Security and Trust in a Networked Immersed World: from Components to Systems and Beyond

Transcription

1 Security and Trust in a Networked Immersed World: from Components to Systems and Beyond John S. Baras Lockheed Martin Chair in Systems Engineering The Institute for Systems Research and Electrical and Computer Engin. Dept., University of Maryland College Park, USA and Tage Erlander Guest Professor School of Electrical Engineering and ACCESS Linnaeus Centre Royal Institute of Technology (KTH), Sweden July 3, nd Hellenic Forum for Science, Innovation and Technology NCSR Demokritos, Athens, Greece

2 Acknowledgments Joint work with: Vladimir Ivanov, Shalabh Jain, Tao Jiang, Kiran Somasundaram, Johnny Ta, George Theodorakopoulos, Shanshan Zheng Sponsors: NSF, ARO, ARL, AFOSR, NIST, DARPA, Lockheed Martin, Telcordia (ACS) 2

3 Wireless and Networked Embedded Systems: Ubiquitous Presence 3

4 Network as a Service: Adaptable, Application Driven The Cloud; Software Defined Networks is the next wave and security IS NOT READY Securing the SDN (security policy enforcement, chain of trust, composable security) Transparency vs. privacy, Assurance vs. cost Courtesy: CISCO 4

5 Wireless Sensor Networks Everywhere 5

6 Smart Manufacturing in a Network Immersed World Courtesy: Rockwell 6

7 Smart Grids in a Network Immersed World Courtesy: Rockwell 7

8 Power Grids and SCADA 8

9 Trusted Power Grids with various degrees of Smarts The measurements in the trusted smart grid are not adequately protected Consumption and production measurements can be falsified and lead to economic damage The problem will be amplified based on the growing number of users How can we preserve the integrity of measurements and estimates? How to protect the computers that control the power grid and factories and. 9

10 Attacks on Distributed Sense/Control 10

11 Aviation and Aerospace: NextGen Information Assurance and Cybersecurity Challenges Courtesy: Boeing 11

12 Cars are Heavily Computerized: Electronics in Cars and Vulnerabilities 12

13 New Ideas: Hardware-Based Security 13

14 Convergence = new home health platform Digital home entertainment infrastructure can be used for health Everyday health through everyday devices Personalized, proactive health info/reminders/agents INTEL 14

15 Healthcare: A rather huge domain Authentication paramount Several systems in testing out of the box ideas in trials: RF and optics, quantum keys, links to fingerprints (user and device) 15

16 Future Smart Homes and Cities UI for Everything Devices with Computing Capabilities & Interfaces Network Communication Devices Connected to Home Network Media: Physical to Digital MP3, Netflix, Kindle ebooks, Flickr Photos Smart Phones Universal Controller in a Smart Home Smart Meters & Grids Demand/Response System for Power Grid Wireless Medical Devices Portable & Wireless for Real-Time Monitoring 16

17 The device that can do everything 17

18 Take Away Message on Significance of Security Vulnerabilities and Challenges There are huge commercial markets where there is critical need for an integrated security Need to compose evidence from several domains (no one security or authentication mechanism will solve the problem) composable security Be aware of fusion of evidence! Many known instances of wrong ways to do it. Secure by design devices and networks? Reality or Dream? Distributed availability of validation data or features. Do we need third parties? Architectures? Timing issues several: real-time, asynchronous operation Copyright John S. Baras

19 Outline-Overview-Topics Physical Layer Security Mechanisms Methods for physical layer security Secure neighborhood discovery Discovering and defending against wormhole attacks with physical layer schemes Using low power tags and the channel characteristics against wormholes Securing the paging system in LTE Trust and Networks Multiple semirings and trust Using trust to defend against attacks on SCADA Trusted core and secure routing Constrained coalitional games Composite Trust Composable security Copyright John S. Baras

