march 6 2014
play

March 6, 2014 1 Mitigation of Covert Channels 2 About Voting and - PowerPoint PPT Presentation

Mar 25, 2023 •144 likes •416 views

Mitigation of Covert Channels About Voting and Computers March 6, 2014 1 Mitigation of Covert Channels 2 About Voting and Computers March 6, 2014 ECS 235B Winter Quarter 2014 Slide 1 Mitigation of Covert Channels About Voting and Computers

  1. Mitigation of Covert Channels About Voting and Computers March 6, 2014 1 Mitigation of Covert Channels 2 About Voting and Computers March 6, 2014 ECS 235B Winter Quarter 2014 Slide 1

  2. Mitigation of Covert Channels About Voting and Computers Mitigation of Covert Channels Problem: these work by varying use of shared resources One solution Require processes to say what resources they need before running Provide access to them in a way that no other process can access them Cumbersome Includes running (CPU covert channel) Resources stay allocated for lifetime of process March 6, 2014 ECS 235B Winter Quarter 2014 Slide 2

  3. Mitigation of Covert Channels About Voting and Computers Alternate Approach Obscure amount of resources being used Receiver cannot distinguish between what the sender is using and what is added How? Two ways: Devote uniform resources to each process Inject randomness into allocation, use of resources March 6, 2014 ECS 235B Winter Quarter 2014 Slide 3

  4. Mitigation of Covert Channels About Voting and Computers Uniformity Varieties of Isolation Process can’t tell if second process using resource Example: KVM/370 covert channel via CPU usage Devote uniform resources to each process Give each VM a time slice of fixed duration Do not allow VM to surrender its CPU time Can no longer send 0 or 1 by modulating CPU usage March 6, 2014 ECS 235B Winter Quarter 2014 Slide 4

  5. Mitigation of Covert Channels About Voting and Computers Randomness Make noise dominate channel Does not close it, but makes it useless Example: MLS database Probability of transaction being aborted by user other than sender, receiver approaches 1 q → 1 I ( A ; X ) → 0 How to do this: resolve conflicts by aborting increases q , or have participants abort transactions randomly March 6, 2014 ECS 235B Winter Quarter 2014 Slide 5

  6. Mitigation of Covert Channels About Voting and Computers Problem: Loss of Efficiency Fixed allocation, constraining use Wastes resources Increasing probability of aborts Some transactions that will normally commit now fail, requiring more retries Policy: is the inefficiency preferable to the covert channel? March 6, 2014 ECS 235B Winter Quarter 2014 Slide 6

  7. Mitigation of Covert Channels About Voting and Computers Example Goal: limit covert timing channels on VAX/VMM “Fuzzy time” reduces accuracy of system clocks by generating random clock ticks Random interrupts take any desired distribution System clock updates only after each timer interrupt Kernel rounds time to nearest 0.1 sec before giving it to VM Means it cannot be more accurate than timing of interrupts March 6, 2014 ECS 235B Winter Quarter 2014 Slide 7

  8. Mitigation of Covert Channels About Voting and Computers Example I/O operations have random delays Kernel distinguishes 2 kinds of time: Event time when I/O event occurs Notification time when VM told I/O event occurred Random delay between these prevents VM from figuring out when event actually occurred) Delay can be randomly distributed as desired (in security kernel, it’s 1–19ms) Added enough noise to make covert timing channels hard to exploit March 6, 2014 ECS 235B Winter Quarter 2014 Slide 8

  9. Mitigation of Covert Channels About Voting and Computers Improvement Modify scheduler to run processes in increasing order of security level Now we’re worried about “reads up”, so . . . Countermeasures needed only when transition from dominating VM to dominated VM Add random intervals between quanta for these transitions March 6, 2014 ECS 235B Winter Quarter 2014 Slide 9

  10. Mitigation of Covert Channels About Voting and Computers The Pump Tool for controlling communications path between High and Low communications buffer Low High buffer buffer Low process High process March 6, 2014 ECS 235B Winter Quarter 2014 Slide 10

