1 / 41

Security and Trust

Security and Trust. By Troy Lee. Overview. Security Design Principles Architectural Access Control Access Control Models Connector-centric Architectural Access Control Distributed Security Protection Against Piracy Trust Management Trust Trust Model Reputation-Based Systems

Download Presentation

Security and Trust

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Security and Trust By Troy Lee

  2. Overview • Security • Design Principles • Architectural Access Control • Access Control Models • Connector-centric Architectural Access Control • Distributed Security • Protection Against Piracy • Trust Management • Trust • Trust Model • Reputation-Based Systems • Architectural Approach to Decentralized Trust Management

  3. Computer Security • “The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications).” – National Institute of Standards and Technology

  4. 3 Main Aspects • Confidentiality (aka Secrecy) • Integrity • Availability

  5. Confidentiality • Preventingunauthorized parties from accessing the information or perhaps even being aware of the existence of the information

  6. Cryptography • Equations • Cipher = Encryption Function(Encryption_Key, ClearText) • ClearText = Decryption Function(Decryption_Key, Cipher) • 2 Forms • Shared-Key Cryptography • Public-Key Cryptography • Best Practices • Evaluate Performance, Architecture, and Security Requirements • Choose a Suitable Public Algorithm • Use Frequently Changing Keys as the Primary Secrecy Mechanism

  7. Integrity • Only authorized parties can manipulate the information and do so only in authorized ways

  8. Availability • Accessible by authorized parties on all appropriateoccasions

  9. Design Principles • Least Privilege • Fail-Safe Defaults • Economy of Mechanism • Complete Mediation • Open Design • Separation of Privilege • Least Common Mechanism • Psychological Acceptability • Defense in Depth

  10. Defense in Depth

  11. Architectural Access Control • Access Control Models • Connector-Centric Architectural Access Control

  12. Access Control Models • Classic Discretionary Access Control • Role-Based Access Control • Mandatory Access Control

  13. Connector-Centric Architectural Access Control • Basic Concepts • Central Role of Architectural Connectors • Algorithm to Check Architectural Access Control • Integrating Security in ASTER

  14. Basic Concepts • Subject • Principal • Resource • Permission • Privilege • Safeguard

  15. Central Role of Architectural Connectors • Components • Connectors • Secure Architecture Description Language

  16. Secure xADL

  17. Algorithm to Check Architectural Access Control

  18. Secure Cooperation

  19. Firefox

  20. Integrating Security in ASTER

  21. Distributed Security

  22. Protection Against Piracy • Goals • Raise Cost of Breaking Protection Mechanism • Increase Probability of Being Caught • Discourage Attempts at Piracy • Technologies • Hardware and Software Tokens • Water Marking • Code Partitioning

  23. Trust Management • Trust • Trust Model • Reputation-Based Systems • Architectural Approach to Decentralized Trust Management

  24. Trust • “A particular level of the subjective probability with which an agent assesses that another agent or group of agents will perform a particular action, both before he can monitor such action (or independently of his capacity ever to be able to monitor it) and in a context in which it affects his own action” – Diego Gambetta

  25. Trust Model • Describes the trust information that is used to establish trust relationships, how that trust information is obtained, how that trust information is combined to determine trustworthiness, and how that trust information is modified in response to personal and reported experiences

  26. Reputation-Based Systems • Types • Decentralized • Centralized • Examples • Ebay • XREP

  27. XREP • Phase 1 – Resource Searching • Phase 2 – Resource Selection and Vote Polling • Phase 3 – Vote Evaluation • Phase 4 – Best Servent Check • Phase 5 – Resource Downloading

  28. Phase 1

  29. Phase 2

  30. Phase 3

  31. Phase 4

  32. Phase 5

  33. Architectural Approach to Decentralized Trust Management • Threats • Measures to Address Threats • Guidelines to Incorporate into an Architectural Style • Resultant Architectural Style • PACE Architectural Style • PACE-Based Trust-Enabled Decentralized File-Sharing App

  34. Threats • Impersonation • Fraudulent Actions • Misrepresentation • Collusion • Denial of Service • Addition of Unknowns • Deciding Whom to Trust • Out-of-Band Knowledge

  35. Measures to Address Threats • Use of Authentication • Separation of Internal Beliefs and Externally Reported Information • Making Trust Relationships Explicit • Comparable Trust

  36. Guidelines to Incorporate into an Architectural Style • Digital Identities • Separation of Internal and External Data • Making Trust Visible • Expression of Trust

  37. Resultant Architectural Style • Functional Units • Communication • Information • Trust • Application

  38. PACE Architectural Style

  39. PACE-Based Trust-Enabled Decentralized File-Sharing App

  40. Summary • Security • Design Principles • Architectural Access Control • Access Control Models • Connector-centric Architectural Access Control • Protection Against Piracy • Trust Management • Trust • Trust Model • Reputation-Based Systems • Architectural Approach to Decentralized Trust Management

  41. References • Bidan, C., and V. Issarny. Security Benefits from Software Architecture. Web. 7 Apr. 2012. <http://www.springerlink.com/content/87378446049q1783/fulltext.pdf>. • Devanbu, Premkumar T., and Stuart Stubblebine. Software Engineering for Security: A Roadmap. 2000. Web. 7 Apr. 2012. <http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.23.1303>. • Nagaratnam, Nataraj, Philippe Janson, John Dayka, Anthony Nadalin, Frank Siebenlist, Von Welch, Ian Foster, and Steve Tuecke. The Security Architecture for Open Grid Services. 17 July 2002. Web. 7 Apr. 2012. <ftp://ftp.cigs.unimo.it/pub/OGSA-SecArch-v1-07192002.pdf>. • Taylor, Richard N., NenadMedvidovic, and Eric M. Dashofy. Software Architecture: Foundations, Theory, and Practice. Hoboken, NJ: Wiley, 2010. Print.

More Related