on unreasonable ineffectiveness
play

On unreasonable ineffectiveness Problem of security engineering: - PowerPoint PPT Presentation

May 16, 2023 •48 likes •898 views

Ineffectiveness of trust D. Pavlovic On unreasonable ineffectiveness Problem of security engineering: Background Analysis the case of adverse selection Method of trust certificates Conclusion Dusko Pavlovic Kestrel Institute and Oxford

  1. Ineffectiveness of trust D. Pavlovic On unreasonable ineffectiveness Problem of security engineering: Background Analysis the case of adverse selection Method of trust certificates Conclusion Dusko Pavlovic Kestrel Institute and Oxford University Elva, Estonia June 2010

  2. Ineffectiveness of Outline trust D. Pavlovic Problem Problem : All protocols are insecure Background Analysis Background : Notion of trust Method Conclusion Analysis : Trust dynamics Method : Learning trust concepts Conclusion : Security is an elephant

  3. Ineffectiveness of Outline trust D. Pavlovic Problem Problem : All protocols are insecure The life cycle of security Adverse selection Problem of trust The life cycle of security Background Adverse selection Analysis Method Problem of trust Conclusion Background : Notion of trust Analysis : Trust dynamics Method : Learning trust concepts Conclusion : Security is an elephant

  4. Ineffectiveness of The Unreasonable Effectiveness trust D. Pavlovic of Mathematics in Natural Sciences Problem E. Wigner (1960) The life cycle of security Adverse selection Problem of trust Background Analysis ◮ Why is nature made in the measure of our mind? Method Conclusion

  5. Ineffectiveness of The Unreasonable In effectiveness trust D. Pavlovic of Engineering in Security Problem The life cycle of security Adverse selection Problem of trust Background Analysis ◮ Why are we not becoming more secure Method from more security technologies? Conclusion

  6. Ineffectiveness of The Unreasonable In effectiveness trust D. Pavlovic of Engineering in Security Problem The life cycle of security Adverse selection Problem of trust Background Analysis Method Conclusion Why?

  7. Ineffectiveness of Failures are first-class citizens trust D. Pavlovic Problem The life cycle of security Adverse selection Problem of trust Background Analysis Method Conclusion

  8. Ineffectiveness of Failures are first-class citizens trust D. Pavlovic Bull’s protocol Problem The life cycle of security ◮ Isabelle: secure for E ( k , m ; n ) Adverse selection Problem of trust ◮ Ryan & Schneider: not for E ( k , m ; n ) = n ⊕ H k ( m ) Background Analysis Method Conclusion

  9. Ineffectiveness of Failures are first-class citizens trust D. Pavlovic Bull’s protocol Problem The life cycle of security ◮ Isabelle: secure for E ( k , m ; n ) Adverse selection Problem of trust ◮ Ryan & Schneider: not for E ( k , m ; n ) = n ⊕ H k ( m ) Background Analysis Method IPSec GDoI Conclusion ◮ IETF MSec WG: secure (7 drafts), verified (3 times) ◮ Cathy & Dusko: GDoI_PoP attack

  10. Ineffectiveness of Failures are first-class citizens trust D. Pavlovic Bull’s protocol Problem The life cycle of security ◮ Isabelle: secure for E ( k , m ; n ) Adverse selection Problem of trust ◮ Ryan & Schneider: not for E ( k , m ; n ) = n ⊕ H k ( m ) Background Analysis Method IPSec GDoI Conclusion ◮ IETF MSec WG: secure (7 drafts), verified (3 times) ◮ Cathy & Dusko: GDoI_PoP attack MQV ◮ NSA: "MQV is critical for national security of US" ◮ Krawczyk: MQV insecure

  11. Ineffectiveness of Failures are first-class citizens trust D. Pavlovic Bull’s protocol Problem The life cycle of security ◮ Isabelle: secure for E ( k , m ; n ) Adverse selection Problem of trust ◮ Ryan & Schneider: not for E ( k , m ; n ) = n ⊕ H k ( m ) Background Analysis Method IPSec GDoI Conclusion ◮ IETF MSec WG: secure (7 drafts), verified (3 times) ◮ Cathy & Dusko: GDoI_PoP attack MQV ◮ NSA: "MQV is critical for national security of US" ◮ Krawczyk: MQV insecure, HMQV proven secure

