petros maniatis devdatta akhawe kevin fall elaine shi
play

Petros Maniatis , Devdatta Akhawe, Kevin Fall, Elaine Shi, Stephen - PowerPoint PPT Presentation

Jan 03, 2024 •293 likes •545 views

Petros Maniatis , Devdatta Akhawe, Kevin Fall, Elaine Shi, Stephen McCamant, Dawn Song Secure Data Capsules @ HotOS2011 3 Secure Data Capsules @ HotOS2011 4 Secure Data Capsules @ HotOS2011 5 Secure Data Capsules @ HotOS2011 6 Secure Data

  1. Petros Maniatis , Devdatta Akhawe, Kevin Fall, Elaine Shi, Stephen McCamant, Dawn Song

  2. Secure Data Capsules @ HotOS2011 3

  3. Secure Data Capsules @ HotOS2011 4

  4. Secure Data Capsules @ HotOS2011 5

  5. Secure Data Capsules @ HotOS2011 6

  6. Secure Data Capsules @ HotOS2011 7

  7. • Diverse modes of data use and storage outside owner’s control • Distinct organizations, infrastructures, jurisdictions • Unknown software, maintenance, trustworthiness • Deep, continuous, critical sharing Today: trust everyone to do anything undetected, or die Secure Data Capsules @ HotOS2011 9

  8. • Owner sets data policy: Data Use Controls (DUCs) • Policy enforced on data while out-of-custody • Data provenance maintained through all change 1. Support current OSes and applications without limiting choice 2. Remove OS, applications from the TCB, verify 3. Provide good performance Legacy is the Killer App Secure Data Capsules @ HotOS2011 10

  9. Secure Data Capsules @ HotOS2011 12

  10. Unmodified OS Application HW Secure Data Capsules @ HotOS2011 13

  11. Trusted Unmodified OS Application HyperVisor HW HRoT/TPM Secure Data Capsules @ HotOS2011 14

  12. Trusted Unmodified OS SEE System Application Interposer Taint Tracker HyperVisor HW HRoT/TPM Secure Data Capsules @ HotOS2011 16

  13. Trusted Unmodified OS SEE DUC Engine System Application Interposer Taint Auth DUC Tracker Provenance HyperVisor HW HRoT/TPM Secure Data Capsules @ HotOS2011 18

  14. Secure Data Capsules @ HotOS2011 19

  15. Petros’s Foot MRI • Mass here, mass there DUC • Dr. Magneto can edit • Dr. Ken can view Provenance • Nurse Jackie Created Secure Data Capsules @ HotOS2011 21

  16. Petros’s Foot MRI • Mass here, mass there DUC • Dr. Magneto can edit • Dr. Ken can view Provenance • Nurse Jackie Created • Dr. Magneto appended text, cropped image Secure Data Capsules @ HotOS2011 22

  17. Trusted Unmodified OS Unmodified OS SEE DUC Engine Application System Application Release Interposer Launch Secure Keys Auth Taint DUC Tracker Launch Secure Provenance HyperVisor HW HRoT/TPM Secure Data Capsules @ HotOS2011 23

  18. Trusted Unmodified OS SEE DUC Engine Application System Interposer Auth Taint DUC Tracker Provenance HyperVisor HW HRoT/TPM Secure Data Capsules @ HotOS2011 24

  19. Trusted Unmodified OS My photo SEE Tainted DUC Engine Before Before After ADD Application MUL MOV JMP Auth … … Secure Data Capsules @ HotOS2011 25

  20. Trusted Unmodified OS DUC Released Provenance Sandbox Intercept Release DUC Engine MRI Intercepted Taint Cropped Application Taint Other Obj Auth No taint X-Ray Taint Secure Data Capsules @ HotOS2011 26

  21. • Flow tracking does much of the heavy lifting, slooooowly • Might improve with: Restriction, Granularity, Asynchrony, Hardware • How to keep as little as possible of policy evaluation and flow tracking in TCB? Why T, CB? Prove it, please! • Are DUCs meaningful to humans? Composable? App-specific? • Covert channels a serious threat with untrusted applications • A tussle between flexibility – leak-ability, what can we do in between? • Aggregation/analytics? Secure Data Capsules @ HotOS2011 28

  22. Thank You! Secure Data Capsules @ HotOS2011 29

  23. • Ampoules • Cocoons • Caplets • Sheaths • Flasks • Husks • Pods • Bob Secure Data Capsules @ HotOS2011 30

