security and privacy in the age of software controlled surroundings
DESCRIPTION
Security and privacy in the age of software controlled surroundings. Prashanth Mohan David Culler. What are your expectations of privacy and security when you are in a shared space?. Changing the way we interact. In a personalized world. A living and breathing surrounding. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/1.jpg)
Security and privacy in the age of software controlled surroundings
Prashanth MohanDavid Culler
![Page 2: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/2.jpg)
What are your expectations of privacy and security when you
are in a shared space?
![Page 3: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/3.jpg)
Changing the way we interact
![Page 4: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/4.jpg)
![Page 5: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/5.jpg)
In a personalized world
![Page 6: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/6.jpg)
A living and breathing surrounding
![Page 7: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/7.jpg)
No more key chains or key cards
![Page 8: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/8.jpg)
Digital Security
Physical SecurityData Platform (BOSS)
Data VisualizationApps
Data Sources Control Data
Data LearningApps
How can we ensure sandboxed data analysis?
How can we restrictmixing of data?
How can we understand
arbitrary data types?
How can we ensure the
reliability of control data?
How can we improve the integrity of
data sources?
![Page 9: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/9.jpg)
Enforcing end-to-end user policies
• Mobad - How can we maximize benefit while analyzing data locally (for privacy)?
• Rubicon - Can we reuse existing software systems while still obtaining privacy guarantees?
• Gupt - How can we mine data without divulging the privacy of individuals?
![Page 10: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/10.jpg)
Many open privacy questionsCan we describe privacy in higher level constructs??
How do we make sense of the wide variety of data sources?
Who has access to what data?
Is the building a natural boundary for data?
![Page 11: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/11.jpg)
Security of building networks
![Page 12: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/12.jpg)
Static Analysis Techniques
Code Instrumentation
Dynamic Analysis using Input Replay
![Page 13: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/13.jpg)
Brainstorm: Ensuring security
• Secure the networks!• Understand the state machine of the building
– “control transactions” limit bad states• How can we apply the principle of least
privilege for apps on BOSS?• Software security at the firmware layer
![Page 15: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/15.jpg)
Backup
![Page 16: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/16.jpg)
Topics for discussion
• When you enter a public building, what are your privacy and security expectations?
• How expensive should attacks become in order to limit malicious behavior?
• Is privacy a lost cause?• How much of these problems can be solved
with appropriate regulation?
![Page 17: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/17.jpg)
17
User data
Processeddata
Research Progress
Client Device Web Application
Multiple users’ data
Learning Models
Machine Learning
Client Data Privacy: EuroSys13, HotSec12, MobiSys10
Cloud Data Privacy: IEEESP13*, SIGMOD12
![Page 18: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/18.jpg)
18
Functional Blocks
Integrity Checking
ACL Checking
User Authentication
Image source: Wikipedia
Template Processor
Isolated Containers
Easy drop-in solution for existing 3-tier programs
![Page 19: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/19.jpg)
19
TLS Proxy TLS Proxy
Secure Block DeviceStorage
TPM Chip (Remote Attestation)
Linux KernelIPTables
Cont
rolle
r
ACL Store
ACL changes
EtherPad
FriendShare
ApplicationLayer
K/V Proxy FS Proxy
DeDupStorageLayer
End Users
![Page 20: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/20.jpg)
20
Differential PrivacyPrivacy budget
Randomized algorithm Any measurable setNeighbors: two datasets
differing in exactly one entry
Function Sensitivity
dfLapDfDA
)()(
![Page 21: Security and privacy in the age of software controlled surroundings](https://reader035.vdocuments.net/reader035/viewer/2022062400/56816931550346895de07fe8/html5/thumbnails/21.jpg)
Web Frontend
Data Set Manager
1. Data Set2. Data Parser3. Privacy ↵Budget (ε)
Isolated Execution Chambers
Isolated Execution Chambers
Isolated Execution Chambers
Computation Manager
Untrusted Computation
Comp Mgr XML RPC Layer
Computation Differentially Private Answer
Noise Generator
1. Computation2. [Bounds Estimator]
Auditing