20 Physical Layer Authentication: Key Ideas and Challenges Exploit characteristics (a.k.a. FINGERPRINTS) of physical layer (vastly ignored todate) Waveform, RF and hardware peculiarities lead to unshakeable fingerprints Embed artificial and stealthy fingerprints Authenticate the device to the network and then the user to the device reduces attack risk (fewer times through the net) Distribute assurance/trust function across software and hardware (increases difficulty to attacker significantly) Trusted computing platform architecture modifications to allow multiple sources input (including biometrics) TPM MTM chip add on to portable devices and TCN Remote software attestation Copyright John S. Baras

21 An Example Tagging Modulation Instead of multiplexing the authentication We superimpose it Embed a low power watermark Power low but enough for tag to be detected not estimated t s So s the message and t the authentication tag, t = g(s, k), so as to make message and tag appear uncorrelated Extensions to Multicarrier LTE and WiMAX Copyright John S. Baras

22 Experimental Validation Demonstrated Very Low Power Authentication is Feasible Copyright John S. Baras

23 Validated Authentication Metrics Stealth Tagged signal is indistinguishable from untagged signal at receiver Carol cannot answer the question: Does my observation contain an authentication signal? Robustness Tag is resistant to noise and interference Bob is able to authenticate Alice despite the possibility of unfavorable channel realizations or jamming Security Tag is resistant to impersonation, substitution, and removal Eve cannot influence integrity of authentication mechanism Eve is unable to gain much (any) information about the Alice s secret key 23

24 Physically Unclonable Functions (PUFs) Optical PUF Coating PUF Delay-based PUF Ring Oscillator PUF SRAM PUF Butterfly PUF 24

25 Trusted Computing Trusted Platform Module technologies (TPM, MTM, TCN) A secure hardware Protects the integrity and confidentiality of data with hardware support Performs integrity measurements and reports them, thus attesting for the software running in the device Provides a way to Understand the state of the platform, Evaluate the state Make a decision if the platform is appropriate for the task Source: TCG Architecture Overview, 25

26 TPM Key Hierarchy Copyright John S. Baras

27 Biometric Information Biometrics physiological and behavioral traits for identifying individuals authentication of people to systems convenience systems available and affordable Problems with the biometric information low level of secrecy can be counterfeited not easily changeable and cannot be revoked inexact, noisy Challenge: Even when biometric information is public we can use it to create extremely strong security! Copyright John S. Baras

28 Local Biometric Authentication User to device The device is a property of the user The biometric information is kept only in the device is locked into the device The device becomes an extension of the user No or little change of the infrastructure Relaxes the assumptions about user s trustworthiness Gains user s confidence perceptually and psychologically Challenge: Establish and demonstrate locally secure biometrics through sensor fingerprinting Copyright John S. Baras

29 Challenges Portable devices authentication in unsupervised environments portable devices are easily stolen and thus a physical attack on them is possible Attacks Device Fingerprint scanner malicious replacement of the authentic scanner replay of a stolen image of the authentic fingerprint Copyright John S. Baras

30 The Key Idea -- Hidden in the Valleys 30 Copyright John S. Baras 2013

31 Applications and Implementation Bipartite authentication biometric authentication and scanner authentication bipartite enrolment and verification Applications bind user and device device authentication/identification source of randomness Implementation demos for both the area and the swipe capacitive scanners of AuthenTec (now Apple) 31

32 Security Integration on the Portable Device The TPM/MTM is incorporated in the device Portable device Fingerprint sensor TPM Biometric information protected in the TPM or stored in the device but encrypted with keys that are managed by the TPM Hardened security encourages the use of the device Challenges: (a) How to use informative time varying pieces of the biometric (b) Develop anti-spoofing techniques using the sensor signature (c) System integration and validation of the various fingerprints and physical layer techniques (d) Proof methods that security is improved Information theoretic methods Copyright John S. Baras

33 Secure Neighborhood Discovery Nodes require awareness of immediate neighborhood for collaborative process e.g.: routing, sensing General approach Send HELLO packets Determine neighborhood based on REPLY packet identity Requirements All nodes that claim to be neighbors are truly one hop away All nodes one hop away have been discovered 33

