s irius securing remote untrusted s torage
play

S iRiUS: Securing Remote Untrusted S torage NDS S 2003 Eu-Jin - PowerPoint PPT Presentation

Aug 29, 2023 •163 likes •739 views

S iRiUS: Securing Remote Untrusted S torage NDS S 2003 Eu-Jin Goh, Hovav S hacham, Nagendra Modadugu, and Dan Boneh S tanford University Introduction S ecure network file syst ems not widespread. Why? 1. Hard to deploy No

  1. S iRiUS: Securing Remote Untrusted S torage NDS S 2003 Eu-Jin Goh, Hovav S hacham, Nagendra Modadugu, and Dan Boneh S tanford University

  2. Introduction S ecure network file syst ems not widespread. Why? 1. Hard to deploy • No backwards compatibility 2. File sharing not well supported • No file sharing ability, or • Fully trusted server handles file sharing

  3. Insecure Network File S ystems Legacy network file systems • widely used: NFS , CIFS , Yahoo! • insecure: NFS v2 • Weak authentication: UID/ GID • Fully trusted server

  4. S iRiUS Goals 1. No changes to remote file server • Implies crypto techniques 2. Easy for end users to deploy • Minimal client software, no kernel changes 3. File S haring with fine grained access control • Read-write separation 4. Minimize trust in file server

  5. Existing S ecure File S ystems 1. CFS – Blaze • Single user: no file sharing 2. SFS – Mazières et al. • File sharing but uses trusted server 3. SUNDR – Mazières et al. • File sharing by untrusted server • Not easy to deploy: requires block servers

  6. “ Although NFS version 2 has been superseded in recent years by NFS version 3, system administrators are slow to upgrade … so NFS version 2 is not only widespread, it is still by far the most popular version of NFS .” NFS v3 Designers 4½ years after NFS v3 introduced

  7. Design Limitations Cannot defend against DOS attacks: • attacker breaking into file server can delete all files • Solution: 1. Keep good backups: S iRiUS easy t o backup 2. Replicate files using quorum systems - e.g. Reiter-Mahlki (1997)

  8. S iRiUS Usage Model • S iRiUS is a file system layered over existing network file systems • Stop-gap measure until full upgrade of legacy systems

  9. S ecurity Design 1. Confidentiality and integrity 2. Cryptographic file level read-write access controls 3. Simple key management 4. S imple access control revocation 5. Freshness guarantees for access control meta data

  10. Architecture SiRiUS Client NFS Client Application NFS Server NFS Server Network User File Server Kernel NFS Client Client Machine SiRiUS layered over NFS

  11. Architecture SiRiUS Client CIFS Client Application CIFS Server NFS Server Network User File Server Kernel NFS Client Client Machine SiRiUS layered over CIFS

  12. Architecture SiRiUS Client Yahoo! Client Application Yahoo! Server NFS Server Network User File Server Kernel NFS Client Client Machine SiRiUS layered over Yahoo!

  13. File Data S ecurity • Each file has unique : 1.File Encryption Key (FEK) 2.File Signing Key (FSK) • FEK, FSK control file read-write access • Users keep only 2 keys for all files : 1.Master Signing Key (MSK) 2.Master Encryption Key (MEK) • MSK, MEK control all file FEK and FSK access

  14. File S tructures Files on remote server split in 2 parts 1. md-file contains the file meta data. e.g. access control information 2. d-file contains the file data

  15. File S tructures SIG FSK ENC FEK [File Data] [File Data Hash] d-file Enc. Key Enc. Key File Sig. SIG MS K Time File Block Block Pub. Key [Meta Data S tamp name (Owner) (User 1) (FSK) Hash] md-file

  16. Encrypted Key Blocks Username (KeyID) Username (KeyID) File Enc. Key (FEK) Encrypted with File Enc. username’ s Key (FEK) File Sig. MEK public key Private Key (FSK) Read-writ e Read only

  17. Meta Data File Creation

  18. Meta Data File Creation 1) Generate file keys (FSK and FEK) File Enc. Key (FEK) File Sig. Private Key (FSK)

  19. Meta Data File Creation Username 1) Generate file keys (FSK and FEK) (KeyID) 2) Create encrypted key block. File Enc. Key (FEK) Encrypted with owner’ s File Sig. MEK public key Private Key (FSK)

