security framework for decentralized shared calendars
play

Security Framework for Decentralized Shared Calendars Jagdish Prasad - PowerPoint PPT Presentation

Oct 04, 2022 •385 likes •653 views

Security Framework for Decentralized Shared Calendars Jagdish Prasad Achara Research Master of Computer Science (Specialty : Services, Security and Networks) 24 juin 2011 Universit Henri Poincar Jagdish Prasad Achara (UHP Nancy 1)

  1. Security Framework for Decentralized Shared Calendars Jagdish Prasad Achara Research Master of Computer Science (Specialty : Services, Security and Networks) 24 juin 2011 Université Henri Poincaré Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 1 / 25

  2. Outline Introduction 1 Security Requirements of DeSCal 2 State of the art 3 Proposed Security Framework 4 Implementation on iPhone OS 5 Possible Directions of Future Work 6 Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 2 / 25

  3. Outline Introduction 1 Decentralized & third party independent shared calendar About DeSCal Problem Statement & Motivations Challenges & Contributions Security Requirements of DeSCal 2 State of the art 3 Proposed Security Framework 4 Security Framework Design Requirements Security Framework Description An illustrating example Securing the communication between users Discussion Implementation on iPhone OS 5 Possible Directions of Future Work 6 Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 3 / 25

  4. Decentralized & third party independent shared calendar ◮ Shared Calendar ? ◮ Why decentralized & third party independent ? ◮ Support for Ad-Hoc networks (802.11 networks). ◮ No single point of failure. ◮ Secrecy/confidentiality of shared calendar events. ◮ Availability of data. User 1 User 1 User 2 User 3 3 rd party has all shared calendar information Confidentiality? Availability? User 4 Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 4 / 25

  5. About DeSCal ◮ Considering the usefulness of such a decentralized shared calendar, DeSCal (abbreviation of De centralized S hared Cal endar) is proposed by us. ◮ What is DeSCal ? ◮ An administrator of an event and his role ? ◮ A user can take two types of operation in DeSCal : Cooperative operation : On shared calendar to ‘Insert’, ‘Delete’ & ‘Edit’ 1 events. Administrative operation : On his access control policy to allow/deny other 2 users to ‘Read’, ‘Delete’ & ‘Edit’ his events. ◮ The design of DeSCal consists of four modules : Coordination module : needs cooperative log 1 Access Control module : needs administrative log or admin log in short 2 P2P/Ad-Hoc Network 3 User Interface 4 ◮ DeSCal replicates whole shared calendar state (Shared Calendar, Cooperative log, Policies, Admin logs) for fault tolerance, availability and crash recovery. Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 5 / 25

  6. Problem Statement & Motivations User (1) legal access (1) (2) illegal access (2) DeSCal Persistent Storage ◮ Motivations ◮ Providing confidentiality to replicated shared calendar events. ◮ Securing the communication between users. Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 6 / 25

  7. Challenges & Contributions ◮ Challenges ◮ DeSCal’s characteristic features ? ◮ Decentralized ‘Read’ access control ? ◮ Dynamic group of users.. ◮ Contributions ◮ Proposed a required security framework. ◮ Its implementation on iPhone OS. Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 7 / 25

  8. Outline Introduction 1 Decentralized & third party independent shared calendar About DeSCal Problem Statement & Motivations Challenges & Contributions Security Requirements of DeSCal 2 State of the art 3 Proposed Security Framework 4 Security Framework Design Requirements Security Framework Description An illustrating example Securing the communication between users Discussion Implementation on iPhone OS 5 Possible Directions of Future Work 6 Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 8 / 25

  9. Security Requirements of DeSCal ◮ Providing confidentiality to replicated shared calendar events. ◮ In Shared calendar, cooperative log, policy and admin log ? ◮ Securing the communication between users. ◮ Group communication ? Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 9 / 25

  10. Outline Introduction 1 Decentralized & third party independent shared calendar About DeSCal Problem Statement & Motivations Challenges & Contributions Security Requirements of DeSCal 2 State of the art 3 Proposed Security Framework 4 Security Framework Design Requirements Security Framework Description An illustrating example Securing the communication between users Discussion Implementation on iPhone OS 5 Possible Directions of Future Work 6 Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 10 / 25

  11. State of the art With the absence of central authority, security of 1) replicated data & 2) messages exchanged between peers, is a challenging task. ◮ Overview ◮ Other decentralized shared calendars and collaborative environments. ◮ Securing replicated data. ◮ Secrecy by splitting. Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 11 / 25

