towards a secure and efficient system for end to end
play

Towards a Secure and Efficient System for End-to-End Provenance - PowerPoint PPT Presentation

Jan 08, 2023 •156 likes •336 views

Towards a Secure and Efficient System for End-to-End Provenance Patrick McDaniel, Kevin Butler, Stephen McLaughlin Penn State University Erez Zadok, Radu Sion, Stony Brook University Marianne Winslett, University of Illinois TaPP10, San

  1. Towards a Secure and Efficient System for End-to-End Provenance Patrick McDaniel, Kevin Butler, Stephen McLaughlin Penn State University Erez Zadok, Radu Sion, Stony Brook University Marianne Winslett, University of Illinois TaPP’10, San Jose, CA 22 February 2010 Systems and Internet Infrastructure Security Laboratory (SIIS) Page 1

  2. Provenance Rich Applications • Scientific computing (myGrid) • Supervisory Control and Data Acquisition ‣ National Academy “Hard Problem” • Supply chains • Government and military • Digital repositories (MIT DSpace, Version Control) • Characteristics: ‣ High assurance, distributed, high performance Systems and Internet Infrastructure Security Laboratory (SIIS) Page 2

  3. End to End Provenance System • Why another provenance collection system? Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3

  4. End to End Provenance System • Why another provenance collection system? ‣ Strong security guarantees ‣ Distributed provenance collection ‣ Achieve the above two goals efficiently in high end computing systems Systems and Internet Infrastructure Security Laboratory (SIIS) Page 4

  5. Secure Provenance Collection • Provenance monitor (PM) analogous to reference monitor concept • Three guarantees ‣ Complete mediation ‣ Tamperproofness ‣ Verifiability • Beyond authentication of records ‣ Integrity/Trustworthiness of recording instrument and provenance-enhanced applications Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5

  6. Achieving Security Goals • PM and provenance records both protected from monitored applications • Two implementations: • Kernel-level: ‣ More semantic information for mediation ‣ LSM implementation • Device-level: ‣ Stronger tamperproofness guarantee ‣ Disk-level support for provenance collection, record storage, and host interaction for semantics and policies. [Butler’07,’08] Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6

  7. Distributed Environments Org B Org A PM PM Host PM secure coprocessor Provenance Host Authority Provenance PM kernel Authority PM Provenance Host PM Authority intelligent storage PM PM PM Org C Systems and Internet Infrastructure Security Laboratory (SIIS) Page 7

  8. Distributed PM • Challenges in distributed provenance • Domain specific policies for: ‣ Auditors - confidentiality considerations • Cryptographic commitments [Hasan’09] ‣ Divergent modification histories • Plausible version history • If necessary, plausible history may be checked against previous subjects in the ownership chain Systems and Internet Infrastructure Security Laboratory (SIIS) Page 8

  9. Distributed Example scp sshd Kernel Kernel FS FS SaF SaF PM PM P1 Doc Disk Flash Disk Flash Hybrid Drive Hybrid Drive Host A Host B Example: File transfer between hosts with untrusted OSes and trusted storage Systems and Internet Infrastructure Security Laboratory (SIIS) Page 9

  10. Distributed Example scp sshd Kernel Kernel FS FS SaF SaF PM PM P1 Doc Disk Flash Disk Flash Hybrid Drive Hybrid Drive Host A Host B A program initiates a request for the file. Systems and Internet Infrastructure Security Laboratory (SIIS) Page 10

  11. Distributed Example scp sshd Kernel Kernel FS FS P1 SaF SaF PM PM P1 Doc Disk Flash Disk Flash Hybrid Drive Hybrid Drive Host A Host B A secure tunnel is established between disks through the untrusted OS. Systems and Internet Infrastructure Security Laboratory (SIIS) Page 11

  12. Distributed Example scp Doc sshd Kernel Kernel FS FS P1 SaF SaF PM PM P1 Doc Doc Disk Flash Disk Flash Hybrid Drive Hybrid Drive Host A Host B The document is transferred as normal. Systems and Internet Infrastructure Security Laboratory (SIIS) Page 12

