Enforcing declara.ve data policies
|
|
- Cordelia Lindsey
- 5 years ago
- Views:
Transcription
1 Enforcing declara.ve data policies Peter Druschel with Anjo Vahldiek, Eslam Elnikety, Aastha Mehta, Deepak Garg, MPI- SWS (with from Rodrigo Rodrigues Nova Lisboa, Johannes Gehrke Cornell/Microso>, Ansley Post Google)
2 Data integrity, compliance Increasing volume and value of digitally stored Loss or disclosure may lead to material, financial, privacy, security loss Data stored, processed by third Requirement: Policy compliance User preferences, enterprise/provider privacy policy Legal requirements for access, logging, removal Threats: Increasing complexity of sojware systems,
3 A safety net for data policy compliance Complex data processing system Guardat: mediate storage I/O Ø policies Ø AWached to data files Ø By data owner/subject, provider, designer Ø Enforced with a small TCB
4 Outline Guardat: Data policies at the storage layer Policy examples Guardat Thoth: Extending the safety net Conclusion
5 Guardat: Overview Trusted component (GDC) on the storage I/O path Enforces integrity, policies awached to files AWests the state of stored files Through an API (IOCTL calls) Framework system File system Net stack, drivers Services IO Bus or Network Object Policy Block device Guardat device GDC SSD
6 Guardat: Usage User, provider, developer Object akesta.on: Object id Path name Policy Content hash Size Guardat device Object policy: Access on: Principal s iden@ty Cer@fied facts (@me, loca@on, etc.) Current state of files Update content GDC SSD Untrusted code can migrate sealed,pickled file+policy among Guardat devices under policy control
7 Guardat: Design Principles Storage layer enforcement minimizes TCB/aWack surface All policy awached to data files Policy states what, untrusted code does the how Trusted Guardat Controller (GDC) Policy language interpreter Unique private/public key + cer@ficate Cer@ficates, secure sessions Metadata store (SSD) Guardat device GDC SSD
8 Guardat: Threat model AWacker does not 1. penetrate the GDC Private key is protected, firmware is correct 2. compromise external policy dependencies server, users private keys Guardat guarantee: All file accesses comply with the file s policy Guardat device GDC SSD
9 Outline Guardat: Data policies at the storage layer Policy examples Guardat Thoth: Extending the safety net Conclusion
10 Policy language A file policy has 4 rules of the form permission :- condi/on (constrained Datalog) permission = {read,update,destroy,setpolicy} condi/on is a boolean expression of atomic facts atomic facts contain a predicate that relates object ids, content, public keys, cer@ficates, etc. wide range of predicates: <, >, ==, session_is(key), object_is(o), (obj,off,len) says R, key_is(k, a), k signs (t 1, t n ) at t, etc.
11 Example: Backup file integrity Threat: SoJware bug, virus or operator error corrupts backup/snapshot data stored online Policy: No writes before the backup s expira@on date update :- key_is(k, TimeServer ) K signs /me(t) at T i /me_is(t j ) (T +T j T i > endt)
12 Example: Executable file integrity Threat: AWacker replaces executable file with a Trojan or rolls back to a vulnerable version Policy: Allow updates when signed by trusted vendor and version number is sufficiently high update :- object_name_is(o) new_length_is(l) (0,L) willhavehash N h key_is(k, Vendor ) K signs ok_hash(o,n,n h ) (N 10) setpolicy :- object_name_is(o) new_pol_hash_is(n ph ) k ad signs good_policy(o,n ph )
13 Example: Append- only log Threat: Intruder manipulates system log files Policy: Disallow in- place of log files except by sysadmin (k ad ) update :- session_is(kad) (old_length_is(l o ) new_length_is(l n ) (L n L o ) updated_loca/ons_are(m) disjoint(m, [0,L o ]))
14 Example: Mandatory access logging Threat: Unaccounted accesses to data (e.g., medical records, pay- per- view content, user s private data) Policy: Access allowed iff an appropriate entry is added to an append- only audit log file Content file has a seq#, increased during update read requires log entry <client, current seq#, off, len> update requires log entry with <client, new seq#, off, len, new- cont- hash>, must increment seq#
15 Outline Guardat: Data policies at the storage layer Policy examples Guardat results Thoth: Extending the safety net Conclusion
16 Guardat GDC /RAID controller Microcontroller on SCSI/SATA host adapter Trusted sojware component in storage server (SAN or NAS), VMM or OS protected by ARM TrustZone or Intel SGX secure enclave
17 Summary Guardat prototype in iscsi IET SAN server Micro benchmarks: Low bandwidth overhead (< 0.75%) Low (<0.5%) latency cost, except for reads/writes (2/7%) Web server: Guardat protects (with < 1% xput overhead) Content from unauthorized Binaries from unauthorized update Mandatory access logging: 11.5%/50.6% overhead for individual read/write over voluntary logging
18 Outline Guardat: Data policies at the storage layer Policy examples Guardat Thoth: Extending the safety net Conclusion
19 Guardat revisited Signed content Complex data processing system Trusted sources Sealed content users Supports policies for structural integrity (e.g., append- only) (MAL) for sealed data provenance for signed content NICTA SoJware Systems Summer School, 2014
20 But what about general data processing? Inputs Results Complex data processing system How to ensure confiden.ality, provenance when untrusted so>ware analyses/mutates data?