  12. Outline Introduction 1 Decentralized & third party independent shared calendar About DeSCal Problem Statement & Motivations Challenges & Contributions Security Requirements of DeSCal 2 State of the art 3 Proposed Security Framework 4 Security Framework Design Requirements Security Framework Description An illustrating example Securing the communication between users Discussion Implementation on iPhone OS 5 Possible Directions of Future Work 6 Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 12 / 25

  13. Security Framework Design Requirements ◮ DeSCal’s characteristic features e.g., fault tolerance, availability, crash recovery, dynamic access control must not be lost. ◮ On top of coordination and access control models already employed by DeSCal. ◮ Must preserve broadcast group communication of DeSCal. Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 13 / 25

  14. Security Framework Description It uses public key cryptography where authentication of public key is compulsory. ◮ Pathak & Iftode’s protocol Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 14 / 25

  15. Security Framework Description ◮ Encryption Notations used : ◮ Symmetric : E K e (e) and D K e (e) ◮ Asymmetric : { m } K u and { m } K − 1 u ◮ Description based on all possible happenings : ◮ User-generated happenings Inserting a new event 1 Deleting an existing event 2 Editing an existing event 3 Grant Read right 4 Revoke Read right 5 Grant/Revoke Delete/Edit right ( Not Relevant ) 6 ◮ System-wide happenings A new user joins the shared calendar group. 1 An existing user leaves the group. 2 A user goes off-line and then, comes on-line again. 3 ◮ How fault tolerance is achieved in DeSCal ? ◮ Surviving a crash. ◮ How availability of data is ensured ? Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 15 / 25

  16. Security Framework Description ◮ Inserting a new event e ′ = E K e ( e ) , { K e } K Owner , { K e } K AuthUser 1 , { K e } K AuthUser 2 , .... e ′ = E K e ( e ) , { K e } K Owner ◮ Granting ‘Read’ right i = { K e } K u 1 , { K e } K u 2 Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 16 / 25

  17. Security Framework Description ◮ Concurrency Issues ◮ ‘Read’ right revocation and ‘Edit’ concurrent operations Initially, authorized to Initially, authorized to Owner of event ' e ' read and edit event ' e ' read event ' e ' u 1 u 2 u 3 Revoke read right Edits event ' e ' to ' f ' Concurrent Operations to u 2 for event ' e ' E Kf (f), {k f } Ku3 ,{k f } Ku1 ,{k f } Ku2 ??? Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 17 / 25

  18. Security Framework Description ◮ Concurrency Issues ◮ ‘Read’ right grant and ‘Edit’ concurrent operations Initially, authorized to Initially, authorized to Initially, not authorized read and edit event ' e ' read event ' e ' to read event ' e ' Owner of event ' e ' u 1 u 2 u 3 u 4 Revoke read right to u 2 for event ' e ' Concurrent Operations Edits event ' e ' to ' f ' (New key (k f ) Right attribution for generation because of event 'e' to u 3 Will not be possible to immediate revocation) decrypt as the symmetric {k e } Ku3 key is changed in previous E Kf (f), {k f } Ku4 ,{k f } Ku1 edition of this event by u 1 ??? Jagdish Prasad Achara (UHP – Nancy 1) Security Framework for DeSCal 24 juin 2011 18 / 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

WAVE: A Decentralized Authorization Framework with Transitive Delegation [Andersen et al.,

WAVE: A Decentralized Authorization Framework with Transitive Delegation [Andersen et al.,

WAVE: A Decentralized Authorization Framework with Transitive Delegation [Andersen et al., USENIX Security 2019] Slides credit Michael Andersen Representative authorization example BLDG2/Floor3/HVAC BLDG2/Floor3 BLDG2/Floor3/LIGHT

1.09k views • 73 slides
MI MI and Shared MI MI and Shared and Shared Decision Making and Shared Decision Making

MI MI and Shared MI MI and Shared and Shared Decision Making and Shared Decision Making

The project PRECIOUS has received funding from the European Union s Seventh Framework Programme under Grant Agreement n 611366" MI MI and Shared MI MI and Shared and Shared Decision Making and Shared Decision Making Decision Making

412 views • 20 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
Ligra: A Lightweight Graph Processing Framework for Shared Memory Shared memory Other not

Ligra: A Lightweight Graph Processing Framework for Shared Memory Shared memory Other not

Ligra: A Lightweight Graph Processing Framework for Shared Memory Shared memory Other not necessarily SM frameworks parallel Boost graph library (PBGL) Pregel Pegasus GraphLab* PowerGraph Knowledge Discovery Toolkit

678 views • 14 slides
WAVE: A Decentralized Authorization Framework with Transitive Delegation Michael P Andersen, Sam

WAVE: A Decentralized Authorization Framework with Transitive Delegation Michael P Andersen, Sam