  13. Distributed Example scp Doc sshd Kernel Kernel FS FS P1 SaF SaF PM PM P1 P1|P2 Doc Doc Disk Flash Disk Flash Hybrid Drive Hybrid Drive Host A Host B The destination disk checks the integrity once the write- through is completed and appends a new provenance entry. Systems and Internet Infrastructure Security Laboratory (SIIS) Page 13

  14. Distributed Provenance Overheads • Overhead increases monotonically as data is shared. • Two implications: ‣ Storage costs within a single domain • High sharing factor: redundant provenance data • Long per-host modification histories: higher redundancy factor • Even though document size may remain constant! ‣ Audit costs between domains • As sharing of a document increases, the computational cost of sharing increases Systems and Internet Infrastructure Security Laboratory (SIIS) Page 14

  15. Performance Enhancements • Provenance monitor profiling ‣ Enhanced profiling tools ‣ Profiling provenance collection for workloads from scientific domains ‣ EEPS calibration for a particular environment ‣ LSM instrumentation • Cost models for provenance collection ‣ Hardware and storage requirements ($/GB) ‣ New cost models based on types of provenance data collected and system architectures Systems and Internet Infrastructure Security Laboratory (SIIS) Page 15

  16. Summary • Existing provenance systems solve problems of data management and organization • EEPS: ‣ Secure collection and auditing • Provenance Monitor ‣ Distributed provenance • Distributed PM ‣ Performance considerations • PM and application profiling and calibration Systems and Internet Infrastructure Security Laboratory (SIIS) Page 16

  17. References [Butler’08] Kevin Butler, Stephen McLaughlin, and Patrick McDaniel, Rootkit-Resistant Disks. 15th ACM Conference on Computer and Communications Security (CCS'08), Alexandria, VA, USA. November 2008. [Butler’07] Kevin Butler, Stephen McLaughlin, and Patrick McDaniel, Non-Volatile Memory and Disks: Avenues for Policy Architectures. 1st Computer Security Architecture Workshop (CSAW 2007), Alexandria, VA, USA. November 2007. [Hasan’09] Ragib Hasan, Radu Sion, and Marianne Winslett, Preventing History Forgery with Secure Provenance. ACM Transactions on Storage, December 2009. Systems and Internet Infrastructure Security Laboratory (SIIS) Page 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Ensuring a secure, reliable and efficient Power System in a Changing Environment Delivering a

Ensuring a secure, reliable and efficient Power System in a Changing Environment Delivering a

Ensuring a secure, reliable and efficient Power System in a Changing Environment Delivering a Secure Sustainable Power System 17 th August 2011 Outline Agenda Chair: Dick Lewis, Manager, Grid Operations Planning 10.00 a.m. Registration (Tea

833 views • 70 slides
Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data Weichao Wang, Zhiwei Li, Rodney Owens, Bharat Bhargava CCSW 2009: The ACM Cloud Computing Security Workshop 1 The Problem Providing secure and

414 views • 19 slides
System Architectures and Techniques for Efficient, Secure, and Trusted Code Execution Mario

System Architectures and Techniques for Efficient, Secure, and Trusted Code Execution Mario

System Architectures and Techniques for Efficient, Secure, and Trusted Code Execution Mario Werner May 7, 2020 Graz University of Technology Why do we care about code? www.tugraz.at 10:20 July 18 W i r e l e s s - G A D S L G

599 views • 49 slides
Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message Transmission Schemes Yvo Desmedt 1 , 2 Stelios Erotokritou 1 Reihaneh Safavi-Naini 3 1 Department of Computer Science University College London, UK 2

459 views • 33 slides
Secure Returns SAFE AS A VAULT Secure SECONDS TO UPLOAD Efficient ACCESSIBLE ANYWHERE

Secure Returns SAFE AS A VAULT Secure SECONDS TO UPLOAD Efficient ACCESSIBLE ANYWHERE

Secure Returns SAFE AS A VAULT Secure SECONDS TO UPLOAD Efficient ACCESSIBLE ANYWHERE Convenient What is Secure Returns ? Secure Returns is a secure website where you and your clients can securely upload & download confidential

202 views • 9 slides
Secure and Efficient Metering Discussion Outline Clarifications Attack on Secure

Secure and Efficient Metering Discussion Outline Clarifications Attack on Secure

Secure and Efficient Metering Discussion Outline Clarifications Attack on Secure Metering Issues and Extensions Real World Other Directions Metering for General Access Structures Understanding the model Audit Agency