34 Neighborhood Discovery -- Adversarial Scenario Typical Case Neighbor list = {A, B, C} B REP B HELLO HELLO HELLO A REP A C REP C HELLO HELLO D E F Adversarial Case Neighbor list = {A, B, C, D, E, F} B REP B HELLO HELLO HELLO A REP A C REP C HELLO X REP D, REP E, REP F D HELLO REP D HELLO X REP E HELLO REP F F E Copyright John S. Baras

35 The Problem Adversary advantage Quickly become part of several routes - routing algorithms prefer low hop count paths - AODV, DSR Simple capabilities required. Restricted to small part of network Traditional crypto doesn t work for defense In simple forwarding case, no violation of cryptographic primitives Existing methodologies Detect deviations from ideal architecture network approach Few device identification based techniques RF signatures We consider looking at point-to-point links Detect deviation from normal behavior in point to point communication Physical layer approach, use channel between the nodes Implicit pinpointing of the adversarial node Copyright John S. Baras

36 Approach Our Solution Tag REPLY messages with a low power watermark Receiver verifies the watermark with identity claimed Watermark corrupted in adversarial case Non adversarial case Node A - Transmit watermarked REPLY Node B - Decode message - Generate expected watermark - Verify: PASS Node A - Transmit watermarked REPLY Adversarial case Node B - Decode message - Generate expected watermark - Verify: FAIL (noise characteristics) Adversary - Cannot decode watermark - Use amplify and forward strategy to retransmit the watermark - Message can be either cleaned up or retransmitted with amplification Copyright John S. Baras

37 Using Multiple Blocks Single packet authentication not a reliable metric to differentiate noise statistics Use multiple packets Simulation result of the probability of accepting the node as authentic as a function of number of observed packets (N0 fixed to 65% of Nauth) Copyright John S. Baras

38 Wormhole Attack Adversarial tunnels in an ad-hoc wireless network MANET and static sensor networks Dangerous even when restricted to small location Routing algorithms like low hop count paths - AODV, DSR Quickly become part of lots of routes Traditional crypto doesn t work for defense In simple case, no violation of cryptographic primitive Copyright John S. Baras

39 Overview of Approach Existing methodologies use the so called network approach Model an ideal network architecture Detect deviations to architecture Few device identification based techniques RF Signatures Advantage in looking at point-to-point links Detect deviation from normal behavior in point to point communication Physical layer approach, use channel between the nodes Implicit pinpointing of the adversarial node 39

40 Our Results Developed a robust scheme for detection of a wormhole relay Incurs little processing and power overhead, which is critical for wireless devices Can be implemented on existing hardware, without much change to the protocol stack Utilizes a physical layer watermark, independent of higher layer schemes Can be used in conjunction with previously defined methods for enhanced security Even for as few as 100 blocks, the probability of correctly identifying a wormhole is close to 1 Copyright John S. Baras

41 Extracting Secret Bits from Wireless Channel Utilize 2 properties of the wireless channel Channel between 2 nodes is symmetric Channels from 1 node to 2 sufficiently separated nodes are independent Bits generated from the channel between A and B are secret to the adversary Can use magnitude or phase of the channel to generate bit Measure the channel Quantize the measurement according to some thresholds Traditionally used in key distribution problem Copyright John S. Baras

42 Security Scheme Measure channel x i and y i high correlation x i(adv) and y i(adv) low correlation Two schemes Trust metric One-shot secure neighborhood discovery Copyright John S. Baras

43 Performance Analysis Bit extraction using magnitude Bit stream generation using magnitude of the estimated channel state (a) (b) Copyright John S. Baras

44 Performance Analysis Bit extraction using phase Bit stream generation using phase of the estimated channel state (a) (b) Copyright John S. Baras

45 Performance Analysis Using RSSI recordings from IRIS motes Copyright John S. Baras

46 Location Privacy in GSM and LTE? Privacy of users in cellular networks is traditionally protected by the use of temporary IDs Recently was shown that the GSM paging system leaks information about user s location [Kune et al 2012] We showed that the LTE paging system suffers the same vulnerability We developed a signal processing technique to protect user s privacy in the LTE paging system Copyright John S. Baras