21 Thoth: Expanding the safety net Encapsulated processes or VMs Complex data processing system Thoth: mediates all I/O, tracks flow, supports policies: Ø Declassifica/on: constrains downstream data use Net GUI Ø Provenance: constrains upstream data origin
22 Thoth in search engine David s private post Indexer Update :- append- only Read :- only David s circle Declassify :- employees with MAL Logfile:.. admin read David s post at xx.xx Search Front End Index Read :- Update :- No content that is illegal in Bob s locale Read :- employees with MAL David s private post David s sex, drugs, rock & roll! Search: David Smith David s private post David s sex, drugs, rock & roll! David s web page David s web page Admin Bob
23 Guardat: Related work TCG storage work group spec [2012] Architecture for sessions, access control policies Concrete design, lej to vendors No object TC: [Haldar 2004], Excalibur [Santos 2012], Pasture [Kotla 2012] Integrity/confiden.ality: self- disks, capability NAS [Aguilera 2003], type- safe disks [Sivathanu 2006], [Quinlan 2002], S4 [Strunk 2000], NetApp SnapVault, PCFS[Garg 2010], PFS[Walsh 2012] Extended disk func.onality: hybrid disks, object- based storage [Mesnier 2003], disks [Riedel 2001], smart disks [Sivathanu 2003], storage [Mesnier 2011]
24 Related work: Trusted Property Trusted compu.ng Guardat Root of trust TPM GDC Motherboard Guardat device Storage property provided HW/SW (remote + Read integrity Proper@es expressed in Trusted sojware File state + policy file awesta@on) Confiden@ality + write integrity Policy language TCB TPM + trusted SW GDC (narrow API) Persistent secure state NVRAM En@re storage device Mostly complementary; can be combined, e.g., Remotely awested external verifier Tamper- resident persistent storage
25 Conclusions Guardat: data policies at the storage layer small TCB and low overhead possible Thoth: extents enforcement to general data processing Enables and provenance policies Challenges Trading off expressiveness of policy language (and scope of with TCB size Burden of policies and refactoring Loss in flexibility versus security/robustness
Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services
Max Planck Institute for Software Systems Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services 1, Rodrigo Rodrigues 2, Krishna P. Gummadi 1, Stefan Saroiu 3 MPI-SWS 1, CITI / Universidade
More informationAdvanced Systems Security: Cloud Computing Security
Advanced Systems Security: Cloud Computing Security Trent Jaeger Penn State University Systems and Internet Infrastructure Security Laboratory (SIIS) 1 Cloudy Foundations Can customers move their services
More informationLeviathan redux. John L. Manferdelli Intel Science and Technology Center for Secure Compu;ng UC, Berkeley
Leviathan redux John L. Manferdelli Intel Science and Technology Center for Secure Compu;ng UC, Berkeley Joint work with Tom Roeder (Google), Fred Schneider (Cornell) And Kevin Walsh of Mt Holyoke College
More informationTowards Provably Secure and Correct Systems. Avik Chaudhuri
Towards Provably Secure and Correct Systems Avik Chaudhuri Systems we rely on Opera
More informationMylar. xd5d1db5abce2356d51db5aab23d abbce23352abc x435acb734352a12cad5d1db5abce2356d51db acb2312aaab23!