  24. • The Enterprise Rights Management approach • Everyone uses same SW platform, applications • Like begging for non-compliance • Tough across organization/jurisdiction boundaries • Decentralized Information Flow Control • New OSes: small TCB but incompatible (e.g., HiStar), or compatible but large TCB (e.g., Flume) • New languages (e.g., Jif): rewrite applications, no protection at OS custody • Red/Green models: Trust application, disallow sharing, coarse granularity Secure Data Capsules @ HotOS2011 31

  25. • Sandboxes can have variable semantic richness 1. Know nothing of semantics • Act as a data sink, block all output except display • Storage Capsules [Borders2008] 2. Understand information flow • Allow output of data, sharing across apps • Must track flow of sensitive bits to outputs (DIFT) 3. Understand application or data semantics • Need trusted enforcers for app-specific policy • For now, targeting #2 with support for #3 Secure Data Capsules @ HotOS2011 32

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Symmetric-Key Cryptography CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe,

Symmetric-Key Cryptography CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe,

Symmetric-Key Cryptography CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ March 10, 2011 M 1 M 2 M 3 C 1 C 2 C 3 C 2 C 3 C 1 M 1 M 2 M 3 Original

291 views • 14 slides
Clickjacking Revisited A Perceptual View of UI Security Devdatta Akhawe / Warren He / Zhiwei Li/

Clickjacking Revisited A Perceptual View of UI Security Devdatta Akhawe / Warren He / Zhiwei Li/

Clickjacking Revisited A Perceptual View of UI Security Devdatta Akhawe / Warren He / Zhiwei Li/ Reza Moazzezi / Dawn Song University of California, Berkeley Clickjacking is a malicious technique of tricking a Web user into clicking on something

753 views • 39 slides
Detecting Attacks, Part 2 CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe,

Detecting Attacks, Part 2 CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe,

Detecting Attacks, Part 2 CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ April 14, 2011 Announcements Talk of possible interest next Monday:

492 views • 23 slides
Anonymity / Sneakiness CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Anonymity / Sneakiness CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Anonymity / Sneakiness CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ April 7, 2011 Todays Lecture A look at technical means for one form

1.07k views • 68 slides
Web Attacks, cont CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Web Attacks, cont CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Web Attacks, cont CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 24, 2011 Announcements Guest lecture a week from Thursday (March

777 views • 51 slides
Worms & Botnets CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Worms & Botnets CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Worms & Botnets CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ April 21, 2011 Announcements HKN reviewing today, 12:15PM Final exam

987 views • 31 slides
Web Attacks, cont CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Web Attacks, cont CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Web Attacks, cont CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 22, 2011 Announcements See Still confused about question 4

1.05k views • 72 slides
Network Attacks, Part 1 CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Network Attacks, Part 1 CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Network Attacks, Part 1 CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 3, 2011 1 Announcements / Game Plan Homework #1 out now, due

433 views • 24 slides
Impersonation CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed

Impersonation CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed

Impersonation CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ March 1, 2011 Announcements Midterm next Tuesday March 8th Scope is course

820 views • 78 slides
Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ April 19, 2011 Announcements Matthias out for at least this coming week :-(

864 views • 31 slides
Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ April 19, 2011 Announcements Matthias out for at least this coming week :-(

468 views • 46 slides
Network Control CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed

Network Control CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed

Network Control CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 10, 2011 1 Network Control: Firewalls Motivation: How do you harden a

838 views • 35 slides
Learning and Evaluating Contextual Embedding of Source Code Aditya Kanade 1 2 , Petros Maniatis 2

Learning and Evaluating Contextual Embedding of Source Code Aditya Kanade 1 2 , Petros Maniatis 2

Learning and Evaluating Contextual Embedding of Source Code Aditya Kanade 1 2 , Petros Maniatis 2 , Gogul Balakrishnan 2 , Kensen Shi 2 1 Indian Institute of Science 2 Google Brain General-Purpose Representations of Source Code Success of

252 views • 14 slides
Securing Internet Communication CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta

Securing Internet Communication CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta

Securing Internet Communication CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ March 31, 2011 Todays Lecture Applying crypto technology in

695 views • 51 slides
Finally, a Use for Componentized Transport Protocols Tyson Condie, Joseph M. Hellerstein, Petros

Finally, a Use for Componentized Transport Protocols Tyson Condie, Joseph M. Hellerstein, Petros

Finally, a Use for Componentized Transport Protocols Tyson Condie, Joseph M. Hellerstein, Petros Maniatis, Sean Rhea, Timothy Roscoe U.C. Berkeley and Intel Research Berkeley Roadmap History Whats different now? New uses for

