Security Framework for Decentralized Shared Calendars Jagdish Prasad - - PowerPoint PPT Presentation

Security Framework for Decentralized Shared Calendars

Jagdish Prasad Achara

Research Master of Computer Science (Specialty : Services, Security and Networks)

24 juin 2011

Université Henri Poincaré

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 1 / 25

Outline

1

Introduction

2

Security Requirements of DeSCal

3

State of the art

4

Proposed Security Framework

5

Implementation on iPhone OS

6

Possible Directions of Future Work

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 2 / 25

Outline

1

Introduction Decentralized & third party independent shared calendar About DeSCal Problem Statement & Motivations Challenges & Contributions

2

Security Requirements of DeSCal

3

State of the art

4

Proposed Security Framework Security Framework Design Requirements Security Framework Description An illustrating example Securing the communication between users Discussion

5

Implementation on iPhone OS

6

Possible Directions of Future Work

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 3 / 25

Decentralized & third party independent shared calendar

◮ Shared Calendar ? ◮ Why decentralized & third party independent ?

◮ Support for Ad-Hoc networks (802.11 networks). ◮ No single point of failure. ◮ Secrecy/confidentiality of shared calendar events. ◮ Availability of data.

3rd party has all shared calendar information Confidentiality? Availability? User 1 User 1 User 4 User 3 User 2

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 4 / 25

About DeSCal

◮ Considering the usefulness of such a decentralized shared calendar, DeSCal

(abbreviation of Decentralized Shared Calendar) is proposed by us.

◮ What is DeSCal ? ◮ An administrator of an event and his role ? ◮ A user can take two types of operation in DeSCal :

1

Cooperative operation : On shared calendar to ‘Insert’, ‘Delete’ & ‘Edit’ events.

2

Administrative operation : On his access control policy to allow/deny other users to ‘Read’, ‘Delete’ & ‘Edit’ his events.

◮ The design of DeSCal consists of four modules :

1

Coordination module : needs cooperative log

2

Access Control module : needs administrative log or admin log in short

3

P2P/Ad-Hoc Network

4

User Interface

◮ DeSCal replicates whole shared calendar state (Shared Calendar, Cooperative

log, Policies, Admin logs) for fault tolerance, availability and crash recovery.

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 5 / 25

Problem Statement & Motivations

User DeSCal Persistent Storage (1) (2) (1) legal access (2) illegal access

◮ Motivations

◮ Providing confidentiality to replicated shared calendar events. ◮ Securing the communication between users. Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 6 / 25

Challenges & Contributions

◮ Challenges

◮ DeSCal’s characteristic features ? ◮ Decentralized ‘Read’ access control ? ◮ Dynamic group of users..

◮ Contributions

◮ Proposed a required security framework. ◮ Its implementation on iPhone OS. Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 7 / 25

Outline

1

Introduction Decentralized & third party independent shared calendar About DeSCal Problem Statement & Motivations Challenges & Contributions

2

Security Requirements of DeSCal

3

State of the art

4

Proposed Security Framework Security Framework Design Requirements Security Framework Description An illustrating example Securing the communication between users Discussion

5

Implementation on iPhone OS

6

Possible Directions of Future Work

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 8 / 25

Security Requirements of DeSCal

◮ Providing confidentiality to replicated shared calendar events.

◮ In Shared calendar, cooperative log, policy and admin log ?

◮ Securing the communication between users.

◮ Group communication ? Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 9 / 25

Outline

1

Introduction Decentralized & third party independent shared calendar About DeSCal Problem Statement & Motivations Challenges & Contributions

2

Security Requirements of DeSCal

3

State of the art

4

Proposed Security Framework Security Framework Design Requirements Security Framework Description An illustrating example Securing the communication between users Discussion

5

Implementation on iPhone OS

6

Possible Directions of Future Work

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 10 / 25

State of the art

With the absence of central authority, security of 1) replicated data & 2) messages exchanged between peers, is a challenging task.