  20. Meta Data File Creation Enc. Key File Sig. Time File Block Pub. Key S tamp name (Owner) (FSK) 3) Append Pub FSK, time stamp, and file name to enc. key block

  21. Meta Data File Creation Enc. Key File Sig. SIG MS K Time File Block Pub. Key [Meta Data S tamp name (Owner) (FSK) Hash] 3) Append Pub FSK, time stamp, and file name to enc. key block 4) Hash and sign using owner’ s master signing key

  22. Meta Data File Creation Enc. Key File Sig. SIG MS K Time File Block Pub. Key [Meta Data S tamp name (Owner) (FSK) Hash] 3) Append Pub FSK, time stamp, and file name to enc. key block 4) Hash and sign using owner’ s master signing key 5) Update md-file freshness tree

  23. Why are freshness guarantees needed? • Can verify latest version of info is read • md-file freshness prevents rollback of revoked privileges

  24. Rollback Revoked Privileges 1. Bob revokes write access from Alice 2. Alice replaces new md-file with saved (older) copy 3. Replacement restores write privileges 4. Alice can undetectably write to d-file

  25. Freshness Overview • S iRiUS client generates hash tree of all md-files owned by user • Hash tree root: hash of all the md-files • Every directory has mdf-file made of the hash of: 1. md-files in that directory 2. mdf-files of sub directories

  26. Hash Tree Generation / foo / a Key: / a/ b bar dir file bin con

  27. Hash Tree Generation / Want to generat e root mdf root mdf foo / a Key: / a/ b bar dir file bin con

  28. Hash Tree Generation / Want to generat e root mdf root mdf Before root mdf can be foo / a generated, we need / a/ mdf mdf Key: / a/ b bar dir file bin con

  29. Hash Tree Generation / Want to generat e root mdf root mdf Before root mdf can be foo / a generated, we need / a/ mdf mdf Key: which in / a/ b bar dir turn needs / a/ b/ mdf mdf file bin con

  30. Hash Tree Generation / foo / a Key: Hash bin and / a/ b bar dir con to generate / a/ b/ mdf mdf file bin con

  31. Hash Tree Generation / Hash / a/ b/ mdf foo / a and bar to generate / a/ mdf mdf Key: / a/ b bar dir / a/ b/ mdf mdf file bin con

  32. Hash Tree Generation / Hash / a/ mdf and foo to generate root mdf root mdf foo / a / a/ mdf mdf Key: / a/ b bar dir / a/ b/ mdf mdf file bin con

  33. Root mdf-file • Contains a time stamp • Time stamp updated by client at specified time intervals • S igned by owner of the md-files

  34. Hash Tree Generation 1. Generated only once 2. Generated by owner of md-files 3. Hash tree cacheable 4. Updated only on md-file changes

  35. Verify md-file Freshness / root mdf foo / a / a/ mdf mdf Key: / a/ b bar dir / a/ b/ mdf mdf file bin con

  36. Verify md-file Freshness / root mdf foo / a / a/ mdf mdf Key: / a/ b bar dir / a/ b/ mdf mdf Verify bar md-file file bin con freshness

  37. Verify md-file Freshness / root mdf 1) Hash / a/ b/ mdf and bar foo / a to regenerate / a/ mdf mdf Key: / a/ b bar dir / a/ b/ mdf mdf Verify bar md-file file bin con freshness

  38. Verify md-file Freshness / root mdf 1) Hash / a/ b/ mdf 2) Compare and bar regenerated foo / a to regenerate / a/ mdf t o / a/ mdf current version mdf Key: / a/ b bar dir / a/ b/ mdf mdf Verify bar md-file file bin con freshness

  39. Verify md-file Freshness 1) Hash / a/ mdf / and foo to regenerate root mdf root mdf foo / a / a/ mdf mdf Key: / a/ b bar dir / a/ b/ mdf mdf Verify bar md-file file bin con freshness

  40. Verify md-file Freshness 2) Compare 1) Hash / a/ mdf / regenerated and foo root mdf t o to regenerate current version root mdf root mdf foo / a / a/ mdf mdf Key: / a/ b bar dir / a/ b/ mdf mdf Verify bar md-file file bin con freshness

