1 / 21

Security and privacy in the age of software controlled surroundings

Security and privacy in the age of software controlled surroundings. Prashanth Mohan David Culler. What are your expectations of privacy and security when you are in a shared space?. Changing the way we interact. In a personalized world. A living and breathing surrounding.

yon
Download Presentation

Security and privacy in the age of software controlled surroundings

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security and privacy in the age of software controlled surroundings Prashanth Mohan David Culler

  2. What are your expectations of privacy and security when you are in a shared space?

  3. Changing the way we interact

  4. In a personalized world

  5. A living and breathing surrounding

  6. No more key chains or key cards

  7. How can we ensure sandboxed data analysis? How can we restrictmixing of data? Data VisualizationApps Data LearningApps How can we understand arbitrary data types? Data Platform (BOSS) Digital Security Physical Security How can we ensure the reliability of control data? How can we improve the integrity of data sources? Control Data Data Sources

  8. Enforcing end-to-end user policies • Mobad- How can we maximize benefit while analyzing data locally (for privacy)? • Rubicon - Can we reuse existing software systems while still obtaining privacy guarantees? • Gupt - How can we mine data without divulging the privacy of individuals?

  9. Many open privacy questions Can we describe privacy in higher level constructs?? Who has access to what data? Is the building a natural boundary for data? How do we make sense of the wide variety of data sources?

  10. Security of building networks

  11. Static Analysis Techniques Code Instrumentation Dynamic Analysis using Input Replay

  12. Brainstorm: Ensuring security • Secure the networks! • Understand the state machine of the building – “control transactions” limit bad states • How can we apply the principle of least privilege for apps on BOSS? • Software security at the firmware layer

  13. Thank You Prashanth Mohan https://www.cs.berkeley.edu/~prmohan prmohan@cs.berkeley.edu

  14. Backup

  15. Topics for discussion • When you enter a public building, what are your privacy and security expectations? • How expensive should attacks become in order to limit malicious behavior? • Is privacy a lost cause? • How much of these problems can be solved with appropriate regulation?

  16. Research Progress Cloud Data Privacy: IEEESP13*, SIGMOD12 Client Device Web Application User data Machine Learning Multiple users’ data Processeddata Learning Models Client Data Privacy: EuroSys13, HotSec12, MobiSys10

  17. Functional Blocks User Authentication Template Processor ACL Checking Isolated Containers Integrity Checking Easy drop-in solution for existing 3-tier programs Image source: Wikipedia

  18. End Users ACL changes TLS Proxy TLS Proxy ACL Store Controller ApplicationLayer FriendShare DeDup EtherPad StorageLayer K/V Proxy FS Proxy Storage IPTables Linux Kernel Secure Block Device TPMChip (Remote Attestation)

  19. Differential Privacy Privacy budget Neighbors: two datasets differing in exactly one entry Any measurable set Randomized algorithm Function Sensitivity

  20. Differentially Private Answer Computation Web Frontend Noise Generator Data Set Manager Computation Manager 1. Data Set2. Data Parser3. Privacy ↵Budget (ε) Auditing 1. Computation2. [Bounds Estimator] Comp Mgr XML RPC Layer Isolated Execution Chambers Isolated Execution Chambers Isolated Execution Chambers Untrusted Computation

More Related