Mylar Building web applica/ons on top of encrypted data xd5d1db5abce2356d51db5aab23d5321535abbce23352abc4352314987 x435acb734352a12cad5d1db5abce2356d51db5345323acb2312aaab23! Raluca Ada Popa, Emily Stark,
More informationSecure Server Project. Xen Project Developer Summit 2013 Adven9um Labs Jason Sonnek
Secure Server Project Xen Project Developer Summit 2013 Adven9um Labs Jason Sonnek 1 Outline I. Mo9va9on, Objec9ves II. Threat Landscape III. Design IV. Status V. Roadmap 2 Mo9va9on In a nutshell: Secure
More informationSecuring Hadoop. Keys Botzum, MapR Technologies Jan MapR Technologies - Confiden6al
Securing Hadoop Keys Botzum, MapR Technologies kbotzum@maprtech.com Jan 2014 MapR Technologies - Confiden6al 1 Why Secure Hadoop Historically security wasn t a high priority Reflec6on of the type of data
More informationToday s Objec4ves. Data Center. Virtualiza4on Cloud Compu4ng Amazon Web Services. What did you think? 10/23/17. Oct 23, 2017 Sprenkle - CSCI325
Today s Objec4ves Virtualiza4on Cloud Compu4ng Amazon Web Services Oct 23, 2017 Sprenkle - CSCI325 1 Data Center What did you think? Oct 23, 2017 Sprenkle - CSCI325 2 1 10/23/17 Oct 23, 2017 Sprenkle -
More informationhashfs Applying Hashing to Op2mize File Systems for Small File Reads
hashfs Applying Hashing to Op2mize File Systems for Small File Reads Paul Lensing, Dirk Meister, André Brinkmann Paderborn Center for Parallel Compu2ng University of Paderborn Mo2va2on and Problem Design
More informationM 2 R: Enabling Stronger Privacy in MapReduce Computa;on
M 2 R: Enabling Stronger Privacy in MapReduce Computa;on Anh Dinh, Prateek Saxena, Ee- Chien Chang, Beng Chin Ooi, Chunwang Zhang School of Compu,ng Na,onal University of Singapore 1. Mo;va;on Distributed
More informationQapla: Policy compliance for database-backed systems
Qapla: Policy compliance for database-backed systems Aastha Mehta 1, Eslam Elnikety 1, Katura Harvey 1,2, Deepak Garg 1, Peter Druschel 1 1 Max Planck Institute for Software Systems (MPI-SWS) 2 University
More informationVirtualization. Introduction. Why we interested? 11/28/15. Virtualiza5on provide an abstract environment to run applica5ons.
Virtualization Yifu Rong Introduction Virtualiza5on provide an abstract environment to run applica5ons. Virtualiza5on technologies have a long trail in the history of computer science. Why we interested?
More informationMulG-Vendor Key Management with KMIP
MulG-Vendor Key Management with KMIP Tim Hudson CTO Cryptso2 tjh@cryptso2.com GS13A 19-May-2016 1:35pm Key Management 1000011010100100101100101010000010101000101001101001111010001100 Key Management Standards
More informationAWS Iden)ty And Access Management (IAM) Manohar Rapolu
AWS Iden)ty And Access Management (IAM) Manohar Rapolu Topics Introduc5on Principals Authen5ca5on Authoriza5on Other Key Feature -> Mul5 Factor Authen5ca5on -> Rota5ng Keys -> Resolving Mul5ple Permissions
More informationSymantec Data Loss Preven2on 12.5 Demo Presenta2on
Symantec Data Loss Preven2on 12.5 Demo Presenta2on 1 Our Understanding PROJECT DRIVERS & DATA TO PROTECT Regulatory compliance PCI, GLBA Data inventory and cleansing SSNs, CCNs [Replace these bullet points
More informationStorage and File Hierarchy
COS 318: Operating Systems Storage and File Hierarchy Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics Storage hierarchy File system
More informationCOS 318: Operating Systems
COS 318: Operating Systems File Systems: Abstractions and Protection Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics What s behind
More informationOracle VM Workshop Applica>on Driven Virtualiza>on
Oracle VM Workshop Applica>on Driven Virtualiza>on Simon COTER Principal Product Manager Oracle VM & VirtualBox simon.coter@oracle.com hnps://blogs.oracle.com/scoter November 25th, 2015 Copyright 2014
More informationDistributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing
Distributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing 02/06/14 Goals Understand principles of: Authenticated booting, diference to (closed) secure
More informationAccess Control. Chester Rebeiro. Indian Institute of Technology Madras
Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of achieving confiden5ality and integrity) Who can access What Subjects : User/ process/ applica5on Read/Write/
More informationTERRA. Boneh. A virtual machine-based platform for trusted computing. Presented by: David Rager November 10, 2004
TERRA Authored by: Garfinkel,, Pfaff, Chow, Rosenblum,, and Boneh A virtual machine-based platform for trusted computing Presented by: David Rager November 10, 2004 Why there exists a need Commodity OS
More informationSecuring Cloud Computing
Securing Cloud Computing NLIT Summit, May 2018 PRESENTED BY Jeffrey E. Forster jeforst@sandia.gov Lucille Forster lforste@sandia.gov Sandia National Laboratories is a multimission laboratory managed and
More informationTechnical Brief Distributed Trusted Computing
Technical Brief Distributed Trusted Computing Josh Wood Look inside to learn about Distributed Trusted Computing in Tectonic Enterprise, an industry-first set of technologies that cryptographically verify,
More informationAutoscopy Jr.: Intrusion Detec3on for Embedded Control Systems
Autoscopy Jr.: Intrusion Detec3on for Embedded Control Systems Jason Reeves, Ashwin Ramaswamy, Michael Locasto, Sergey Bratus, and Sean Smith CSRS 2011 Dartmouth College September 24, 2011 1 Outline Mo3va3on
More informationVerifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services)
1 Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services) Vyas Sekar vnfo joint with Seyed Fayazbakhsh, Mike Reiter VRA joint with Chen Chen, Petros Mania9s,
More informationOperating System Security
Operating System Security Operating Systems Defined Hardware: I/o...Memory.CPU Operating Systems: Windows or Android, etc Applications run on operating system Operating Systems Makes it easier to use resources.
More informationSoK: A Study of Using Hardwareassisted. Environments for Security. Fengwei Zhang and Hongwei Zhang. Wayne State University Detroit, Michigan, USA
SoK: A Study of Using Hardwareassisted Isolated Execu
More informationDISTRIBUTED SYSTEMS [COMP9243] Lecture 8a: Cloud Computing WHAT IS CLOUD COMPUTING? 2. Slide 3. Slide 1. Why is it called Cloud?
DISTRIBUTED SYSTEMS [COMP9243] Lecture 8a: Cloud Computing Slide 1 Slide 3 ➀ What is Cloud Computing? ➁ X as a Service ➂ Key Challenges ➃ Developing for the Cloud Why is it called Cloud? services provided
More informationMobile Workforce Produc0vity Vision Jon Kuhn
Mobile Workforce Produc0vity Vision 2013 Jon Kuhn Any informa9on regarding pre- release Symantec offerings, future updates or other planned modifica9ons is subject to ongoing evalua9on by Symantec and
More informationTrust Eleva,on Architecture v03
Trust Eleva,on Architecture v03 DISCUSSION DRAFT 2015-01- 27 Andrew Hughes 1 Purpose of this presenta,on To alempt to explain the Trust Eleva,on mechanism as a form of ALribute Based Access Control To
More informationApplications of Attestation:
Lecture Secure, Trusted and Trustworthy Computing : IMA and TNC Prof. Dr. Ing. Ahmad Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Germany Winter Term 2011/2012 1 Roadmap: TC
More informationRISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas
RISCV with Sanctum Enclaves Victor Costan, Ilia Lebedev, Srini Devadas Today, privilege implies trust (1/3) If computing remotely, what is the TCB? Priviledge CPU HW Hypervisor trusted computing base OS
More informationSecuring Open- Source Databases in the Cloud Mike Frank, Director of Products
Securing Open- Source Databases in the Cloud Mike Frank, Director of Products Session Agenda Cyber- security fears and the risks to your data in the cloud Overview of cloud and virtualized infrastructures,
More informationAccess Control for Enterprise Apps. Dominic Duggan Stevens Ins8tute of Technology Based on material by Lars Olson and Ross Anderson
Access Control for Enterprise Apps Dominic Duggan Stevens Ins8tute of Technology Based on material by Lars Olson and Ross Anderson SQL ACCESS CONTROL 2 App vs Database Security Mul8ple users for Apps (A)
More informationTerra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have
More informationA Comparison Study of Intel SGX and AMD Memory Encryption Technology