  41. Verify md-file Freshness 2) Compare 1) Hash / a/ mdf / regenerated and foo root mdf t o to regenerate current version root mdf root mdf 3) Check timestamp foo / a verify owner’ s sig / a/ mdf mdf Key: / a/ b bar dir / a/ b/ mdf mdf Verify bar md-file file bin con freshness

  42. File S ystem Operations 1. Create, read, write, rename, unlink, share files 2. S ymbolic links but no hard links 3. User access revocation

  43. User 1 Access Revocation Enc. Key Enc. Key File Sig. SIG MS K Time File Block Block Pub. Key [Meta Data S tamp name (Owner) (User 1) (FSK) Hash]

  44. User 1 Access Revocation Enc. Key Enc. Key File Sig. SIG MS K Time File Block Block Pub. Key [Meta Data S tamp name (Owner) (User 1) (FSK) Hash] 1) Regenerate new file keys

  45. User 1 Access Revocation Enc. Key Enc. Key File Sig. SIG MS K Time File Block Block Pub. Key [Meta Data S tamp name (Owner) (User 1) (FSK) Hash] 1) Regenerate new file keys 2) Remove user 1 key block

  46. User 1 Access Revocation Enc. Key File Sig. SIG MS K Time File Block Pub. Key [Meta Data S tamp name (Owner) (FSK) Hash] 3) Update file sig. key and enc. key blocks 1) Regenerate new file keys 2) Remove user 1 key block

  47. User 1 Access Revocation Enc. Key File Sig. SIG MS K Time File Block Pub. Key [Meta Data S tamp name (Owner) (FSK) Hash] 3) Update file sig. key 4) Update and enc. key blocks time stamp 1) Regenerate new file keys 2) Remove user 1 key block

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Securing Untrusted Code via Compiler-Agnostic Binary Rewriting Richard Wartell, Vishwath Mohan,

Securing Untrusted Code via Compiler-Agnostic Binary Rewriting Richard Wartell, Vishwath Mohan,

Securing Untrusted Code via Compiler-Agnostic Binary Rewriting Richard Wartell, Vishwath Mohan, Kevin W. Hamlen, Zhiqiang Lin Department of Computer Science, The University of Texas at Dallas Presented by David Gloe Outline Introduction

576 views • 23 slides
The Hype and Reality of Electrical Energy S torage Brett A. Perlman S enior Fellow Agenda for

The Hype and Reality of Electrical Energy S torage Brett A. Perlman S enior Fellow Agenda for

The Hype and Reality of Electrical Energy S torage Brett A. Perlman S enior Fellow Agenda for today Promise of Energy Storage Current Energy S torage Market S ize Energy S torage Technology Overview Business cases for

445 views • 27 slides
Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras Untrusted Programs Untrusted Application Entire Application untrusted Part of application untrusted Modules or library untrusted

797 views • 46 slides
Sego: Pervasive Trusted Metadata for Efficiently Verified Untrusted System Services Youngjin Kwon

Sego: Pervasive Trusted Metadata for Efficiently Verified Untrusted System Services Youngjin Kwon

Sego: Pervasive Trusted Metadata for Efficiently Verified Untrusted System Services Youngjin Kwon , Alan Dunn, Michael Lee, Owen Hofmann, Yuanzhong Xu, Emmett Witchel 1 Securing OS is difficult OS vulnerabilities in 2014 from national

1.06k views • 78 slides
Advanced Energy Storage Technologies Pumped Hydro Storage is often referred to as a

Advanced Energy Storage Technologies Pumped Hydro Storage is often referred to as a

M ASSACHUSETTS E NERGY S TORAGE I NITIATIVE S TORAGE S TUDY U PDATE May 18, 2016 1 M ASSACHUSETTS E NERGY A PPROACH 1. Reduce and stabilize the rising cost of energy for consumers 2. Continue the Commonwealths commitment to a clean energy

1.74k views • 16 slides
P Protecting Confidential Data on i C fid i l D Personal Computers with S p torage g

P Protecting Confidential Data on i C fid i l D Personal Computers with S p torage g

P Protecting Confidential Data on i C fid i l D Personal Computers with S p torage g Capsules Kevin Borders, Eric Vander Weele, Billy Lau, and Atul Prakash Problem: Malicious S oftware Computing becomes pervasive, so is malware