  11. Mitigation of Covert Channels About Voting and Computers Details Communications buffer of length n Means it can hold up to n messages Messages numbered Pump ACKs each message as it is moved from High ( Low ) buffer to communications buffer If pump crashes, communications buffer preserves messages Processes using pump can recover from crash March 6, 2014 ECS 235B Winter Quarter 2014 Slide 11

  12. Mitigation of Covert Channels About Voting and Computers Covert Channel Low fills communications buffer Send messages to pump until no ACK If High wants to send 1, it accepts 1 message from pump; if High wants to send 0, it does not If Low gets ACK, message moved from Low buffer to communications buffer ⇒ High sent 1 If Low doesn’t get ACK, no message moved ⇒ High sent 0 Meaning: if High can control rate at which pump passes messages to it, a covert timing channel March 6, 2014 ECS 235B Winter Quarter 2014 Slide 12

  13. Mitigation of Covert Channels About Voting and Computers Performance vs. Capacity Assume Low process, pump can process messages more quickly than High process L i random variable: time from Low sending message to pump to Low receiving ACK H i random variable: average time for High to ACK each of last n messages March 6, 2014 ECS 235B Winter Quarter 2014 Slide 13

  14. Mitigation of Covert Channels About Voting and Computers Case 1: E ( L i ) > H i High can process messages more quickly than Low can get ACKs Contradicts above assumption Pump must be delaying ACKs Low waits for ACK whether or not communications buffer is full Covert channel closed Not optimal Process may wait to send message even when there is room March 6, 2014 ECS 235B Winter Quarter 2014 Slide 14

  15. Mitigation of Covert Channels About Voting and Computers Case 2: E ( L i ) < H i Low sending messages faster than High can remove them Covert channel open Optimal performance March 6, 2014 ECS 235B Winter Quarter 2014 Slide 15

  16. Mitigation of Covert Channels About Voting and Computers Case 3: E ( L i ) = H i Pump, processes handle messages at same rate Covert channel open Bandwidth decreased from optimal case (can’t send messages over covert channel as fast) Performance not optimal March 6, 2014 ECS 235B Winter Quarter 2014 Slide 16

  17. Mitigation of Covert Channels About Voting and Computers Adding Noise Add noise to approximate case 3 Covert channel capacity reduced to 1 / nr where r time from Low sending message to pump to Low receiving ACK when communications buffer not full Conclusion: use of pump substantially reduces capacity of covert channel between High , Low processes when compared to direct connection March 6, 2014 ECS 235B Winter Quarter 2014 Slide 17

  18. Mitigation of Covert Channels About Voting and Computers About Elections Voters: In the U.S., states manage elections In some states, counties manage the elections locally Many different jurisdictions with many different rules Great commonality in rules, procedures among the different jurisdictions March 6, 2014 ECS 235B Winter Quarter 2014 Slide 18

  19. Mitigation of Covert Channels About Voting and Computers How an Election Works in Yolo County, CA Voters: Go to polling station Give name, get ballot Enter booth, vote using marker to mark ballot Put ballot in protective sleeve (envelope) Leave booth, drop envelope into ballot box March 6, 2014 ECS 235B Winter Quarter 2014 Slide 19

  20. Mitigation of Covert Channels About Voting and Computers End of the Day Election officials take ballot box to County seat Election officials remove ballots from envelopes If provisional, handled differently Ballots counted, put into bags marked with precinct and count Ballots removed from bag, run through automatic counters (scanners) Humans intervene when problems arise Intermediate tallies written onto flash cards Every so often, cards removed, walked to tally computer Tallies periodically updated, given to web folks March 6, 2014 ECS 235B Winter Quarter 2014 Slide 20

  21. Mitigation of Covert Channels About Voting and Computers The Canvass Required by California law: Ballots for 1% of precincts counted by hand Must include all races! Compare to tallies from election If different, check until problem found Certify final counts to Secretary of State . . . within 28 days of the election Actually, Yolo County also does more checking, including testing other proposed auditing methods with trusted researchers March 6, 2014 ECS 235B Winter Quarter 2014 Slide 21

  22. Mitigation of Covert Channels About Voting and Computers Over- and Under-Votes Three seats open in Davis City Council election Overvote : voting too many times Vote for 4 candidates No votes in that race counted Undervote : voting too few times Vote for 2 candidates Both votes counted; no third vote counted March 6, 2014 ECS 235B Winter Quarter 2014 Slide 22