A Comparison Study of Intel SGX and AMD Memory Encryption Technology Saeid Mofrad, Fengwei Zhang Shiyong Lu Wayne State University {saeid.mofrad, Fengwei, Shiyong}@wayne.edu Weidong Shi (Larry) University
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Summer Term 2015 Roadmap: Trusted Computing Motivation Notion of trust
More informationThoth: Comprehensive Policy Compliance in Data Retrieval Systems
Thoth: Comprehensive Policy Compliance in Data Retrieval Systems Eslam Elnikety, Aastha Mehta, Anjo Vahldiek-Oberwagner, Deepak Garg, and Peter Druschel, Max Planck Institute for Software Systems (MPI-SWS)
More informationAWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS
AWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS suneys@amazon.com AWS Core Infrastructure and Services Traditional Infrastructure Amazon Web Services Security Security Firewalls ACLs
More informationModifying an Exis.ng Commercial Product for Cryptographic Module Evalua.on
Modifying an Exis.ng Commercial Product for Cryptographic Module Evalua.on ICMC16 O?awa, Canada 18-20 May 2016 Presented by Alan Gornall Introduc.on I provide cer.fica.on support to my clients: compliance
More informationLecture Embedded System Security Trusted Platform Module
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Germany Summer Term 2015 Roadmap: TPM Introduction to TPM TPM architecture
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Summer Term 2012 Roadmap: Trusted Computing Motivation Notion of trust
More informationctpm: A Cloud TPM for Cross-Device Trusted Applications Chen Chen (ETH Zurich), Himanshu Raj, Stefan Saroiu, Alec Wolman (Microsoft Research)
ctpm: A Cloud TPM for Cross-Device Trusted Applications Chen Chen (ETH Zurich), Himanshu Raj, Stefan Saroiu, Alec Wolman (Microsoft Research) Motivation People are using more than one mobile device Mobile
More informationDefense Manpower Data Center CAC/PKI NFC
Defense Manpower Data Center CAC/PKI NFC Bob Gilson Jonathan Shu cacsupport@mail.mil Sep 2012 2 Authentication in the US Government US Government employees must use Personal Iden7ty Verifica7on (PIV) smart
More informationModule: Cloud Computing Security
Module: Computing Security Professor Trent Jaeger Penn State University Systems and Internet Infrastructure Security Laboratory (SIIS) 1 Computing Is Here Systems and Internet Infrastructure Security (SIIS)
More informationDesign Principles & Prac4ces
Design Principles & Prac4ces Robert France Robert B. France 1 Understanding complexity Accidental versus Essen4al complexity Essen%al complexity: Complexity that is inherent in the problem or the solu4on
More informationKey Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge
Key Threats Internet was just growing Mail was on the verge Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering Key Threats Code Red and Nimda (2001), Blaster (2003), Slammer
More informationDemonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin
Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions Topic Prerequisites Security concepts Security-related concepts (e.g., entropy) Virtualization
More informationIn The Middle of Printers The (In)Security of Pull Prin8ng Solu8ons. Jakub Kałużny. SecuRing
In The Middle of Printers The (In)Security of Pull Prin8ng Solu8ons Jakub Kałużny SecuRing #whoami IT Security Consultant at SecuRing Consul8ng all phases of SDLC Previously worked for ESA and online money
More informationROTE: Rollback Protection for Trusted Execution
ROTE: Rollback Protection for Trusted Execution Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, Srdjan Capkun Siniša Matetić ETH Zurich Institute of
More informationHP NonStop Volume Level Encryption with DataFort
HP NonStop Volume Level Encryption with DataFort Agenda About NetApp Storage Security Background Introduction to DataFort Focus on Key Management About NetApp Delivering Customer Success $3.0B $2.0B $1B
More informationElectronic Network Acceptable Use Policy
Electronic Network Acceptable Use Policy 2016-2017 www.timothychristian.com ELECTRONIC NETWORK ACCEPTABLE USE POLICY Electronic Network This Policy is intended to serve as a guide to the scope of TCS s
More informationTolera'ng File System Mistakes with EnvyFS