  12. Ineffectiveness of Failures are first-class citizens trust D. Pavlovic Bull’s protocol Problem The life cycle of security ◮ Isabelle: secure for E ( k , m ; n ) Adverse selection Problem of trust ◮ Ryan & Schneider: not for E ( k , m ; n ) = n ⊕ H k ( m ) Background Analysis Method IPSec GDoI Conclusion ◮ IETF MSec WG: secure (7 drafts), verified (3 times) ◮ Cathy & Dusko: GDoI_PoP attack MQV ◮ NSA: "MQV is critical for national security of US" ◮ Krawczyk: MQV insecure, HMQV proven secure ◮ Menezes: HMQV insecure

  13. Ineffectiveness of Security is an adversarial process trust D. Pavlovic Problem The life cycle of security Adverse selection Problem of trust Background Protocol Analysis Method Conclusion Attack

  14. Ineffectiveness of Security is an adversarial process trust D. Pavlovic Problem The life cycle of security Adverse selection Problem of trust Background Protocol Analysis theory Method Conclusion counter-model Attack

  15. Ineffectiveness of Adverse selection trust D. Pavlovic Problem The life cycle of security Adverse selection Problem of trust Background T RUST E-certified uncertified Analysis honest 94.6% 97.5% Method Conclusion malicious 5.4% 2.5 % Table: Trustworthyness of T RUST E [Edelman 2007]

  16. Ineffectiveness of Adverse selection trust D. Pavlovic Problem The life cycle of security Adverse selection Problem of trust Google Background sponsored organic Analysis top 4.44% 2.73% Method top 3 5.33% 2.93 % Conclusion top 10 5.89% 2.74 % top 50 5.93% 3.04 % Table: Malicious search engine placements [Edelman 2007]

  17. Ineffectiveness of Adverse selection trust D. Pavlovic Problem The life cycle of security Adverse selection Problem of trust Yahoo! Background sponsored organic Analysis top 6.35% 0.00% Method top 3 5.72% 0.35 % Conclusion top 10 5.14% 1.47 % top 50 5.40% 1.55 % Table: Malicious search engine placements [Edelman 2007]

  18. Ineffectiveness of Adverse selection trust D. Pavlovic Problem The life cycle of security Adverse selection Problem of trust Ask Background sponsored organic Analysis top 7.99% 3.23% Method top 3 7.99% 3.24 % Conclusion top 10 8.31% 2.94 % top 50 8.20% 3.12 % Table: Malicious search engine placements [Edelman 2007]

  19. Ineffectiveness of Adverse selection trust D. Pavlovic Problem The life cycle of security Adverse selection Problem of trust Background "Pillars of the society" phenomenon Analysis Method ◮ social hubs are more often corrupt Conclusion ◮ the rich are more often thieves ◮ . . .

  20. Ineffectiveness of Problem of trust trust D. Pavlovic Problem The life cycle of security Adverse selection Problem of trust Background ◮ Why does adverse selection happen? Analysis Method ◮ Can it be eliminated? Limited? Conclusion ◮ Can we hedge against it? ◮ Is there a rational trust policy?

  21. Ineffectiveness of Outline trust D. Pavlovic Problem Problem : All protocols are insecure Background Analysis Background : Notion of trust Method Conclusion Analysis : Trust dynamics Method : Learning trust concepts Conclusion : Security is an elephant

  22. Ineffectiveness of What is trust? trust D. Pavlovic Problem Background Alice trusts that Bob will act according to protocol Φ . Analysis Method Conclusion

  23. Ineffectiveness of What is trust? trust D. Pavlovic Problem Background Alice trusts that Bob will act according to protocol Φ . Analysis Method Conclusion Examples ◮ shopping: Bob will deliver goods ◮ marketing: Bob will pay for goods ◮ access control: Bob will not abuse resources ◮ key infrastructure: Bob’s keys are not compromised

  24. Ineffectiveness of Modeling trust trust D. Pavlovic Problem Background Analysis Φ Trust relation u −→ j Method r Conclusion ◮ u : trustor ◮ j : trustee ◮ Φ : entrusted concept (protocol, task, property) ◮ r : trust rating

  25. Ineffectiveness of Views of Trust trust D. Pavlovic Problem Background Analysis Method Local: trust logics Conclusion Φ u −→ j means that ◮ u requires Φ ◮ j guarantees Φ