  23. Mitigation of Covert Channels About Voting and Computers What’s an “E-Voting System”? Intended to replace paper Improve clarity of cast vote Less error-prone to errors in counting Easier to store Casting votes Direct Recording Electronic (with or without VVPATs) Ballot Marking Devices Pens and paper Counting votes Scanning at precinct (Precinct-Count Optical Scan) Scanning at Election Central Computer counting of electronic ballots March 6, 2014 ECS 235B Winter Quarter 2014 Slide 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Existing Members as at 31 March 2014 Active members as at 31 March 2014, will have

Existing Members as at 31 March 2014 Active members as at 31 March 2014, will have

Existing Members as at 31 March 2014 Active members as at 31 March 2014, will have transferred automatically to the New Scheme on 1 April 2014. Benefits built up until 31 March 2014 will be protected under the current regulations and

593 views • 25 slides
Final Results to 31 December 2013 March 2014 2 Results to 31 December 2013 March 2014

Final Results to 31 December 2013 March 2014 2 Results to 31 December 2013 March 2014

Final Results to 31 December 2013 March 2014 2 Results to 31 December 2013 March 2014 Highlights Overview 3 Strong year for the Inspired Group which delivered record profits Results to 31 December 2013 March 2014 Corporate Division grew

438 views • 21 slides
PBN airspace design Seminar/workshop, AFI-FPP, Dakar, 26-28 March 2014 26 March 2014 SUMMARY

PBN airspace design Seminar/workshop, AFI-FPP, Dakar, 26-28 March 2014 26 March 2014 SUMMARY

International Civil Aviation Organization PBN airspace design Seminar/workshop, AFI-FPP, Dakar, 26-28 March 2014 26 March 2014 SUMMARY AFI FPP Background ICAO documents Objective Process overview AFI-FPP contribution

628 views • 34 slides
2014 Schedule of Fines Rule Published March 14, 2014 in the D.C. Register Comment Period

2014 Schedule of Fines Rule Published March 14, 2014 in the D.C. Register Comment Period

3/28/2014 Overview of the Schedule of Fines Rulemaking March 25, 2014 2014 Schedule of Fines Rule Published March 14, 2014 in the D.C. Register Comment Period ends on April 14, 2014 After careful consideration of all comments

252 views • 8 slides
For the year ended 31 March 2014 1 Executive summary 31 March 2014 Revenue increased by 12,8% to

For the year ended 31 March 2014 1 Executive summary 31 March 2014 Revenue increased by 12,8% to

Financial Results Presentation For the year ended 31 March 2014 1 Executive summary 31 March 2014 Revenue increased by 12,8% to Capital investment increased by 15,6% R56,6 billion. to R31,8 billion. Cash generated from operations after EBITDA

615 views • 27 slides
The Instrument for Pre-accession Assistance (IPA II) ELARG Unit D3 IPA II architecture

The Instrument for Pre-accession Assistance (IPA II) ELARG Unit D3 IPA II architecture

The Instrument for Pre-accession Assistance (IPA II) ELARG Unit D3 IPA II architecture Regulatory architecture adoption Legal basis 11 March 2014 11 March 2014 IPA II Regulations REGULATION COMMON 11 March 2014 11 March 2014

587 views • 55 slides
Transmission Summit 2014 Summit agenda Washington, DCMarch 13-14, 2014 March 13, 2014: 7:30

Transmission Summit 2014 Summit agenda Washington, DCMarch 13-14, 2014 March 13, 2014: 7:30

Transmission Summit 2014 Summit agenda Washington, DCMarch 13-14, 2014 March 13, 2014: 7:30 8:30 Registration and Breakfast 8:30 8:45 Welcome and Introduction by Summit Chairman Celia Y. David , Director , Energy, NAVIGANT 8:45

157 views • 4 slides
GLANBIA CAGE CONFERENCE 2014 17 March 2014 www.glanbia.com CAGE 2014 www.glanbia.com 1

GLANBIA CAGE CONFERENCE 2014 17 March 2014 www.glanbia.com CAGE 2014 www.glanbia.com 1