47 LTE Paging System LTE paging procedure is similar to GSM, but paging channel is not assigned dedicated time-frequency resource, i.e. it is logical instead of physical. A paging indicator (PDCCH) is sent in the control region, signifying the location of paging records (PDSCH) in the data region An idle UE wakes up at predetermined intervals to check for the paging indicator If found, UE decodes data region to obtain paging records, looks for its IMSI or S-TMSI in the records If found, UE requests radio resource from BS with the strongest signal strength There is no confidentiality protection for paging indicator and paging records, thus an attacker can obtain paged IMSI or S-TMSI and perform the same location attack Copyright John S. Baras

48 Tag Detection Probability Copyright John S. Baras

49 Attacker Received Constellation Copyright John S. Baras

50 Networks and Trust Trust and reputation critical for collaboration Characteristics of trust relations: Integrative (Parsons1937) main source of social order Reduction of complexity without it bureaucracy and transaction complexity increases (Luhmann 1988) Trust as a lubricant for cooperation (Arrow 1974) rational choice theory Social Webs, Economic Webs MySpace, Facebook, Windows Live Spaces, Flickr, Classmates Online, Orkut, Yahoo! Groups, MSN Groups e-commerce, e-xyz, services and service composition Reputation and recommender systems Copyright John S. Baras

51 Indirect Network Trust User 8 asks for access to User 1 s files. User 1 and User 8 have no previous interaction What should User 1 do? 4 6 Use transitivity of trust (i.e. use references to compute indirect trust) 5 8 Copyright John S. Baras

52 Semirings-Examples Shortest Path Problem Semiring: is + and computes total path delay is and picks shortest path Bottleneck Problem Semiring: is and computes path bandwidth is and picks highest bandwidth Copyright John S. Baras

53 Trust Semiring Properties: Partial Order Combined along-a-path weight should not increase : a b Combined across-paths weight should not decrease : a b Copyright John S. Baras

54 Path interpretation Computing Indirect Trust Linear system interpretation t = t w i j i k k j User k t = W t b n n 1 Treat as a linear system We are looking for its steady state. Indicator vector of pretrusted nodes Copyright John S. Baras

55 Trust Path Semiring 0 trust, confidence 1 is is Copyright John Baras

56 Attacks to Indirect Trust Remember: Remote Access Control User 8 wants but may not deserve access. ATTACK the trust computation! Aim: Increase t 1 8 to a level that would grant access. How? Edge attack: change opinion on an edge (trick a node into forming false opinion) Node attack: change any opinion emanating from a node (gain complete control of a node) Copyright John Baras

57 Game Theory for Attacks Model: Combined x-node, y-edge attack Given: topology, weights and semiring What is the maximum damage can cause? Which nodes/edges are more likely to be attacked? (these will need extra protection) Given: topology and semiring Designer chooses weights secretly from attacker to Minimize the Maximum damage the attacker can cause. Copyright John Baras

58 Direct Trust Direct trust is based on past interactions between A, B. It is A s belief about B s future behavior. User i of type C t i {Good, Bad} action a i {C,D}, i=1, N receives payoff R i =R(a i,a Γ(i),t i ) 1 3 D maximize his own payoff (local behavior) 2 C D C 4 C 6 5 D Only C-C links become active Copyright John S. Baras =R(a 4,a 5,a 6,a 7,a 8 ) C 8 58

59 Direct Trust: Games Payoff is decomposed as sum of pairwise payoffs along each link: C 4 C 7 D 6 D 5 8 C Copyright John S. Baras

60 Distributed Kalman Filtering and Tracking: Performance Improvements from Trusted Core Realistic sensor networks: Normal nodes, faulty or corrupted nodes, malicious nodes Hierarchical scheme provide global trust on a particular context without requiring direct trust on the same context between all agents Combine techniques from fusion centric, collaborative filtering, estimation propagation Trusted Core Trust Particles, higher security, additional sensing capabilities, broader observation of the system, confidentiality and integrity, multipath comms Every sensor can communicate with one or more trust particles at a cost Copyright John S. Baras