WAVE: A Decentralized Authorization Framework with Transitive Delegation Michael P Andersen, Sam Kumar , Hyung-Sin Kim, John Kolb, Kaifei Chen, Moustafa AbdelBaky, Gabe Fierro, David E. Culler, Raluca Ada Popa This material is based on work

1.25k views • 30 slides
Incentivize decentralized WiFi roaming through VPN on home routers RP2 rp-id 25, Security and

Incentivize decentralized WiFi roaming through VPN on home routers RP2 rp-id 25, Security and

Incentivize decentralized WiFi roaming through VPN on home routers RP2 rp-id 25, Security and Network Engineering, UvA Sander.Lentink@os3.nl Peter.Boers@surfnet.nl 2019-11-13 1 / 38 Introduction We desire Wi-Fi Wi-Fi being the best

576 views • 38 slides
Impact of Drug Supply Chain Security Act on US Pharmaceutical Industry Under Decentralized

Impact of Drug Supply Chain Security Act on US Pharmaceutical Industry Under Decentralized

Impact of Drug Supply Chain Security Act on US Pharmaceutical Industry Under Decentralized Information Flow Meng Ying Chang, Raghavendran Mohan Agenda Drug Supply Chain Security Act (DSCSA) Implementation Solution Design Physical Flow

665 views • 22 slides
CrowdBC: A Blockchain-based Decentralized Framework for Crowdsourcing Hailiang ZHAO

CrowdBC: A Blockchain-based Decentralized Framework for Crowdsourcing Hailiang ZHAO

CrowdBC: A Blockchain-based Decentralized Framework for Crowdsourcing Hailiang ZHAO htp://hliangzhao.me December 10, 2019 This paper was published on IEEE Trans. on Parallel and Distributed Systems (TPDS) , Jun 2019. Hailiang ZHAO @ ZJU-CS

493 views • 30 slides
OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding Lefteris Kokoris-Kogias

OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding Lefteris Kokoris-Kogias

OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding Lefteris Kokoris-Kogias (@LefKok) Decentralized and Distributed Systems Lab (DEDIS) Swiss Federal Institute of Technology Lausanne (EPFL) IEEE Security & Privacy 2018-05-22,

643 views • 29 slides
OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding Philipp Jovanovic (@daeinar)

OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding Philipp Jovanovic (@daeinar)

OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding Philipp Jovanovic (@daeinar) Distributed and Decentralized Systems Lab (DEDIS) cole polytechnique fdrale de Lausanne (EPFL) IEEE International Verification and Security

1.09k views • 54 slides
The (Decentralized) USENIX Security 2011 Peter Eckersley Jesse Burns EFF iSEC SSL/TLS

The (Decentralized) USENIX Security 2011 Peter Eckersley Jesse Burns EFF iSEC SSL/TLS

The (Decentralized) USENIX Security 2011 Peter Eckersley Jesse Burns EFF iSEC SSL/TLS : Earth's most popular cryptographic system How strong is this infrastructure? at best, as good as its ability to authenticate the other party

1.18k views • 76 slides
Framework and Requirements for Shared Mesh Protec8on in

Framework and Requirements for Shared Mesh Protec8on in

Framework and Requirements for Shared Mesh Protec8on in MPLS-TP IETF 84 July, 2012 Yaacov Weingarten Sam K. Aldrin Contributors to SMP

266 views • 9 slides
Ligra: A Lightweight Graph Processing Framework for Shared Memory Whats it hoping to achieve?

Ligra: A Lightweight Graph Processing Framework for Shared Memory Whats it hoping to achieve?

Ligra: A Lightweight Graph Processing Framework for Shared Memory Whats it hoping to achieve? 1. A simple, concise framework 2. High-performance for shared-memory machines Why? An abundance of graph processing applications Problems

534 views • 17 slides
Introducing OpenPush A Free, Decentralized Push Messaging Framework for Android Marcus Hoffmann -

Introducing OpenPush A Free, Decentralized Push Messaging Framework for Android Marcus Hoffmann -

Introducing OpenPush A Free, Decentralized Push Messaging Framework for Android Marcus Hoffmann - bubu@bubu1.eu 1 / 31 About Me Hi, I'm Marcus! Free software developer from Berlin. Working on a free Android ecosystem. F-Droid core

358 views • 31 slides
CYBER SECURITY IS OUR SHARED RESPONSIBILITY WHAT ARE WE DEALING WITH AND WHAT DO WE NEED TO DO?

CYBER SECURITY IS OUR SHARED RESPONSIBILITY WHAT ARE WE DEALING WITH AND WHAT DO WE NEED TO DO?

