panel presentation future practices for protecting your digital assets
Download
Skip this Video
Download Presentation
Panel Presentation: (Future) Practices for Protecting Your Digital Assets

Loading in 2 Seconds...

play fullscreen
1 / 10

Panel Presentation: Future Practices for Protecting Your Digital Assets - PowerPoint PPT Presentation


  • 297 Views
  • Uploaded on

Panel Presentation: (Future) Practices for Protecting Your Digital Assets. Prof. Gene Tsudik Associate Dean of Research & Graduate Studies Donald Bren School of Information & Computer Sciences University of California, Irvine [email protected] http://sconce.ics.uci.edu. (my) Research.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Panel Presentation: Future Practices for Protecting Your Digital Assets ' - Melvin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
panel presentation future practices for protecting your digital assets

Panel Presentation: (Future) Practices for Protecting Your Digital Assets

Prof. Gene Tsudik

Associate Dean of Research & Graduate Studies

Donald Bren School of Information & Computer Sciences

University of California, Irvine

[email protected]://sconce.ics.uci.edu

my research
(my) Research
  • Group security
    • Membership control, key management
  • Database Security
    • Database-as-a-Service model
    • Authenticity/Integrity in outsourced databases
    • Privacy in outsourced databases
  • Ad hoc, mobile network security
    • Key management
  • Multicast Security
communication technologies
Current:

DSL/Cable/Satellite to home / business

Ethernet or 802.11 within home / business

Emerging:

hi-bw wireless (e.g., beamed from light-pole-mounted Access Points) might replace cable & DSL/phone wires

Embryonic:

powernet/sewernet/waternet

Communication Technologies
threats 1
Threats 1
  • Really unsophisticated users
  • Access Point impersonation, traffic tinkering
  • Malicious Code propagation
    • Viruses, Worms, Email Bombs, Snoopers
  • SPAM
  • Phishing  ID theft
  • DoS attacks
    • trivial in wireless settings
    • not difficult with wired either
threats 2
Threats 2

?

  • Eavesdropping
    • clearly much easier with wireless
    • from both inside and outside the site
    • Allows anyone (e.g., voyeurs, criminals, big brother) to snoop on communication
    • Also, possible to inject “incriminating” traffic that seems like it came from the inside the site
  • Traffic Analysis – for marketing, SPAM, plain snooping, criminal (e.g., burglary) purposes
    • type, distribution, size, frequency, timing
    • host/device characteristics, # of hosts, location, types of devices, etc.
what technology is needed 1
What technology is needed? 1
  • Secure tunneling within residential/corporate networks
    • intelligently “pad” traffic, both in space and time
    • lots of prior work on traffic analysis counter-measures
  • Secure tunneling between home and ISP
  • DoS-resistant wireless networking
  • Survivable, affordable access devices (combining multiple technologies: cable, DSL, satellite, local wireless, etc.)
  • New SPAM-fighting technologies!
  • New payment instruments
what technology is needed 2
What technology is needed? 2

Providers need techniques to detect/inhibit subscribers who are wittingly or unwittingly "split” bandwidth, e.g., provider-supplied devices may need to police/inhibit out-of-perimeter incoming (wireless) traffic.

Would be nice if:

  • residence perimeter could be demarcated
  • sensors placed at strategic points along the perimeter
  • wireless traffic coming in from the outside could be tagged as such and purged or routed to single point: firewall? honeypot?
slide8

Phishing & related fraud:How to make things better?

  • Eliminate SSNs as “confidential” identifier
  • Stop using DLs as IDs
  • Introduce National ID cards
    • Make them SMART
    • Allow tiered information release
  • Foster smart credit (and debit) cards
    • Trivial, technology already exists!
    • Credit card # changes after each use
    • Or, after a pre-set time interval
    • Or, after certain $ amount is exceeded
    • Hijacked credit card # becomes useless or of limited use
  • Promote anonymous buying/shipping
slide9
SPAM
  • Modern-day plague
  • Email is essentially a free commodity
  • True sources are hard to trace
  • Current email model has to change!
  • Two “schools-of-thought”:
    • Change email processing at end-points
      • Make sender solve a puzzle?
      • Make sender pay for email
    • Change SMTP wholesale
      • Verify path taken by email
dos ddos attacks
DoS/DDoS attacks
  • Another plague
  • IP traffic hard to authenticate/trace
  • IP addresses trivial to spoof
  • IPSec far from being universally adopted
  • Two “schools-of-thought”:
    • Traceback (tough w/out router vendor support)
    • Application-level remedies, e.g., puzzles
      • Doesn’t work against IP or TCP-level attack traffic
ad