61 Trust and Induced Graphs Trust relation Induced Graph G (V, A) Weighted Directed Dynamic Trust Graph G t (V, A t ) Vtc V w(, i j) = ((, c i j), t(, i j)[ n]) Copyright John S. Baras

62 Goals of Trusted System 1. All the sensors which abide by the protocols of sensing and message passing, should be able to track the trajectories. 2. This implies that those nodes which have poor sensing capabilities, nodes with corrupted sensors, should be aided by their neighbors in tracking. 3. Those nodes which are malicious and pass false estimates, should be quickly detected by the trust mechanism and their estimates should be discarded. xn [ + 1] = Axn [ ] + Bwn [ ] z[ n] = H[ nxn ] [ ] + v[ n] i i i z = H [ nxn ] [ ] + v [ n] tc tc tc Copyright John S. Baras

63 Trusted DKF Performance Open Loop Performance Closed Loop Performance Copyright John S. Baras 2012 Trust System Performance 63

64 Power Grid Cyber-security Inter-area oscillations (modes) Associated with large inter-connected power networks between clusters of generators Critical in system stability Requiring on-line observation and control Automatic estimation of modes Using currents, voltages and angle differences measured by PMUs (Power Management Units) that are distributed throughout the power system Copyright John S. Baras

65 Distributed Estimation GPS Satellite PMU PMU PMU N multiple recording sites (PMUs) to measure the output signals To compute an accurate estimate of the state x (k), using: local measurements y j (k); information received from the PMUs in its communication neighborhood; confidence in the information received from other PMUs provided by the trust model Copyright John S. Baras

66 Problem Formulation We assume that some agents can become faulty or under the control of non-authorized entities that can cause the respective agents to spread false data on the power grid to the other agents. Our goal is to propose a strategy aimed at limiting the effect of false data injection on the state estimate computation, based on the notion of trust. Copyright John S. Baras

67 Trust Model To each information flow (link) j i, we attach a positive value T ij, which represents the trust PMU i has in the information received from PMU j ; Trust interpretation: Accuracy Reliability Goal: Each PMU has to compute accurate estimates of the state, by intelligently combining the measurements and the information from neighboring PMUs Copyright John S. Baras

68 Trust-based Multi-agent State Estimation Does not require global information about the power grid topology Ensures greater robustness in computing the state estimate Main idea: pick the weights w ij to be trust dependent Copyright John S. Baras

69 3-generators, 9-bus system: Numerical Example Copyright John S. Baras

70 Numerical Example (cont.) PMU network: Compromised node Copyright John S. Baras

71 Numerical Example (cont.) Estimates of the voltage at bus 1 using Algorithm 1, with agent 8 injecting false data Copyright John S. Baras

72 Numerical Example (cont.) Estimates of the voltage at bus 1 using Algorithm 3, with agent 8 injecting false data Copyright John S. Baras

73 Numerical Example (cont.) The evolution of agent 4 s weights Copyright John S. Baras

74 Multiple Semirings Motivation: MANET with SSN Routing Implementation options/ issues: Low power stations to perform monitoring and trust updates Locate at pre-trusted nodes Location/coverage every MANET node within range of a Sentinel Station Work with Local Trust Our focus: Distributed algorithms to solve the trusted routing problem SSN disseminates trust information only to local neighborhoods inexpensive, easy implementation Copyright John S. Baras

75 Path problems on Graphs Delay and Trust Semirings i (d(i,j), t(i,j)) j min d( p) = min dij (, ) p P SD p P SD (, i j) p f : P SD 2 f( p) = ( d( p), t( p)), p P SD ( ) ( ) max t( p) = max min ti (, j) = min max( ti (, j)) p P p P (, i j) p p P (, i j) p SD SD Delay Semiring : ( R {0}, min, + ) + Trust Semiring : ( R {0}, min, max) + SD Notions of Optimality: Pareto, Lexicographic, Max-Ordering, Approximation Semirings Copyright John S. Baras