CYBER SECURITY IS OUR SHARED RESPONSIBILITY WHAT ARE WE DEALING WITH AND WHAT DO WE NEED TO DO? NORTH DAKOTA CYBER SECURITY CONFERENCE Jay Beale, CTO and COO at InGuardians @jaybeale and @inguardians th , 2018 March 15

961 views • 50 slides
On the Security of the Pre-Shared Key Ciphersuites of TLS Yong Li 1 , Sven Schge 2 , Zheng Yang

On the Security of the Pre-Shared Key Ciphersuites of TLS Yong Li 1 , Sven Schge 2 , Zheng Yang

On the Security of the Pre-Shared Key Ciphersuites of TLS Yong Li 1 , Sven Schge 2 , Zheng Yang 1 , Florian Kohlar 1 , and Jrg Schwenk 1 1 Horst Grtz Institute for IT Security, Bochum 2 University College London Buenos Aires, Argentina

509 views • 30 slides
Decentralize and Randomize: Faster Algorithm for Wasserstein Barycenters Pavel Dvurechensky,

Decentralize and Randomize: Faster Algorithm for Wasserstein Barycenters Pavel Dvurechensky,

Decentralize and Randomize: Faster Algorithm for Wasserstein Barycenters Pavel Dvurechensky, Darina Dvinskikh, Alexander Gasnikov, Csar A. Uribe, Angelia Nedi c Conference on Neural Information Processing Systems 2018 Wasserstein

391 views • 9 slides
Cellular DFC Design: Technological Perspectives Prateek Saxena Asst. Professor of Computer

Cellular DFC Design: Technological Perspectives Prateek Saxena Asst. Professor of Computer

Cellular DFC Design: Technological Perspectives Prateek Saxena Asst. Professor of Computer Science The Premise: Decentralized Digital Payments But, Why? Resilience, Auditability and Reconciliation Tokenization: Improves

874 views • 17 slides
Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim , Jinwoo Shin*, Yongdae

Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim , Jinwoo Shin*, Yongdae

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim , Jinwoo Shin*, Yongdae Kim* *KAIST, Sungkyunkwan University 1 Governance conflict The number of Bitcoin transaction per month Bad

797 views • 46 slides
Approaching Infinity: Governance, and the case for experimentation By Brett Sun Approaching

Approaching Infinity: Governance, and the case for experimentation By Brett Sun Approaching

Approaching Infinity: Governance, and the case for experimentation By Brett Sun Approaching Infinity: Governance, and the case for experimentation By Brett Sun Or perhaps better put, Lets throw things on the wall and see what

383 views • 36 slides
Multi-Player Bandits Revisited Decentralized Multi-Player Multi-Arm Bandits Lilian Besson Joint

Multi-Player Bandits Revisited Decentralized Multi-Player Multi-Arm Bandits Lilian Besson Joint

Multi-Player Bandits Revisited Decentralized Multi-Player Multi-Arm Bandits Lilian Besson Joint work with milie Kaufmann PhD Student Team SCEE, IETR, CentraleSuplec, Rennes & Team SequeL, CRIStAL, Inria, Lille CMAP Seminar 31 st

1.47k views • 96 slides
Multi-Player Bandits Revisited Decentralized Multi-Player Multi-Arm Bandits Lilian Besson Joint

Multi-Player Bandits Revisited Decentralized Multi-Player Multi-Arm Bandits Lilian Besson Joint

Multi-Player Bandits Revisited Decentralized Multi-Player Multi-Arm Bandits Lilian Besson Joint work with milie Kaufmann PhD Student Team SCEE, IETR, CentraleSuplec, Rennes & Team SequeL, CRIStAL, Inria, Lille ALT Conference 08 -

951 views • 63 slides
Walkman: A Communication-Efficient Random-Walk Algorithm for Decentralized Optimization Xianghui

Walkman: A Communication-Efficient Random-Walk Algorithm for Decentralized Optimization Xianghui

Walkman: A Communication-Efficient Random-Walk Algorithm for Decentralized Optimization Xianghui Mao Kun Yuan Yubin Hu Yuantao Gu Ali H. Sayed Wotao Yin Tsinghua EE UCLA ECE EPFL Engineering UCLA Math 1 / 36

623 views • 36 slides
Decentralized Document Delivery Who am I? Were hiring!! What I do @ hypothes.is an

Decentralized Document Delivery Who am I? Were hiring!! What I do @ hypothes.is an

Decentralized Document Delivery Who am I? Were hiring!! What I do @ hypothes.is an integration liaison and ambassador for the people of the Open Web at Hypothes.is; a platform ombudsperson to hold us accountable to our vision of a

1.11k views • 55 slides

More recommend