524 views • 29 slides
IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT is a system of systems, with A great deal of heterogeneity (sensing, computation, communication, energy) New types of devices appearing all

1.35k views • 65 slides
Bolt on some Crypto Michael Samuel @mik235 https://miknet.net/ Ruxcon 2014 Securing The

Bolt on some Crypto Michael Samuel @mik235 https://miknet.net/ Ruxcon 2014 Securing The

Bolt on some Crypto Michael Samuel @mik235 https://miknet.net/ Ruxcon 2014 Securing The Network - TLS & SSH IETF Standards: SSH - RFC 4250-4255 Remote shell File transfer TCP port forwarding, socks proxy Pipe commands over

679 views • 35 slides
Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

www.securing.pl Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl @_r3ggi wojciech.regula@securing.pl www.securing.pl www.securing.pl WHOAMI -Senior IT Security Consultant @ SecuRing -Focused on

998 views • 67 slides
W HOLESALING , S TORAGE , AND D ISTRIBUTION U SE - TYPE IN G ENERAL R URAL R EGULATORY Z ONE .

W HOLESALING , S TORAGE , AND D ISTRIBUTION U SE - TYPE IN G ENERAL R URAL R EGULATORY Z ONE .

Development Code Amendment WDCA16-0001 W HOLESALING , S TORAGE , AND D ISTRIBUTION U SE - TYPE IN G ENERAL R URAL R EGULATORY Z ONE . Washoe County Planning Commission April 4, 2017 1 Background The Wholesaling, Storage and Distribution

400 views • 13 slides
Securing PHP Survey of the solutions Stanislav Malyshev stas@zend.com Most code is extremely

Securing PHP Survey of the solutions Stanislav Malyshev stas@zend.com Most code is extremely

Securing PHP Survey of the solutions Stanislav Malyshev stas@zend.com Most code is extremely buggy Can we help? Input filtering Unauthorized code (remote include) Unauthorized DB access (SQL Injection) Client subversion (XSS,

135 views • 11 slides
S TORAGE P RESENTATION T RANSCRIPT J ANUARY 21, 2016 This document was produced for review by the

S TORAGE P RESENTATION T RANSCRIPT J ANUARY 21, 2016 This document was produced for review by the

I NCREASING R ESILIENCE T HROUGH I MPROVED O N -F ARM S TORAGE P RESENTATION T RANSCRIPT J ANUARY 21, 2016 This document was produced for review by the United States Agency for International Development. It was prepared by the Feed the Future

423 views • 17 slides
Thomas Dewers 1 , Alex Rinehart 1 , Jon Major 2 , Photos placed in horizontal position Peter

Thomas Dewers 1 , Alex Rinehart 1 , Jon Major 2 , Photos placed in horizontal position Peter

G EOMECHANICS OF G EOLOGIC C ARBON Photos placed in horizontal position S TORAGE : H AZARDS , L ONG -T ERM S EALING , with even amount of white space between photos AND S TORAGE S ECURITY and header Thomas Dewers 1 , Alex Rinehart 1 , Jon

232 views • 20 slides
Spent Fuel and Waste Disposition FC - 4 . 1 Disposal FC---4.2 -S torage- &-Transportation

Spent Fuel and Waste Disposition FC - 4 . 1 Disposal FC---4.2 -S torage- &-Transportation

Nuclear Energy University Programs Fiscal Year 201 8 Annual Planning Webinar Spent Fuel and Waste Disposition FC - 4 . 1 Disposal FC---4.2 -S torage- &-Transportation John Orchard NEUP Federal Point of Contact Spent -Fuel -and -Waste

189 views • 8 slides
Pa Particu ticulate late Magnetic gnetic Ta Tape pe fo for Data ta Sto torage rage and

Pa Particu ticulate late Magnetic gnetic Ta Tape pe fo for Data ta Sto torage rage and

Pa Particu ticulate late Magnetic gnetic Ta Tape pe fo for Data ta Sto torage rage and d Fu Futur ture e Te Technologies hnologies Masahito OYANAGI Recording Media Research Laboratories, FUJIFILM Corporation Outline 1.