480 views • 35 slides
Efficient and secure modular operations using the Polynomial Modular Number System (Part 1)

Efficient and secure modular operations using the Polynomial Modular Number System (Part 1)

The Polynomial modular number system (PMNS) Randomisation with the PMNS Internal randomisation using the Montgomery-like method Efficient and secure modular operations using the Polynomial Modular Number System (Part 1) ephane Didier 1 , Fangan

757 views • 26 slides
Efficient Scheme for Secure and Privacy-Preserving Electric Vehicle Dynamic Charging System IEEE

Efficient Scheme for Secure and Privacy-Preserving Electric Vehicle Dynamic Charging System IEEE

Efficient Scheme for Secure and Privacy-Preserving Electric Vehicle Dynamic Charging System IEEE ICC 2017 Paris, France May 21 - 25, 2017 Presenter: Outline I ntroduction Proposed Scheme Evaluations Conclusion W hat is EV

560 views • 20 slides
Secure and efficient deep learning everywhere Octomizer Outline Who we are (recap) Deployment

Secure and efficient deep learning everywhere Octomizer Outline Who we are (recap) Deployment

Secure and efficient deep learning everywhere Octomizer Outline Who we are (recap) Deployment pain The vision The Octomizer: TVM for everyone 2 Simple, secure, and efficient Drive TVM adoption Expand the set of users who can deployment of

370 views • 14 slides
Secure Coprocessor What is Secure coprocessor: Robust. (A system that is not easily or is

Secure Coprocessor What is Secure coprocessor: Robust. (A system that is not easily or is

Secure Coprocessor What is Secure coprocessor: Robust. (A system that is not easily or is not wholly affected by a bug in one aspect of it. ) General-purpose computational environments. Secure temper responsive physical package.

366 views • 14 slides
Secure and Efficient Metering Moni Naor and Benny Pinkas Eurocrypt '98 Contents Motivation

Secure and Efficient Metering Moni Naor and Benny Pinkas Eurocrypt '98 Contents Motivation

Secure and Efficient Metering Moni Naor and Benny Pinkas Eurocrypt '98 Contents Motivation One approach Lightweight Security Secure and Efficient Metering Motivation Advertising Webpage popularity Cost Measure

993 views • 49 slides
Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of

Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of

Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of Tsukuba, Japan JST CREST Secure Outsourcing GWAS Secure computation [Cloud] Outline of our solution [data holder] Secure

381 views • 19 slides
More Efficient (Almost) Tightly Secure Structure-Preserving Signatures Romain Gay 1 Dennis

More Efficient (Almost) Tightly Secure Structure-Preserving Signatures Romain Gay 1 Dennis

More Efficient (Almost) Tightly Secure Structure-Preserving Signatures Romain Gay 1 Dennis Hofheinz 2 Lisa Kohl 2 Jiaxin Pan 2 1 ENS Paris, France 2 Karlsruhe Institute of Technology, Germany R. Gay, D. Hofheinz, L. Kohl, J. Pan More Efficient

827 views • 45 slides
Techniques for Efficient Secure Computation Based on Yaos Protocol Yehuda Lindell Bar-Ilan

Techniques for Efficient Secure Computation Based on Yaos Protocol Yehuda Lindell Bar-Ilan

Techniques for Efficient Secure Computation Based on Yaos Protocol Yehuda Lindell Bar-Ilan University, Israel PKC 2013 Yehuda Lindell Techniques for Efficient Secure Computation 28/2/2013 1 / 39 Secure Computation Background A set of

689 views • 39 slides
Efficient KDM-CCA Secure Public-Key Encryption for Polynomial Functions Shuai Han, Shengli Liu,

Efficient KDM-CCA Secure Public-Key Encryption for Polynomial Functions Shuai Han, Shengli Liu,

Efficient KDM-CCA Secure Public-Key Encryption for Polynomial Functions Shuai Han, Shengli Liu, and Lin Lyu 1. Shanghai Jiao Tong University 2. State Key Laboratory of Cryptology 3. Westone Cryptologic Research Center Asiacrypt 2016, Hanoi,

950 views • 73 slides
Efficient Memory Integrity Verification and Encryption for Secure Processors G. Edward Suh,