◮ Overview

◮ Other decentralized shared calendars and collaborative environments. ◮ Securing replicated data. ◮ Secrecy by splitting. Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 11 / 25

Outline

1

Introduction Decentralized & third party independent shared calendar About DeSCal Problem Statement & Motivations Challenges & Contributions

2

Security Requirements of DeSCal

3

State of the art

4

Proposed Security Framework Security Framework Design Requirements Security Framework Description An illustrating example Securing the communication between users Discussion

5

Implementation on iPhone OS

6

Possible Directions of Future Work

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 12 / 25

Security Framework Design Requirements

◮ DeSCal’s characteristic features e.g., fault tolerance, availability, crash

recovery, dynamic access control must not be lost.

◮ On top of coordination and access control models already employed by

DeSCal.

◮ Must preserve broadcast group communication of DeSCal.

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 13 / 25

Security Framework Description

It uses public key cryptography where authentication of public key is compulsory.

◮ Pathak & Iftode’s protocol

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 14 / 25

Security Framework Description

◮ Encryption Notations used :

◮ Symmetric : EKe(e) and DKe(e) ◮ Asymmetric : {m}Ku and {m}K−1 u

◮ Description based on all possible happenings :

◮ User-generated happenings 1

Inserting a new event

2

Deleting an existing event

3

Editing an existing event

4

Grant Read right

5

Revoke Read right

6

Grant/Revoke Delete/Edit right (Not Relevant)

◮ System-wide happenings 1

A new user joins the shared calendar group.

2

An existing user leaves the group.

3

A user goes off-line and then, comes on-line again.

◮ How fault tolerance is achieved in DeSCal ? ◮ Surviving a crash. ◮ How availability of data is ensured ?

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 15 / 25

Security Framework Description

◮ Inserting a new event

e′ = EKe(e), {Ke}KOwner , {Ke}KAuthUser1, {Ke}KAuthUser2, .... e′ = EKe(e), {Ke}KOwner

◮ Granting ‘Read’ right

i = {Ke}Ku1 , {Ke}Ku2

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 16 / 25

Security Framework Description

◮ Concurrency Issues

◮ ‘Read’ right revocation and ‘Edit’ concurrent operations

u1 u3 u2

Owner of event 'e' Revoke read right to u2 for event 'e' Initially, authorized to read and edit event 'e' Edits event 'e' to 'f' Initially, authorized to read event 'e'

EKf(f), {kf}Ku3,{kf}Ku1,{kf}Ku2

???

Concurrent Operations

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 17 / 25

Security Framework Description

◮ Concurrency Issues

◮ ‘Read’ right grant and ‘Edit’ concurrent operations

u1 u3 u2 u4

Owner of event 'e' Revoke read right to u2 for event 'e' Initially, authorized to read and edit event 'e' Edits event 'e' to 'f' (New key (kf) generation because of immediate revocation) Initially, authorized to read event 'e' Initially, not authorized to read event 'e' Right attribution for event 'e' to u3 {ke}Ku3 EKf(f), {kf}Ku4,{kf}Ku1

Will not be possible to decrypt as the symmetric key is changed in previous edition of this event by u1

???

Concurrent Operations Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 18 / 25

An illustrating example

◮ An illustrating example

e1(u1)

u1 Group G

EKe1(e1),{Ke1}Ku1,{Ke1}Ku2 EKe6(e6),{Ke6}Ku2,{Ke6}Ku3 EKe5(e5),{Ke5}Ku1,{Ke5}Ku3 EKe4(e4),{Ke4}Ku3,{Ke4}Ku2 EKe3(e3),{Ke3}Ku2,{Ke3}Ku1 EKe2(e2),{Ke2}Ku3,{Ke2}Ku1 e1(u1) e2(u3) e3(u2) e4(u3) e5(u1) e6(u2)

u3

e1(u1) e2(u3) e3(u2) e4(u3) e5(u1) e6(u2)

u2

e1(u1) e2(u3) e3(u2) e4(u3) e5(u1) e6(u2)

u1

e1(u1) e2(u3) e3(u2) e4(u3) e5(u1) e6(u2)