Tolera'ng File System Mistakes with EnvyFS Lakshmi N. Bairavasundaram NetApp, Inc. Swaminathan Sundararaman Andrea C. Arpaci Dusseau Remzi H. Arpaci Dusseau University of Wisconsin Madison File Systems
More informationCode42 Security. Tech Specs Data Protection & Recovery
Tech Specs Data Protection & Recovery Code42 Security Code42 provides continuous, automatic desktop and laptop backup. Our layered approach to security exceeds industry best practices and fulfills the
More informationNo compromises: distributed transac2ons with consistency, availability, and performance
No compromises: distributed transac2ons with consistency, availability, and performance Aleksandar Dragojevic, Dushyanth Narayanan, Edmund B. Nigh2ngale, MaDhew Renzelmann, Alex Shamis, Anirudh Badam,
More informationAdDroid Privilege Separa,on for Applica,ons and Adver,sers in Android
AdDroid Privilege Separa,on for Applica,ons and Adver,sers in Android Paul Pearce 1, Adrienne Porter Felt 1, Gabriel Nunez 2, David Wagner 1 1 University of California, Berkeley 2 Sandia Na,onal Laboratory
More informationWhy Transac'ons? Database systems are normally being accessed by many users or processes at the same 'me.
Transac'ons 1 Why Transac'ons? Database systems are normally being accessed by many users or processes at the same 'me. Both queries and modifica'ons. Unlike opera'ng systems, which support interac'on
More informationCIS 4360 Secure Computer Systems SGX
CIS 4360 Secure Computer Systems SGX Professor Qiang Zeng Spring 2017 Some slides are stolen from Intel docs Previous Class UEFI Secure Boot Windows s Trusted Boot Intel s Trusted Boot CIS 4360 Secure
More informationPlatform Configuration Registers
Chapter 12 Platform Configuration Registers Platform Configuration Registers (PCRs) are one of the essential features of a TPM. Their prime use case is to provide a method to cryptographically record (measure)
More informationDistributed Systems INF Michael Welzl
Distributed Systems INF 3190 Michael Welzl What is a distributed system (DS)? Many defini8ons [Coulouris & Emmerich] A distributed system consists of hardware and sodware components located in a network
More informationBusiness Case Components
How to Build A SOC Agenda Mission Business Case Components Regulatory requirements SOC Terminology Technology Components Events categories Staff Requirements Organiza>on s Considera>ons Training Requirements
More informationSEDA An architecture for Well Condi6oned, scalable Internet Services
SEDA An architecture for Well Condi6oned, scalable Internet Services Ma= Welsh, David Culler, and Eric Brewer University of California, Berkeley Symposium on Operating Systems Principles (SOSP), October
More informationRAD, Rules, and Compatibility: What's Coming in Kuali Rice 2.0
software development simplified RAD, Rules, and Compatibility: What's Coming in Kuali Rice 2.0 Eric Westfall - Indiana University JASIG 2011 For those who don t know Kuali Rice consists of mul8ple sub-
More informationSealing and Attestation in Intel Software Guard Extensions (SGX)
Sealing and Attestation in Intel Software Guard Extensions (SGX) Rebekah Leslie-Hurd Intel Corporation January 8 th, 2016 2016 Intel Corporation. All rights reserved. A Typical Computing Platform Application
More informationDistributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing
Distributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing 30/05/11 Goals Understand principles of: Authenticated booting The difference to (closed) secure
More informationAssessing Medical Device. Cyber Risks in a Healthcare. Environment
Assessing Medical Device Medical Devices Security Cyber Risks in a Healthcare Phil Englert Director Technology Operations Environment Catholic Health Ini
More informationTRUSTED COMPUTING TRUSTED COMPUTING. Overview. Why trusted computing?
Overview TRUSTED COMPUTING Why trusted computing? Intuitive model of trusted computing Hardware versus software Root-of-trust concept Secure boot Trusted Platforms using hardware features Description of
More informationCSE 237B Fall 2009 Virtualization, Security and RTOS. Rajesh Gupta Computer Science and Engineering University of California, San Diego.