  26. Ineffectiveness of Views of Trust trust D. Pavlovic Problem Background Global: trust networks Analysis d d b u v w k means that −→ −→ −→ Method r s t Conclusion ◮ u has a delegation certificate for v ◮ v has a delegation certificate for w ◮ w has a binding certificate for the key k

  27. Ineffectiveness of Views of Trust trust D. Pavlovic Problem Background Global: trust networks Analysis d d b u v w k means that −→ −→ −→ Method r s t Conclusion ◮ u has a delegation certificate for v ◮ v has a delegation certificate for w ◮ w has a binding certificate for the key k ◮ thus u can use the key k ◮ even compute its trust rating rst ◮ although they had no direct contact

  28. Ineffectiveness of Network dynamics trust D. Pavlovic Problem Background Analysis Networks are built upon networks: Method Conclusion ◮ session keys upon long term keys ◮ strong secrets upon weak secrets ◮ crypto channels upon physical or social channels

  29. Ineffectiveness of Network dynamics trust D. Pavlovic Problem Background Analysis Networks are built upon networks: Method Conclusion ◮ session keys upon long term keys ◮ strong secrets upon weak secrets ◮ crypto channels upon physical or social channels ◮ secure interactions upon trust ◮ trust upon secure interactions

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to Supersymmetry Unreasonable effectiveness of the SM L Yukawa = y t 2 H 0 t L t

Introduction to Supersymmetry Unreasonable effectiveness of the SM L Yukawa = y t 2 H 0 t L t

Introduction to Supersymmetry Unreasonable effectiveness of the SM L Yukawa = y t 2 H 0 t L t R + h.c. H 0 = H 0 + h 0 = v + h 0 m t = y t v 2 t , t L R 0 0 h h Figure 1: The top loop contribution to the Higgs mass

498 views • 32 slides
Unreasonable complainant conduct UCC is behaviour by a current or former complainant which,

Unreasonable complainant conduct UCC is behaviour by a current or former complainant which,

Letting go is hard to do: Managing difficult complainant behaviour Conference of Regulatory Officers 2012 Louise Rosemann Assistant Ombudsman Office of the Queensland Ombudsman 8 November 2012 Unreasonable complainant conduct UCC is

354 views • 12 slides
Caroline McGowan PhD Candidate, TU Dublin Unreasonable expectations that DEIS schools can

Caroline McGowan PhD Candidate, TU Dublin Unreasonable expectations that DEIS schools can

Caroline McGowan PhD Candidate, TU Dublin Unreasonable expectations that DEIS schools can solve complex societal problems. A progress report on a collaborative, cross-curricular intervention around food and cooking in an inner-city

481 views • 33 slides
The Reasonable and Unreasonable Effectiveness of Hydrodynamics in Exotic Quantum Matter Hong Liu

The Reasonable and Unreasonable Effectiveness of Hydrodynamics in Exotic Quantum Matter Hong Liu

The Reasonable and Unreasonable Effectiveness of Hydrodynamics in Exotic Quantum Matter Hong Liu Theoretical Physics colloquium, Nov. 3 rd 2020, Arizona State Univerity Fluid phenomena are ubiquitous in our life: Hydrodynamics Long history,

448 views • 41 slides
The unreasonable effectiveness of tensor product. Renaud Coulangeon, Universit Bordeaux 1

The unreasonable effectiveness of tensor product. Renaud Coulangeon, Universit Bordeaux 1

The unreasonable effectiveness of tensor product. Renaud Coulangeon, Universit Bordeaux 1 based on a joint work with Gabriele Nebe Banff, November 14, 2011 Introduction Let L and M be two Euclidean lattices Introduction Let L and M be two

1.21k views • 66 slides
The unreasonable effectiveness of Nonstandard Analysis Sam Sanders CCC, Kochel, Sept. 2015

The unreasonable effectiveness of Nonstandard Analysis Sam Sanders CCC, Kochel, Sept. 2015

The unreasonable effectiveness of Nonstandard Analysis Sam Sanders CCC, Kochel, Sept. 2015 Introduction: NSA 101 Mining NSA Additional results Aim and motivation Aim: To show that proofs of theorems of PURE Nonstandard Analysis can be mined