76 Trust Aware Routing Multi-Criteria Optimization Problem Delay of a path p d( p) = dij (, ) (, i j) p j 1 j 2 Bi-metric Network j 3 Trust of a path p bottleneck trust j 7 J 6 i j 4 t( p) = min ti (, j) (, i j) p j 5 Copyright John S. Baras

77 Trust Aware Routing MCOP How to build routing tables based on these metrics? The two metrics are not trivially comparable MCOP P f X θ R : (,, )/ /(, ) SD Q Copyright John S. Baras

78 Pareto Optimal Paths Edge Exclusion Algorithm i t(i,j) j Edge exclusion From G(V,E), remove all the edges whose t(i,j) > ε to obtain a graph G (ε) G (ε) contains paths which have all t(i,j) ε We can also show that G has all paths in G which have t(i,j) ε and only those Copyright John S. Baras

79 Haimes Method Two Stage Recipe G (V,E) Source 1. G reduced graph O( E ) 2. G SP SP on reduced graph O( V. E ) Copyright John S. Baras

80 What is a Network? In several fields or contexts: social economic communication control sensor biological physics and materials Copyright John S. Baras

81 Networked Systems Infrastructure / Communication Networks Social / Economic Networtks Biological Networks Internet / WWW MANET Sensor Nets Robotic Nets Hybrid Nets: Comm, Sensor, Robotic and Human Nets Social Interactions Collaboration Social Filtering Economic Alliances Web-based social systems Community Epiddemic Cellular and Sub-cellular Neural Insects Animal Flocks Copyright John S. Baras

82 A Network is A collection of nodes, agents, that collaborate to accomplish actions, gains, that cannot be accomplished with out such collaboration Most significant concept for autonomic networks Copyright John S. Baras

83 The Fundamental Trade-off The nodes gain from collaborating But collaboration has costs (e.g. communications) Trade-off: gain from collaboration vs cost of collaboration Vector metrics involved typically Constrained Coalitional Games Example 1: Network Formation -- Effects on Topology Example 2: Collaborative robotics, communications Example 3: Web-based social networks and services Example 4: Groups of cancer tumor or virus cells Copyright John S. Baras

84 Gain Each node potentially offers benefits V per time unit to other nodes: e.g. V is the number of bits per time unit. Potential benefit V is reduced during transmissions due to transmission failures and delay Jackson-Wolingsky connections model, gain of node i r ij w ( G) i = r Vδ 1 ij j g is # of hops in the shortest path between i and j r = if there is no path between i and j ij 0 δ 1 is the communication depreciation rate Copyright John S. Baras

85 Cost Activating links is costly Example cost is the energy consumption for sending data Like wireless propagation model, cost c ij of link ij as a function of link length d ij : P is a parameter depending on the transmission/receiver antenna gain and the system loss not related to propagation α c ij = Pd α ij is path loss exponent -- depends on specific propagation environment. Copyright John S. Baras

86 Pairwise Game and Convergence Payoff of node i from the network is defined as Iterated process v ( G) = gain cost = w ( G) c ( G) i i i Node pair ij is selected with probability p ij If link ij is already in the network, the decision is whether to sever it, and otherwise the decision is whether to activate the link The nodes act myopically, activating the link if it makes each at least as well off and one strictly better off, and deleting the link if it makes either player better off End: if after some time, no additional links are formed or severed With random mutations, the game converges to a unique Pareto equilibrium (underlying Markov chain states ) G Copyright John S. Baras

87 Coalition Formation at the Stable State The cost depends on the physical locations of nodes Random network where nodes are placed according to a uniform Poisson point process on the [0,1] x [0,1] square. Theorem: The coalition formation at the stable state for n lnn δ = 0, V = P n Given is a sharp threshold for establishing the grand coalition ( number of coalitions = 1). α 2 For, the threshold is less than 0< δ 1 lnn P n α 2. n = 20 Copyright John S. Baras