CSE 237B Fall 2009 Virtualization, Security and RTOS Rajesh Gupta Computer Science and Engineering University of California, San Diego. Overview What is virtualization? Types of virtualization and VMs
More informationSecurity Information & Policies
Security Information & Policies 01 Table of Contents OVERVIEW CHAPTER 1 : CHAPTER 2: CHAPTER 3: CHAPTER 4: CHAPTER 5: CHAPTER 6: CHAPTER 7: CHAPTER 8: CHAPTER 9: CHAPTER 10: CHAPTER 11: CHAPTER 12: CHAPTER
More informationSensitive Information in a Wired World
Sensitive Information in a Wired World CPSC 457/557, Fall 2013 Lecture 11, October 3, 2013 1:00-2:15 pm; AKW 400 http://zoo.cs.yale.edu/classes/cs457/fall13/ Brian A. LaMacchia, used with permission 1
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationOracle Cloud Forum. Ken Bond Vice President, Investor Rela?ons June 25, 2014
Oracle Cloud Forum Ken Bond Vice President, Investor Rela?ons June 25, 2014 Copyright 2014 Oracle and/or its affiliates. All rights reserved. Oracle Confiden?al Internal/Restricted/Highly Restricted 2
More informationAgenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2
GRC3386BUS GDPR Readiness with IBM Cloud Secure Virtualization Raghu Yeluri, Intel Corporation Shantu Roy, IBM Bill Hackenberger, Hytrust #VMworld #GRC3386BUS Agenda GDPR Overview & Requirements IBM Secure
More informationTRUSTSHADOW: SECURE EXECUTION OF UNMODIFIED APPLICATIONS WITH ARM TRUSTZONE Florian Olschewski
TRUSTSHADOW: SECURE EXECUTION OF UNMODIFIED APPLICATIONS WITH ARM TRUSTZONE 14.11.2018 Florian Olschewski 1 OUTLINE 1) Introduction 2) Trustzone 3) Threat Model 4) Overview 5) Runtime System 6) Implementation
More informationUnderstanding Cryptography and Audi?ng Public Key Infrastructures
Understanding Cryptography and Audi?ng Public Key Infrastructures Rami Elkinawy, Senior Audit Manager, ebay Professional Strategies S31 CRISC CGEIT CISM CISA THE HISTORY OF CRYPTOGRAPHY CRISC CGEIT CISM
More informationMedical Device Safety in a Connected World
Mr. Clark Fortney Senior Software Engineer Medical Device Safety in a Connected World IoT Expo June 6-8 2017 1 Clark Fortney My Background 20 years designing systems & software for medical devices at Battelle.
More informationTHE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:
June 2013 Sponsored by Introduction Mobile devices cause ongoing concern for IT teams responsible for information security. Sensitive corporate information can be easily transported and lost, while the
More informationSmart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability
Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability Communications and Embedded Systems Department Southwest Research Institute Gary Ragsdale, Ph.D., P.E. August 24 25,
More informationAdvanced Systems Security: Ordinary Operating Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationProtecting Keys/Secrets in Network Automation Solutions. Dhananjay Pavgi, Tech Mahindra Ltd Srinivasa Addepalli, Intel
Protecting Keys/Secrets in Network Automation Solutions Dhananjay Pavgi, Tech Mahindra Ltd Srinivasa Addepalli, Intel Agenda Introduction Private Key Security Secret Management Tamper Detection Summary
More informationInves&ga&ng Intent API for Service Chaining. Andy Veitch NetCracker (NEC)
Inves&ga&ng Intent API for Service Chaining Andy Veitch NetCracker (NEC) Goals Define and develop Intent NBI for service chaining Define for mul&ple underlying implementa&ons avoid network details Develop
More informationPreliminary ACTL-SLOW Design in the ACS and OPC-UA context. G. Tos? (19/04/2016)
Preliminary ACTL-SLOW Design in the ACS and OPC-UA context G. Tos? (19/04/2016) Summary General Introduc?on to ACS Preliminary ACTL-SLOW proposed design Hardware device integra?on in ACS and ACTL- SLOW
More informationJason Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, So5ris Ioannidis, Angelos Keromy5s, Stefano Zanero.