Efficient Memory Integrity Verification and Encryption for Secure Processors G. Edward Suh,

Efficient Memory Integrity Verification and Encryption for Secure Processors G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, Srinivas Devadas Massachusetts Institute of Technology New Security Challenges Current computer

411 views • 26 slides
The OAI2LOD Server Exposing OAI-PMH Metadata as Linked Data Motivation more than 1700

The OAI2LOD Server Exposing OAI-PMH Metadata as Linked Data Motivation more than 1700

The OAI2LOD Server Exposing OAI-PMH Metadata as Linked Data Motivation more than 1700 institutions worldwide expose metadata via the Open Archives Initiative Protocol for Metadata Harvesting (OAI-PMH) using open standards like URI, HTTP ,

224 views • 19 slides
Exercise Sheet 6: Diagonalisation David Carral December 11, 2019 Exercise 1 Find the fault in

Exercise Sheet 6: Diagonalisation David Carral December 11, 2019 Exercise 1 Find the fault in

Exercise Sheet 6: Diagonalisation David Carral December 11, 2019 Exercise 1 Find the fault in the following proof of P = NP . 1. Suppose for a contradiction that P = NP . 2. By (1): since SAT NP , we have that SAT P . 3. By (2): there

328 views • 16 slides
ON COMBINING TRIPLE GRAPH GRAMMARS AND LINEAR OPTIMISATION TECHNIQUES A Real-World Example:

ON COMBINING TRIPLE GRAPH GRAMMARS AND LINEAR OPTIMISATION TECHNIQUES A Real-World Example:

Erhan Leblebici, Anthony Anjorin, Andy Schrr ON COMBINING TRIPLE GRAPH GRAMMARS AND LINEAR OPTIMISATION TECHNIQUES A Real-World Example: Overview Robin Oppermann: A Configurable, Model-Driven Approach to Optimal Scheduling using Triple

909 views • 58 slides
Efficient Algorithms and Problem Complexity More Complexity Classes Frank Drewes

Efficient Algorithms and Problem Complexity More Complexity Classes Frank Drewes

Efficient Algorithms and Problem Complexity More Complexity Classes Frank Drewes Department of Computing Science Ume University Frank Drewes (Ume University) Efficient Algorithms and Problem Complexity Lecture 14 1 / 12 Outline

240 views • 12 slides
Cognitive Security for Personal Devices Rachel Greenstadt (greenie@cs.drexel.edu) Jake Beal

Cognitive Security for Personal Devices Rachel Greenstadt (greenie@cs.drexel.edu) Jake Beal

Cognitive Security for Personal Devices Rachel Greenstadt (greenie@cs.drexel.edu) Jake Beal (jakebeal@mit.edu) AISec October 28, 2008 I must be dancing with Jake, after all, this guy knows Jakes private key.... Sounds like Jake Looks

445 views • 12 slides
Directed Algebraic Topology Scott Newton PhD Student, Ohio State University newton.385@osu.edu

Directed Algebraic Topology Scott Newton PhD Student, Ohio State University newton.385@osu.edu

Directed Algebraic Topology Scott Newton PhD Student, Ohio State University newton.385@osu.edu 27 April 2019 Scott Newton (OSU) Directed Spaces 27 April 2019 1 / 5 What Is Directed Algebraic Topology? Topological spaces do not have a

352 views • 5 slides
Business and Financial Update October 30, 2009 Safe Harbor Statement The information contained

Business and Financial Update October 30, 2009 Safe Harbor Statement The information contained

Business and Financial Update October 30, 2009 Safe Harbor Statement The information contained herein is as of the date of this presentation. Many factors may impact forward-looking statements including, but not limited to, the following: the

530 views • 28 slides
Asympto(c safety v. strings: UV comple(on on the world line Steven Abel (Durham) w/ Nicola Dondi

Asympto(c safety v. strings: UV comple(on on the world line Steven Abel (Durham) w/ Nicola Dondi

Asympto(c safety v. strings: UV comple(on on the world line Steven Abel (Durham) w/ Nicola Dondi (CP3), Daniel Lewis Overview Thoughts on asymptoDc safety in a messy UV RG in a messy UV: the string case UV compleDon on the world line

541 views • 41 slides

More recommend