info, generates transaction # T ] C ⟶ S ⟶ M: finish?transID= T [ M contacts C for identifer X associated w/ T ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ] Note: we view Merchant and Cashier as trustworthy. The Shopper , OTOH …

  34. CAAS Attack #1 ! S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment?orderID= X &price= Y [ C records payment info, generates transaction # T ] C ⟶ S ⟶ M: finish?transID= T [ M contacts C for identifer X associated w/ T ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ]

  35. CAAS Scheme #2 ? S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment?orderID= X &price= Y [ C records payment info, generates transaction # T ] C ⟶ S ⟶ M: finish?transID= T [ M contacts C for identifer X associated w/ T ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ]

  36. CAAS Attack #2 ? S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment?SIGN M (ID= X ,price= Y ) [ C verifies signature; records payment info, generates # T ] C ⟶ S ⟶ M: finish?SIGN C (ID= X ,price= Y , PAID ) [ M verifies signature and PAID is indicated ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ]

  37. CAAS Attack #2 ! S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment?SIGN M ' (ID= X ,price= Y ) [ C verifies signature; records payment info, generates # T ] C ⟶ S ⟶ M: finish?SIGN C (ID= X ,price= Y , PAID ) [ M verifies signature and PAID is indicated ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ] Shopper colludes with another merchant M' to get a signature on same identifier X for price Y … without having to ultimately pay

  38. Fix for CAAS Attack #2 S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment? SIGN M (ID= X ,price= Y ,merch= M ) [ C verifies signature; records payment info, generates # T ] C ⟶ S ⟶ M: finish? SIGN C (ID= X ,price= Y ,merch= M , PAID ) [ M verifies signature and PAID is indicated, etc. ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ]

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

18.175: Lecture 4 Integration Scott Sheffield MIT 1 18.175 Lecture 4 Outline Integration

18.175: Lecture 4 Integration Scott Sheffield MIT 1 18.175 Lecture 4 Outline Integration

18.175: Lecture 4 Integration Scott Sheffield MIT 1 18.175 Lecture 4 Outline Integration Expectation 2 18.175 Lecture 4 Outline Integration Expectation 3 18.175 Lecture 4 Recall definitions Probability space is triple ( , F , P ) where

451 views • 11 slides
Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4

Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4

Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4 Basics of Feedback Control Robert Babu ska Today: Steady-state response. Delft Center for Systems and Control Faculty of Mechanical

388 views • 7 slides
Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11

Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11

Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11 State-space models and state feedback control (We are finished with frequency domain methods.) Robert Babu ska Today: Delft Center for

452 views • 6 slides
Lecture Outline Regeltechniek Lecture 1 Introduction Information about the course.

Lecture Outline Regeltechniek Lecture 1 Introduction Information about the course.

Lecture Outline Regeltechniek Lecture 1 Introduction Information about the course. Robert Babu ska Why is control essential. Delft Center for Systems and Control Faculty of Mechanical Engineering Basic elements of feedback.

403 views • 11 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, stability, stability

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, stability, stability

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, stability, stability margins. Lecture 9 Lead and Lag Compensators Robert Babu ska Today: PID controller design. Delft Center for Systems and Control Faculty

447 views • 8 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: PID controller design, lead and

Lecture Outline Systeem- en Regeltechniek II Previous lecture: PID controller design, lead and

Lecture Outline Systeem- en Regeltechniek II Previous lecture: PID controller design, lead and lag compen- Lecture 10 Nyquist plot and stability criterium sators. Robert Babu ska Today: Delft Center for Systems and Control Nyquist

444 views • 7 slides
18.175: Lecture 17 Poisson random variables Scott Sheffield MIT 18.175 Lecture 16 1 Outline More

18.175: Lecture 17 Poisson random variables Scott Sheffield MIT 18.175 Lecture 16 1 Outline More

18.175: Lecture 17 Poisson random variables Scott Sheffield MIT 18.175 Lecture 16 1 Outline More on random walks and local CLT Poisson random variable convergence Extend CLT idea to stable random variables 18.175 Lecture 16 2 Outline More on

225 views • 21 slides
Semantics & Verification Lecture 13 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 13 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 13 Gerd Behrmann Outline of remaining lectures Lecture 9: Modelling real time system Lecture 10: More on Uppaal + mini projects Lecture 11: Mini projects Lecture 12: Verification of timed

589 views • 31 slides
Semantics & Verification Lecture 14 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 14 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 14 Gerd Behrmann Outline of remaining lectures Lecture 9: Modelling real time system Lecture 10: More on Uppaal + mini projects Lecture 11: Mini projects Lecture 12: Verification of timed

779 views • 42 slides
Lecture Outline Regeltechniek Previous lecture: representation of dynamic models, transfer func-

Lecture Outline Regeltechniek Previous lecture: representation of dynamic models, transfer func-

Lecture Outline Regeltechniek Previous lecture: representation of dynamic models, transfer func- Lecture 3 Stability analysis and transient response tions and state-space models. Robert Babu ska Today: Delft Center for Systems and

266 views • 8 slides
Lecture 2 (I ): Lecture 2 (I ): Pipelining & Retiming Pipelining & Retiming

Lecture 2 (I ): Lecture 2 (I ): Pipelining & Retiming Pipelining & Retiming

Lecture 2 (I ): Lecture 2 (I ): Pipelining & Retiming Pipelining & Retiming Hsie-Chia Chang E-mail : hcchang@mail.nctu.edu.tw Fall 2006 Outline Outline Pipelining of FI R Digital filters Data-Broadcast Structures

453 views • 28 slides
15-780 Graduate AI: Lecture 1: Introduction and Logistics J. Zico Kolter (this lecture),

15-780 Graduate AI: Lecture 1: Introduction and Logistics J. Zico Kolter (this lecture),

15-780 Graduate AI: Lecture 1: Introduction and Logistics J. Zico Kolter (this lecture), Nihar Shah Carnegie Mellon University Spring 2020 1 Outline What is Artificial Intelligence? A brief history of AI Course logistics 2 Outline

580 views • 36 slides
Lecture Outline Regeltechniek Previous lecture: Root locus, frequency response derivation.