1.43k views • 129 slides
Government: Hypothetical Case Studies Unreasonable complainant conduct in a virtual world SOCAP

Government: Hypothetical Case Studies Unreasonable complainant conduct in a virtual world SOCAP

Government: Hypothetical Case Studies Unreasonable complainant conduct in a virtual world SOCAP Amora Jamison Hotel, Sydney 30 August 2011 Chris Wheeler Deputy NSW Ombudsman Public servants and social media Recent examples: The

634 views • 25 slides
j i u a l The Unreasonable Effectiveness of Multiple Dispatch Stefan Karpinski Multiple

j i u a l The Unreasonable Effectiveness of Multiple Dispatch Stefan Karpinski Multiple

j i u a l The Unreasonable Effectiveness of Multiple Dispatch Stefan Karpinski Multiple Dispatch? dispatch dispatched on selection syntax degree arguments power none f(x, y) { } O(1) single x.f(y) {x} O(|X|) multiple

646 views • 30 slides
The Unreasonable Effectiveness of (High School) Mathematics Dominic Orchard 5 th Annual Jesus

The Unreasonable Effectiveness of (High School) Mathematics Dominic Orchard 5 th Annual Jesus

The Unreasonable Effectiveness of (High School) Mathematics Dominic Orchard 5 th Annual Jesus College Graduate Conference April 27 th 2012 Some sums... (elementary school!) 2 + 2 = 4 1 + 0 = 1 0 + 3 = 3 0 + 0 = 0 ... with variables

623 views • 36 slides
Mathematical modelling Ronojoy Adhikari The Institute of Mathematical Sciences Chennai, India

Mathematical modelling Ronojoy Adhikari The Institute of Mathematical Sciences Chennai, India

Mathematical modelling Ronojoy Adhikari The Institute of Mathematical Sciences Chennai, India The unreasonable effectiveness of mathematics The unreasonable effectiveness of mathematics The unreasonable effectiveness of mathematics The

499 views • 19 slides
Theunreasonable effectivenessofthe largechargeexpansion Domenico Orlando based on

Theunreasonable effectivenessofthe largechargeexpansion Domenico Orlando based on

INFN | Torino 5 January 2018 | Rikkyo University [arXiv:1707.00711] and more to come Domenico Orlando The unreasonable effectiveness of the large charge expansion Theunreasonable effectivenessofthe largechargeexpansion Domenico Orlando

1.23k views • 94 slides
Noticeably Different, Noticeably Better May 5, 2017 www.TexasDisposal.com Anti-Lobbying

Noticeably Different, Noticeably Better May 5, 2017 www.TexasDisposal.com Anti-Lobbying

Noticeably Different, Noticeably Better May 5, 2017 www.TexasDisposal.com Anti-Lobbying Ordinance - TDS issues with the ALO concern the unreasonable threat it poses to our business, and the potential limitation of information available to

196 views • 15 slides
Data Science Tim Kraska [Economist,02/2010] Examples The

Data Science Tim Kraska [Economist,02/2010] Examples The

Data Science Tim Kraska [Economist,02/2010] Examples The Unreasonable Effec6veness of Data Alon Halevy, Peter Norvig, and Fernando Pereira, Google

1.13k views • 50 slides
Fourth Amendment Josh Blanchard www.mielcarr.com The right of the people to be secure in

Fourth Amendment Josh Blanchard www.mielcarr.com The right of the people to be secure in

9/22/2015 Fourth Amendment Josh Blanchard www.mielcarr.com The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall

484 views • 26 slides
TOD / TOU Net Metering NEM Rates Should Support deployment of more renewable energy in the

TOD / TOU Net Metering NEM Rates Should Support deployment of more renewable energy in the

TOD / TOU Net Metering NEM Rates Should Support deployment of more renewable energy in the great State of Nevada Allow ratepayers to take control of their energy costs Avoid an unreasonable cost shift / NEM ratepayers should pay

309 views • 7 slides
Learning Dense Correspondence via 3D-guided Cycle Consistency Tinghui Zhou 1 , Philipp

Learning Dense Correspondence via 3D-guided Cycle Consistency Tinghui Zhou 1 , Philipp