GLANBIA CAGE CONFERENCE 2014 17 March 2014 www.glanbia.com CAGE 2014 www.glanbia.com 1 CAUTIONARY STATEMENT This presentation contains forward-looking statements. These statements have been made by the Directors in good faith based on the

823 views • 36 slides
1Q 2014 Earnings Presentation Three Months Ended March 31, 2014 May 14, 2014 Important Information

1Q 2014 Earnings Presentation Three Months Ended March 31, 2014 May 14, 2014 Important Information

1Q 2014 Earnings Presentation Three Months Ended March 31, 2014 May 14, 2014 Important Information The following pages are part of a presentation by Springleaf Holdings, Inc. (the &quot;Company&quot;) in connection with reporting quarterly

566 views • 19 slides
Financial Results for the year ended March 31, 2014 May 12, 2014 0 Agenda Corporate Overview

Financial Results for the year ended March 31, 2014 May 12, 2014 0 Agenda Corporate Overview

INPEX CORPORATION Financial Results for the year ended March 31, 2014 May 12, 2014 0 Agenda Corporate Overview Outlook Financial Results for the year ended March 31, 2014 Consolidated Financial Forecasts for the year ending March

632 views • 34 slides
IEC Project Review East Side Access March 24, 2014 SCHEDULE MTACC will manage to a

IEC Project Review East Side Access March 24, 2014 SCHEDULE MTACC will manage to a

DRAFT CONFIDENTIAL March 2014 CPOC IEC Project Review East Side Access March 24, 2014 SCHEDULE MTACC will manage to a schedule at the low end of the preliminary range presented in January 2014 and the IEC plans to monitor the

359 views • 5 slides
2014 FULL-YEAR RESULTS MARCH 11, 2015 2014 FULL-YEAR RESULTS / MARCH 11, 2015 DISCLAIMER

2014 FULL-YEAR RESULTS MARCH 11, 2015 2014 FULL-YEAR RESULTS / MARCH 11, 2015 DISCLAIMER

2014 FULL-YEAR RESULTS MARCH 11, 2015 2014 FULL-YEAR RESULTS / MARCH 11, 2015 DISCLAIMER Certain statements contained in this document are forward-looking statements (including objectives and trends), which address our vision of the financial

826 views • 68 slides
PIRELLI FY 2014 RESULTS MILANO MARCH 31, 2015 AGENDA FY 2014 RESULTS FY 2014 TYRE OVERVIEW

PIRELLI FY 2014 RESULTS MILANO MARCH 31, 2015 AGENDA FY 2014 RESULTS FY 2014 TYRE OVERVIEW

PIRELLI FY 2014 RESULTS MILANO MARCH 31, 2015 AGENDA FY 2014 RESULTS FY 2014 TYRE OVERVIEW 2015 TARGETS APPENDIX FY 2014 RESULTS 1 FY 2014 RESULTS VS GUIDANCE 2014 targets 2014 targets FY 2014 Results (with Steel Cord as November

379 views • 37 slides
CD Unit Spring Meeting Columbus, OH March 2014 1 3/10/2014 Agenda Goals Share and learn,

CD Unit Spring Meeting Columbus, OH March 2014 1 3/10/2014 Agenda Goals Share and learn,

3/10/2014 CD Unit Spring Meeting Columbus, OH March 2014 1 3/10/2014 Agenda Goals Share and learn, discuss ideas in a 9:30 Welcome/Introductions trusting environment 10:00 CD Admin Update Commit to decisions &amp; action plans 11:00

799 views • 35 slides
KBW Mortgage Finance Conference June 3, 2014 Information is as of March 31, 2014 except as

KBW Mortgage Finance Conference June 3, 2014 Information is as of March 31, 2014 except as

Apollo Residential Mortgage, Inc. (AMTG) KBW Mortgage Finance Conference June 3, 2014 Information is as of March 31, 2014 except as otherwise noted. It should not be assumed that investments made in the future will be profitable or will

127 views • 12 slides
Vancouver Biennale 2014 15 Update March 31, 2014 Biennale Exhibition 2014 2015 Vancouver

Vancouver Biennale 2014 15 Update March 31, 2014 Biennale Exhibition 2014 2015 Vancouver