Lecture Outline Regeltechniek Previous lecture: Root locus, frequency response derivation.

Lecture Outline Regeltechniek Previous lecture: Root locus, frequency response derivation. Lecture 7 Frequency Response, Bode Plots Robert Babu ska Today: Handout for the remaining computer sessions. Delft Center for Systems and

332 views • 6 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: The root locus method, analysis,

Lecture Outline Systeem- en Regeltechniek II Previous lecture: The root locus method, analysis,

Lecture Outline Systeem- en Regeltechniek II Previous lecture: The root locus method, analysis, design. Lecture 6 Root Locus, Frequency Response Robert Babu ska Today: Remarks on the computer session. Delft Center for Systems and

226 views • 6 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, non-minimum-phase

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, non-minimum-phase

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, non-minimum-phase systems. Lecture 8 Frequency Domain Design Robert Babu ska Today: Bodes gain-phase relation. Delft Center for Systems and Control

109 views • 7 slides
Outline of the lecture Outline of the lecture Inequality and income The inverted-U

Outline of the lecture Outline of the lecture Inequality and income The inverted-U

Questions that we will discuss today Take historically given an initial distribution of assets, but then Inequality and Development Week 10 T k hi i ll i i i i l di ib i f b h ask the question: March 12 Do inequalities

180 views • 16 slides
Planetary Economics Energy, Climate Change and the Three Domains of Sustainable Development

Planetary Economics Energy, Climate Change and the Three Domains of Sustainable Development

Planetary Economics Energy, Climate Change and the Three Domains of Sustainable Development Michael Grubb With Jean-Charles Hourcade and Karsten Neuhoff Routledge/Taylor & Frances, Published March 2014

937 views • 68 slides
For our snacks price index problem, this is 10 * 15 + 10 * 15 300 = = < 10* 15 + 5 *

For our snacks price index problem, this is 10 * 15 + 10 * 15 300 = = < 10* 15 + 5 *

ECO 300 Fall 2005 September 29 CONSUMER BEHAVIOR PART 3 PRICE INDEXES (P-R pp. 97-102) Suppose in 2005, you receive $200/month midnight snacks allowance from your parents You spend it on pizza X or burgers Y. P X = 10, P Y = 5.

670 views • 9 slides
Mechanisms for Generating Random Walks Power-Law Distributions The First Return Problem

Mechanisms for Generating Random Walks Power-Law Distributions The First Return Problem

Power-Law Mechanisms Mechanisms for Generating Random Walks Power-Law Distributions The First Return Problem Examples Principles of Complex Systems Variable transformation Course 300, Fall, 2008 Basics Holtsmarks Distribution PLIPLO

841 views • 80 slides
CS 440/ECE448 Lecture 36: Mechanism Design Mark Hasegawa-Johnson, 4/2020 Including slides by

CS 440/ECE448 Lecture 36: Mechanism Design Mark Hasegawa-Johnson, 4/2020 Including slides by

CS 440/ECE448 Lecture 36: Mechanism Design Mark Hasegawa-Johnson, 4/2020 Including slides by Svetlana Lazebnik CC-BY 4.0: You may remix or redistribute if you cite the source. Thomas Rowlandson & Augustus Charles Pugin, "An

361 views • 25 slides
CS 730/830: Intro AI 1 handout: slides Are We Done? Beyond A* Suboptimal Search Anytime

CS 730/830: Intro AI 1 handout: slides Are We Done? Beyond A* Suboptimal Search Anytime

CS 730/830: Intro AI 1 handout: slides Are We Done? Beyond A* Suboptimal Search Anytime Search Real-time Search EOLQs Wheeler Ruml (UNH) Lecture 4, CS 730 1 / 24 EOLQs Are We Done? Beyond A* Suboptimal Search Anytime Search

501 views • 34 slides
Leadership Insights: What makes a good leader? Elements for a culture of safety a Culture

Leadership Insights: What makes a good leader? Elements for a culture of safety a Culture

Outline Leadership Insights: What makes a good leader? Elements for a culture of safety a Culture of Safety Pitfalls using certain tools as a leader Culture of Safety Survey Leadership Walkarounds Estes Park Institute

405 views • 4 slides
Software Testing Lecture 1 Justin Pearson 2019 1 / 54 Four Questions Does my software work?

Software Testing Lecture 1 Justin Pearson 2019 1 / 54 Four Questions Does my software work?

Software Testing Lecture 1 Justin Pearson 2019 1 / 54 Four Questions Does my software work? 2 / 54 Four Questions Does my software work? Does my software meet its specification? 3 / 54 Four Questions Does my software work?

573 views • 54 slides
Introduction to Agent Based Modelling Tommaso Ciarli SPRU, University of Sussex

Introduction to Agent Based Modelling Tommaso Ciarli SPRU, University of Sussex

Introduction to Agent Based Modelling Tommaso Ciarli SPRU, University of Sussex t.ciarli@sussex.ac.uk Advances in Economic Dynamics and Development: Economics and Complexity Third meeting PPGDE, UFPR Curitiba June 13-17, 2016 a

1.51k views • 118 slides

More recommend