508 views • 19 slides
Declare victory and move on. Why a Grand Challenge? We choose to go to the moon. We choose

Declare victory and move on. Why a Grand Challenge? We choose to go to the moon. We choose

Public Health for the Internet Toward a New Grand Challenge for Data Management Joseph M. Hellerstein, UC Berkeley Tyson Condie, Minos Garofalakis, Boon Thau Loo, Petros Maniatis, Timothy Roscoe, Nina A. Taft Our Last Grand Challenge

339 views • 17 slides
Meeting With Ken Dodds March 21, 2019 Many thanks to Holland & Knight LLP for hosting

Meeting With Ken Dodds March 21, 2019 Many thanks to Holland & Knight LLP for hosting

Small Business Committee Meeting With Ken Dodds March 21, 2019 Many thanks to Holland & Knight LLP for hosting Upcoming Events Cyber and Supply Chain Security Committee, March 27 Legislative and Market Dynamics Breakfast Forum,

730 views • 60 slides
Todays Agenda Welcome Updates: Congratulations to Featured Event: The Research

Todays Agenda Welcome Updates: Congratulations to Featured Event: The Research

Todays Agenda Welcome Updates: Congratulations to Featured Event: The Research University and the Public: Perception vs. Reality Q&A WELCOME Communicators Forum October 24, 2019 [ ] UPDATES

392 views • 8 slides
Stanley Crouch 1945-2020 Ken Burns Jazz: PBS Documentary Featuring: Stanley Crouch and Wynton

Stanley Crouch 1945-2020 Ken Burns Jazz: PBS Documentary Featuring: Stanley Crouch and Wynton

9/30/20 Stanley Crouch 1945-2020 Ken Burns Jazz: PBS Documentary Featuring: Stanley Crouch and Wynton Marsalis 1 9/30/20 Toni Morrison (1931-2019) August 19, 2019 Issue See PBS American Masters Toni Morrison: The Pieces I Am Latin

599 views • 16 slides
Ironwood Forest National Monument Photo Workshop with Ken Sklute April 4 7 2019 Agenda

Ironwood Forest National Monument Photo Workshop with Ken Sklute April 4 7 2019 Agenda

Ironwood Forest National Monument Photo Workshop with Ken Sklute April 4 7 2019 Agenda Introductions Logistics Overview What to Expect How to Prepare Q&A Introductions Ken Sklute @ 602 738 0601

425 views • 10 slides
1 Fractals - Mandelbrot Set Fractals The Mandelbrot Set Plot of a recursive mathematical

1 Fractals - Mandelbrot Set Fractals The Mandelbrot Set Plot of a recursive mathematical

Proceduralism in Computer Graphics Fixed models/primitives not robust enough Quest for extensibility and programmability Procedural Modeling Use a function or procedure to define the surface or structure of an object.

338 views • 11 slides
Welcome & Opening Remarks Presented by: Ken Grimes , Conference Chair Thank You to Our Event

Welcome & Opening Remarks Presented by: Ken Grimes , Conference Chair Thank You to Our Event

Welcome & Opening Remarks Presented by: Ken Grimes , Conference Chair Thank You to Our Event Sponsors Aline Capital | Womble Bond Dickinson ULI Capital Markets Program Committee Matt Alexander, Auro Hotels Miller Harper, East West Partners

188 views • 5 slides
ADDITION AND COUNTING: THE ARITHMETIC OF PARTITIONS Scott Ahlgren and Ken Ono At first glance the

ADDITION AND COUNTING: THE ARITHMETIC OF PARTITIONS Scott Ahlgren and Ken Ono At first glance the

ADDITION AND COUNTING: THE ARITHMETIC OF PARTITIONS Scott Ahlgren and Ken Ono At first glance the stuff of partitions seems like childs play: 4 = 3 + 1 = 2 + 2 = 2 + 1 + 1 = 1 + 1 + 1 + 1 . Therefore, there are 5 partitions of the number 4.

172 views • 13 slides
Latin square determinants and permanents Ken Johnson Penn State Abington College (Joint work

Latin square determinants and permanents Ken Johnson Penn State Abington College (Joint work

Latin square determinants and permanents Ken Johnson Penn State Abington College (Joint work with D. Donovan and I. Wanless) Outline 1)The basic idea 2) Motivation 3) Summary of the group case 4) Results on latin square

763 views • 15 slides

More recommend