725 views • 33 slides
SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web based Centrally Administrated Divisionally managed Consistent content Central reporting Ability to add custom content (Policy's)

761 views • 10 slides
ProtoDUNE-SP Purity Monitor Operation Jianming Bian, Isloo Seong (UCI) Casandra Morris, Andrew

ProtoDUNE-SP Purity Monitor Operation Jianming Bian, Isloo Seong (UCI) Casandra Morris, Andrew

ProtoDUNE-SP Purity Monitor Operation Jianming Bian, Isloo Seong (UCI) Casandra Morris, Andrew Renshaw (UH) Stephen Pordes (FNAL) ProtoDUNE-SP Purity Monitors Top PrM M. Adamowski et al., JINST 9, P07005 (2014). Middle PrM Individual PrMon:

904 views • 12 slides
Unit 2: Natural Language Learning Unsupervised Learning (EM, forward-backward, inside-outside)

Unit 2: Natural Language Learning Unsupervised Learning (EM, forward-backward, inside-outside)

Natural Language Processing Spring 2017 Unit 2: Natural Language Learning Unsupervised Learning (EM, forward-backward, inside-outside) Liang Huang liang.huang.sh@gmAYl.com Review of Noisy-Channel Model CS 562 - EM 2 Example 1:

469 views • 23 slides
Regeneration: A New Algorithm in Numerical Algebraic Geometry Charles Wampler General Motors

Regeneration: A New Algorithm in Numerical Algebraic Geometry Charles Wampler General Motors

Regeneration: A New Algorithm in Numerical Algebraic Geometry Charles Wampler General Motors R&D Center (Adjunct, Univ. Notre Dame) Including joint work with Andrew Sommese, University of Notre Dame University of Notre Dame Jon

1.02k views • 35 slides
NCCloud: Applying Network Coding for the Storage Repair in a Cloud-of-Clouds Yuchong Hu 1 , Henry

NCCloud: Applying Network Coding for the Storage Repair in a Cloud-of-Clouds Yuchong Hu 1 , Henry

NCCloud: Applying Network Coding for the Storage Repair in a Cloud-of-Clouds Yuchong Hu 1 , Henry C. H. Chen 1 , Patrick P. C. Lee 1 , Yang Tang 2 1 The Chinese University of Hong Kong 2 Columbia University FAST12 1 Cloud Storage Cloud

367 views • 20 slides
Identifying Load-Balanced Backends Ian Rodney 1 Why does it matter? Targeted DDoS

Identifying Load-Balanced Backends Ian Rodney 1 Why does it matter? Targeted DDoS

Identifying Load-Balanced Backends Ian Rodney 1 Why does it matter? Targeted DDoS Service degradation - - - 2 Load Balancers Terminate & regenerate :( Pass through :) Hashing IP/Port - - - 3 Side Channels

619 views • 36 slides
Welcome. @wordpressscv meetup.com/wordpressscv twitter.com/wordpressscv

Welcome. @wordpressscv meetup.com/wordpressscv twitter.com/wordpressscv

Welcome. @wordpressscv meetup.com/wordpressscv twitter.com/wordpressscv instagram.com/wordpressscv facebook.com/groups/wordpressscv The Five Good Faith Rules 1. WordPress Meetups are for the benefit of the WordPress community as a whole, not

761 views • 41 slides
Memory Forensics of a Java Card Dump jean-louis.lanet@inria.fr Cardis 2014 Paris Nov. 5-7 2014

Memory Forensics of a Java Card Dump jean-louis.lanet@inria.fr Cardis 2014 Paris Nov. 5-7 2014

Memory Forensics of a Java Card Dump jean-louis.lanet@inria.fr Cardis 2014 Paris Nov. 5-7 2014 Episode 2 Previous episode: how to obtain a dump Hypothesis Find the code Reverse it Conclusion Memory Dump At that time we

719 views • 15 slides
CMOS Comparator Design Extra Slides Vishal Saxena, Boise State University

CMOS Comparator Design Extra Slides Vishal Saxena, Boise State University

Department of Electrical and Computer Engineering CMOS Comparator Design Extra Slides Vishal Saxena, Boise State University (vishalsaxena@boisestate.edu) Vishal Saxena -1- Comparator Design Considerations Comparator = Preamp

917 views • 44 slides

More recommend