Panel presentation future practices for protecting your digital assets
Download
1 / 10

Panel Presentation: Future Practices for Protecting Your Digital Assets - PowerPoint PPT Presentation


  • 294 Views
  • Uploaded on

Panel Presentation: (Future) Practices for Protecting Your Digital Assets. Prof. Gene Tsudik Associate Dean of Research & Graduate Studies Donald Bren School of Information & Computer Sciences University of California, Irvine [email protected] http://sconce.ics.uci.edu. (my) Research.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Panel Presentation: Future Practices for Protecting Your Digital Assets ' - Melvin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Panel presentation future practices for protecting your digital assets l.jpg

Panel Presentation: (Future) Practices for Protecting Your Digital Assets

Prof. Gene Tsudik

Associate Dean of Research & Graduate Studies

Donald Bren School of Information & Computer Sciences

University of California, Irvine

[email protected]://sconce.ics.uci.edu


My research l.jpg
(my) Research Digital Assets

  • Group security

    • Membership control, key management

  • Database Security

    • Database-as-a-Service model

    • Authenticity/Integrity in outsourced databases

    • Privacy in outsourced databases

  • Ad hoc, mobile network security

    • Key management

  • Multicast Security


Communication technologies l.jpg

Current: Digital Assets

DSL/Cable/Satellite to home / business

Ethernet or 802.11 within home / business

Emerging:

hi-bw wireless (e.g., beamed from light-pole-mounted Access Points) might replace cable & DSL/phone wires

Embryonic:

powernet/sewernet/waternet

Communication Technologies


Threats 1 l.jpg
Threats 1 Digital Assets

  • Really unsophisticated users

  • Access Point impersonation, traffic tinkering

  • Malicious Code propagation

    • Viruses, Worms, Email Bombs, Snoopers

  • SPAM

  • Phishing  ID theft

  • DoS attacks

    • trivial in wireless settings

    • not difficult with wired either


Threats 2 l.jpg
Threats 2 Digital Assets

?

  • Eavesdropping

    • clearly much easier with wireless

    • from both inside and outside the site

    • Allows anyone (e.g., voyeurs, criminals, big brother) to snoop on communication

    • Also, possible to inject “incriminating” traffic that seems like it came from the inside the site

  • Traffic Analysis – for marketing, SPAM, plain snooping, criminal (e.g., burglary) purposes

    • type, distribution, size, frequency, timing

    • host/device characteristics, # of hosts, location, types of devices, etc.


What technology is needed 1 l.jpg
What technology is needed? 1 Digital Assets

  • Secure tunneling within residential/corporate networks

    • intelligently “pad” traffic, both in space and time

    • lots of prior work on traffic analysis counter-measures

  • Secure tunneling between home and ISP

  • DoS-resistant wireless networking

  • Survivable, affordable access devices (combining multiple technologies: cable, DSL, satellite, local wireless, etc.)

  • New SPAM-fighting technologies!

  • New payment instruments


What technology is needed 2 l.jpg
What technology is needed? 2 Digital Assets

Providers need techniques to detect/inhibit subscribers who are wittingly or unwittingly "split” bandwidth, e.g., provider-supplied devices may need to police/inhibit out-of-perimeter incoming (wireless) traffic.

Would be nice if:

  • residence perimeter could be demarcated

  • sensors placed at strategic points along the perimeter

  • wireless traffic coming in from the outside could be tagged as such and purged or routed to single point: firewall? honeypot?


Slide8 l.jpg

Phishing & related fraud: Digital AssetsHow to make things better?

  • Eliminate SSNs as “confidential” identifier

  • Stop using DLs as IDs

  • Introduce National ID cards

    • Make them SMART

    • Allow tiered information release

  • Foster smart credit (and debit) cards

    • Trivial, technology already exists!

    • Credit card # changes after each use

    • Or, after a pre-set time interval

    • Or, after certain $ amount is exceeded

    • Hijacked credit card # becomes useless or of limited use

  • Promote anonymous buying/shipping


Slide9 l.jpg
SPAM Digital Assets

  • Modern-day plague

  • Email is essentially a free commodity

  • True sources are hard to trace

  • Current email model has to change!

  • Two “schools-of-thought”:

    • Change email processing at end-points

      • Make sender solve a puzzle?

      • Make sender pay for email

    • Change SMTP wholesale

      • Verify path taken by email


Dos ddos attacks l.jpg
DoS/DDoS attacks Digital Assets

  • Another plague

  • IP traffic hard to authenticate/trace

  • IP addresses trivial to spoof

  • IPSec far from being universally adopted

  • Two “schools-of-thought”:

    • Traceback (tough w/out router vendor support)

    • Application-level remedies, e.g., puzzles

      • Doesn’t work against IP or TCP-level attack traffic


ad