Vancouver Biennale 2014 15 Update March 31, 2014 Biennale Exhibition 2014 2015 Vancouver Biennale and Park Board/City have agreed to an exciting program: 1. Expanded international sculpture exhibition 2. International artist residencies

267 views • 9 slides
Chapter 7: Modifying Samples in a Range Knowing where we are in the sound More complex

Chapter 7: Modifying Samples in a Range Knowing where we are in the sound More complex

Chapter 7: Modifying Samples in a Range Knowing where we are in the sound More complex operations require us to know where we are in the sound, which sample Not just process all the samples exactly the same Examples: Reversing a

386 views • 25 slides
Haojun Liao Jizhong Han Jinyun Fang {liaohaojun, hjz, fangjy}@ict.ac.cn 2010-7-15

Haojun Liao Jizhong Han Jinyun Fang {liaohaojun, hjz, fangjy}@ict.ac.cn 2010-7-15

Haojun Liao Jizhong Han Jinyun Fang {liaohaojun, hjz, fangjy}@ict.ac.cn 2010-7-15 Introduction Design Overview Implementation Details Performance Evaluation Conclusion &amp; Future work Data Volume Data volumes

405 views • 29 slides
NDN DeLorean: An Authentication System for Data Archives in Named Data Networking Yingdi Yu

NDN DeLorean: An Authentication System for Data Archives in Named Data Networking Yingdi Yu

NDN DeLorean: An Authentication System for Data Archives in Named Data Networking Yingdi Yu (UCLA), Alexander Afanasyev (Florida International University), Jan Seedorf (HFT Stuttgart), Zhiyi Zhang (UCLA), Lixia Zhang (UCLA), ACM Information

455 views • 18 slides
Inde x objects and labeled data MAN IP U L ATIN G DATAFR AME S W ITH PAN DAS Anaconda Instr u

Inde x objects and labeled data MAN IP U L ATIN G DATAFR AME S W ITH PAN DAS Anaconda Instr u

Inde x objects and labeled data MAN IP U L ATIN G DATAFR AME S W ITH PAN DAS Anaconda Instr u ctor pandas data str u ct u res Ke y b u ilding blocks Index es : Seq u ence of labels Imm u table ( Like dictionar y ke y s ) Homogeneo u s in data t

525 views • 27 slides
The webinar will begin shortly This presentation will be recorded and sent out to all

The webinar will begin shortly This presentation will be recorded and sent out to all

1 The webinar will begin shortly This presentation will be recorded and sent out to all attendees with the PowerPoint Nonprofits, Nonpartisanship &amp; Misinformation What Nonprofits Can (and Should) Say about the Election Who we are

540 views • 26 slides
Big City vs. the Great Outdoors Voter Distribution and How It Affects Gerrymandering Allan

Big City vs. the Great Outdoors Voter Distribution and How It Affects Gerrymandering Allan

Big City vs. the Great Outdoors Voter Distribution and How It Affects Gerrymandering Allan Borodin, Omer Lev, Nisarg Shah, Tyrone Strangway Gerrymandering Gerrymandering Gerrymandering Gerrymandering proportional Gerrymandering Red

346 views • 31 slides
The House of Representatives in 2018 G. Elliott Morris Data Journalist DataCamp Analyzing

The House of Representatives in 2018 G. Elliott Morris Data Journalist DataCamp Analyzing

DataCamp Analyzing Election and Polling Data in R ANALYZING ELECTION AND POLLING DATA IN R The House of Representatives in 2018 G. Elliott Morris Data Journalist DataCamp Analyzing Election and Polling Data in R Political prediction as a

509 views • 28 slides
Lectures on Economic Inequality Warwick, Summer 2018, Supplement to Slides 1 Debraj Ray

Lectures on Economic Inequality Warwick, Summer 2018, Supplement to Slides 1 Debraj Ray

Lectures on Economic Inequality Warwick, Summer 2018, Supplement to Slides 1 Debraj Ray Inequality and Divergence I. Personal Inequalities, Slides 1 and 2 Inequality and Divergence II. Functional Inequalities Inequality and Conflict I.

360 views • 7 slides

More recommend