88 Topologies Formed Copyright John S. Baras

89 Trust and Collaborative Control/Operation An example of constrained coalitional games Two linked dynamics Trust / Reputation propagation and collaborative control evolution Integrating network utility maximization (NUM) with constraint based reasoning and coalitional games Beyond linear algebra and weights, semirings of constraints, constraint programming, soft constraints semirings, policies, agents Learning on graphs and network dynamic games: behavior, adversaries Adversarial models, attacks, constrained shortest paths, Copyright John S. Baras

90 Two Coupled Dynamics: Control and Trust Two sequences evolving with time: Vector of actions (strategies), time 1:n Set of vectors of neighbor probabilities (reputations), time 1:n Copyright John S. Baras

91 Game Evolution Strategy of node i: s ij = 1 (= -1) i cooperates (does not cooperate) with neighbor j Payoff for node i when interacting with j : x ij = J ij s ij s ji x ij > 0 (< 0) positive link (negative link) Node selfishness cooperate with neighbors on positive links Strategy updates: node i chooses s ij = 1 only if all of the following are satisfied: Neighbor j is trusted x ij > 0, or the cumulative payoff of i is less than the case when it unconditionally conducts s ij = 1. Trust evaluation: The deterministic voting rule s { 1, 1}, j N ij Reestablishing period τ : once a node is not trusted, in order to reestablish trust it has to cooperate for τ consecutive time steps i Copyright John S. Baras

92 Results of Game Evolution Theorem: i N and x = J j Ni for a reestablishing period τ > τ 0 i i ij terated game converges to Nash equilibrium;, there exists τ 0, such that In the Nash equilibrium, all nodes cooperate with all their neighbors. Compare games with (without) trust mechanism, strategy update: Percentage of cooperating pairs vs negative links Average payoffs vs negative links Copyright John S. Baras

93 Composite Trust: Value Directed Graphs Social/Cognitive Information Comms I w kl S j: w j S w ij : I k: w l: w l I k C m: w m C w mn i w i C n: w n S Value directed multigraphs with weighted nodes Inspired by advanced dynamic network models and trust research in social networks Directed graphs with weights on their links and nodes Weights represent trust metrics on both links and nodes Copyright John S. Baras

94 Example A two-level graphs with trust weights Information semiring is <W I, max, min, 0, 1> Communication semiring is <W C, max, min, 0, 1> Trust semiring is TS=<W I W C, + trust, trust, 0, 1> Copyright John S. Baras

95 Example (cont.) Two different set of constraint preferences Information preferred Communication preferred Copyright John S. Baras

96 Example (cont.) This specific trust SCSP has a distributed solution where the following algorithm is carried out at every node in the network Algorithm: represents the evaluated trust to target D via a chain of n direct trust relations = + trust Copyright John S. Baras

97 Composable Security Courtesy: K. Fisher (DARPA) 97

98 Component-base Networks and Composable Security Executable Models Formal Models Universally Composable Security of Network Protocols: Network with many agents running autonomously. Agents execute in mostly asynchronous manner, concurrenty several protocols many times. Protocols may or may have not been jointly designed, may or not be all secure or secure to same degree. Performance Models Studying compositionality is necessary! Copyright John S. Baras 2012 Key question addressed : Under what conditions can the composition of these protocols be provably secure? Investigate time and resource requirements for achieving this 98

99 Universally Composable Security (UCS) Results todate (Canetti, Lindell, ) : When there is a clear majority of well behaving nodes (i.e.2/3) almost any functionality is secure under UCS When there is no clear majority then UCS is impossible to achieve unless there are pre-conditions typically some short of trust mechanism Introducing special structure in the network (e.g. overlay structure, small subset of absolutely trusted nodes) helps substantially in establishing UCS, even without preconditions Many applications: military networks, health care networks, sensor networks, SCADA and energy cyber networks The challenge and the hope: Use tamper proof hardware (physical layer schemes, TPM etc. ) even on a small subset of nodes to provably (validation) establish UCS role of fingerprints and physical layer techniques. Establish it and demonstrate it? Copyright John S. Baras

100 Thank you! Questions? 100