Learning Dense Correspondence via 3D-guided Cycle Consistency Tinghui Zhou 1 , Philipp Krhenbhl 1 , Mathieu Aubry 2 , Qixing Huang 3 , Alexei A. Efros 1 UC Berkeley 1 , ENPC ParisTech 2 , TTI-Chicago 3 The Unreasonable Effectiveness of Deep

467 views • 35 slides
Data Acquisition Axel Ngonga Lead Data Acquisition BIG Data PPF http://big-project.eu

Data Acquisition Axel Ngonga Lead Data Acquisition BIG Data PPF http://big-project.eu

Data Acquisition Axel Ngonga Lead Data Acquisition BIG Data PPF http://big-project.eu Motivation Increasing amout of data 4K new pictures on Instagram 100K tweets 800K new pieces of content on Facebook Motivation

403 views • 16 slides
Getting Started with .NET Core 2.0 on macOS (and Windows, too) Jeremy Clark

Getting Started with .NET Core 2.0 on macOS (and Windows, too) Jeremy Clark

Getting Started with .NET Core 2.0 on macOS (and Windows, too) Jeremy Clark www.jeremybytes.com @jeremybytes What is .NET Core? Cross-Platform .NET Runs on macOS, Linux, and Windows Can be compiled to machine code based on

1.17k views • 15 slides
4 statements Statement 2 about science and security Statement 3 Statement 4 Dusko Pavlovic

4 statements Statement 2 about science and security Statement 3 Statement 4 Dusko Pavlovic

4 SoS D. Pavlovic Statement 1 4 statements Statement 2 about science and security Statement 3 Statement 4 Dusko Pavlovic Kestrel Institute and Oxford University Science of Security Workshop Oakland, CA 17-18 November 2008 rs rs rs rs

577 views • 47 slides
Foster Hartmann Lafortune Kavraki Kress-Gazit Loo Madhusudan Bodik Expeditions in Computer

Foster Hartmann Lafortune Kavraki Kress-Gazit Loo Madhusudan Bodik Expeditions in Computer

Foster Hartmann Lafortune Kavraki Kress-Gazit Loo Madhusudan Bodik Expeditions in Computer Augmented Program Engineering Martin http://excape.cis.upenn.edu/ Alur Cornell, Maryland, Michigan, MIT, Penn, Rice, UC Berkeley, UCLA, UIUC NSF

508 views • 27 slides
Writing Integration T ests for ASP.NET Core Web APIs: Part 2 Steve Gordon MICROSOFT DEVELOPER

Writing Integration T ests for ASP.NET Core Web APIs: Part 2 Steve Gordon MICROSOFT DEVELOPER

Writing Integration T ests for ASP.NET Core Web APIs: Part 2 Steve Gordon MICROSOFT DEVELOPER TECHNOLOGIES MVP @stevejgordon www.stevejgordon.co.uk t h s Creating a custom WebApplicationFactory Testing POST endpoints Overview - Testing

1.16k views • 18 slides
RHIC Real time data reconstruction using Magellan cloud computing STAR event Magellan Cluster at

RHIC Real time data reconstruction using Magellan cloud computing STAR event Magellan Cluster at

RHIC Real time data reconstruction using Magellan cloud computing STAR event Magellan Cluster at NERSC 2011 OSG All Hands Jan Balewski March 7-11, 2011 for STAR Collaboration Harvard Medical School, Boston Outline STAR experiment

698 views • 38 slides
(g)RPC - Remote Procedure Call February 13, 2019 Remote Procedure Call (RPC) a form of

(g)RPC - Remote Procedure Call February 13, 2019 Remote Procedure Call (RPC) a form of

(g)RPC - Remote Procedure Call February 13, 2019 Remote Procedure Call (RPC) a form of inter-process communication RPC - Protocols XML-RPC xmlrpc2 (CRAN), XMLRPC (omegahat) JSON-RPC https://www.jsonrpc.org/ gRPC open

341 views • 8 slides
Table of Contents Page # Title Name Department 2-11 Arctic Research Team John Hedengren

Table of Contents Page # Title Name Department 2-11 Arctic Research Team John Hedengren

Table of Contents Page # Title Name Department 2-11 Arctic Research Team John Hedengren Multiple C-UAS Center for Unmanned Aircraft 12-20 John Hedengren Multiple Systems Proposed Arctic Research Center John Hedengren Conrad Monson

964 views • 20 slides

More recommend