Jason Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, So5ris Ioannidis, Angelos Keromy5s, Stefano Zanero polakis@ics.forth.gr Annual Computer Security Applica5ons Conference (ACSAC) 2012 Introduc5on
More informationAuthenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing. Hermann Härtig Technische Universität Dresden Summer Semester 2009
Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing Hermann Härtig Technische Universität Dresden Summer Semester 2009 Goals Understand principles of: authenticated booting the
More informationOS Security IV: Virtualization and Trusted Computing
1 OS Security IV: Virtualization and Trusted Computing Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 More questions? 3 Virtual machine monitor +-----------+----------------+-------------+
More informationGuarded Modules: Adap/vely Extending the VMM s Privileges Into the Guest
Guarded Modules: Adap/vely Extending the VMM s Privileges Into the Guest Kyle C. Hale Peter Dinda Department of Electrical Engineering and Computer Science Northwestern University hip://halek.co hip://presciencelab.org
More informationKomodo: Using Verification to Disentangle Secure-Enclave Hardware from Software
Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris Hawblitzel, Bryan Parno* Microsoft Research, Cornell University, Carnegie Mellon
More informationSecurity of Embedded Systems
Security of Embedded Systems Matthias Schunter, Intel Labs, Ahmad Sadeghi, TU Darmstadt + Teams (F. Brasser, L. Davi, P. Koeberl, S. Schulz, et. al.) 1 2015 Intel Corporation What is an Embedded System?
More informationSanctum: Minimal HW Extensions for Strong SW Isolation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7a Sanctum: Minimal HW Extensions for Strong SW Isolation Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical &
More informationCIS433/533 - Introduction to Computer and Network Security. Access Control
CIS433/533 - Introduction to Computer and Network Security Access Control Professor Butler Winter 2011 Computer and Information Science Trusted Computing Base The trusted computing base is the infrastructure
More informationitexamdump 최고이자최신인 IT 인증시험덤프 일년무료업데이트서비스제공
itexamdump 최고이자최신인 IT 인증시험덤프 http://www.itexamdump.com 일년무료업데이트서비스제공 Exam : CISA Title : Certified Information Systems Auditor Vendor : ISACA Version : DEMO Get Latest & Valid CISA Exam's Question and
More informationAcceptable Use Policy
Acceptable Use Policy POLICY 07.01.01 Effective Date: 01/01/2015 The following are responsible for the accuracy of the information contained in this document Responsible Policy Administrator Information
More informationLecture 3 MOBILE PLATFORM SECURITY
Lecture 3 MOBILE PLATFORM SECURITY You will be learning: What techniques are used in mobile software platform security? What techniques are used in mobile hardware platform security? Is there a common
More informationRedrawing the Boundary Between So3ware and Storage for Fast Non- Vola;le Memories
Redrawing the Boundary Between So3ware and Storage for Fast Non- Vola;le Memories Steven Swanson Director, Non- Vola;le System Laboratory Computer Science and Engineering University of California, San
More informationGSE/Belux Enterprise Systems Security Meeting
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. 1 In the news Microsoft Exposes Scope of Botnet Threat By Tony Bradley, October 15, 2010 Microsoft's
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationNa#ve Applica#ons WG (NAPPS) May 5/14 Paul Madsen, Ping
Na#ve Applica#ons WG (NAPPS) May 5/14 Paul Madsen, Ping NAPPS value proposi#on OAuth & Connect enable na#ve applica#ons calling APIs Popularity of na#ve applica#on model has led to an explosion enterprise
More information10/7/15. MediaItem tostring Method. Objec,ves. Using booleans in if statements. Review. Javadoc Guidelines
Objec,ves Excep,ons Ø Wrap up Files Streams MediaItem tostring Method public String tostring() { String classname = getclass().tostring(); StringBuilder rep = new StringBuilder(classname); return rep.tostring();
More informationNear- Data Computa.on: It s Not (Just) About Performance
Near- Data Computa.on: It s Not (Just) About Performance Steven Swanson Non- Vola0le Systems Laboratory Computer Science and Engineering University of California, San Diego 1 Solid State Memories NAND
More informationLecture Secure, Trusted and Trustworthy Computing Trusted Platform Module
1 Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2016/17 Roadmap: TPM
More information