u4

e1(u1) e2(u3) e3(u2) e4(u3) e5(u1) e6(u2) Inside the group G New user u4 arrives and joins the group G. u4 contacts nearby user u2. u2 sends him the whole encrypted copy of shared calendar stored in persistent storage R R R R R R R R R R R R e1(u1) EKe1(e1),{Ke1}Ku1,{Ke1}Ku2 EKe6(e6),{Ke6}Ku2,{Ke6}Ku3 EKe5(e5),{Ke5}Ku1,{Ke5}Ku3 EKe4(e4),{Ke4}Ku3,{Ke4}Ku2 EKe3(e3),{Ke3}Ku2,{Ke3}Ku1 EKe2(e2),{Ke2}Ku3,{Ke2}Ku1 e1(u1) EKe1(e1),{Ke1}Ku1,{Ke1}Ku2 EKe6(e6),{Ke6}Ku2,{Ke6}Ku3 EKe5(e5),{Ke5}Ku1,{Ke5}Ku3 EKe4(e4),{Ke4}Ku3,{Ke4}Ku2 EKe3(e3),{Ke3}Ku2,{Ke3}Ku1 EKe2(e2),{Ke2}Ku3,{Ke2}Ku1 e1(u1) EKe1(e1),{Ke1}Ku1,{Ke1}Ku2 EKe6(e6),{Ke6}Ku2,{Ke6}Ku3 EKe5(e5),{Ke5}Ku1,{Ke5}Ku3 EKe4(e4),{Ke4}Ku3,{Ke4}Ku2 EKe3(e3),{Ke3}Ku2,{Ke3}Ku1 EKe2(e2),{Ke2}Ku3,{Ke2}Ku1 e1(u1) EKe1(e1),{Ke1}Ku1,{Ke1}Ku2 EKe6(e6),{Ke6}Ku2,{Ke6}Ku3 EKe5(e5),{Ke5}Ku1,{Ke5}Ku3 EKe4(e4),{Ke4}Ku3,{Ke4}Ku2 EKe3(e3),{Ke3}Ku2,{Ke3}Ku1 EKe2(e2),{Ke2}Ku3,{Ke2}Ku1 R R R R

( Ku1 , K-1

u1 )

( Ku2 , K-1

u2 )

( Ku4 , K-1

u4 )

( Ku3 , K-1

u3 )

Ke1 Ke5 Ke3 Ke2 Ke6 Ke4 Ke3 Ke1 Ke1 Ke5 Ke3 Ke2 Ke6 Ke5 Ke4 Ke2

U1 crashes U1 joins the group G again and contacts u3. u3 gives him the whole shared calendar state in persistent storage. u1 retrieves all his shared calenar events back using his private key

( Ku1 , K-1

u1 )

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 19 / 25

Securing the communication between users and Discussion

◮ Securing the communication

m′ = {m, counter} m′′ = {m′, sig} where sig = {hash(m′)}K −1

ui

◮ Discussion

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 20 / 25

Outline

1

Introduction Decentralized & third party independent shared calendar About DeSCal Problem Statement & Motivations Challenges & Contributions

2

Security Requirements of DeSCal

3

State of the art

4

Proposed Security Framework Security Framework Design Requirements Security Framework Description An illustrating example Securing the communication between users Discussion

5

Implementation on iPhone OS

6

Possible Directions of Future Work

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 21 / 25

Implementation on iPhone OS

◮ RSA algorithm for asymmetric encryption and public/private key pair of size

1024 bits.

◮ For symmetric encryption, AES-128.

Figure: Calendar, Event Detail, Policy and Available Peers view

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 22 / 25

Implementation on iPhone OS

Figure: Selection of various attributes to insert a new rule in policy

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 23 / 25

Outline

1

Introduction Decentralized & third party independent shared calendar About DeSCal Problem Statement & Motivations Challenges & Contributions

2

Security Requirements of DeSCal

3

State of the art

4

Proposed Security Framework Security Framework Design Requirements Security Framework Description An illustrating example Securing the communication between users Discussion

5

Implementation on iPhone OS

6

Possible Directions of Future Work

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 24 / 25

Possible Directions of Future Work

◮ Possible Directions of Future Work

◮ Verification and Analysis of security framework. ◮ Standardize the communication protocol. ◮ Policy for users to join the shared calendar group. ◮ Some works (CP–ABE, Broadcast Encryption) to be explored if they can be

used to satisfy security requirements of DeSCal while preserving its characteristic features.

Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 25 / 25