1 / 10

PORTIA

PORTIA. Security Challenges for Rich-Media Educational Environments. Robert Grimm New York University. The Chasm in Medicine. Scientific knowledge Rapid advances in molecular biology Medical practice Reduced lengths-of-stay in hospitals Increased compartmentalization

mwheaton
Download Presentation

PORTIA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PORTIA Security Challenges for Rich-MediaEducational Environments Robert Grimm New York University

  2. The Chasm in Medicine • Scientific knowledge • Rapid advances in molecular biology • Medical practice • Reduced lengths-of-stay in hospitals • Increased compartmentalization • Chasm is self-widening • Specialization helps keep up with sciences, costs down • Existing solutions do not work • Outpatient care for education, PCPs for practice • Result: Ever harder to train “good” physicians

  3. Crossing the Chasm:The IRMEE Project at NYU • NYU-wide collaboration • Medicine, computer science, libraries, center for teaching excellence, center for advanced technology, IT • Goal: Integration • Across specializations • Between theory and practice • Across geographical boundaries and time • Chosen approach: Web-based rich-media environment • Provides lifelong access to educational & scientific content • Structures content along narrative lines • Fosters community of students and practitioners

  4. Prototypes in Use, Have Impact • Complemented by guided discussion on bulletin board

  5. Where Do We Go from Here? • Content • Better evaluations through script concordance tests • More modules • Authoring is labor- and resource-intensive, does not scale • Focus on exchanging content with other authors • XML schema being co-developed with University of Pittsburgh • Delivery infrastructure • Existing multi-tier architecture does not scale • We need a scalable and affordable solution • Focus for the rest of this talk, but keep IRMEE in mind

  6. Building a Scalable & AffordableImplementation Platform • Active CDN (Content Distribution Network) • Interposes on client/server interactions (DNS redirection) • Authoritative content remains on server • Caches static content • Executes application-specific scripts • For dynamic content creation as well as transformation • Why another edge-side computing platform? • Familiar programming model for web developers • As added benefit, easier to provide resource controls, security • General structured overlay: Distributed Hash Table • Easier to leverage advances in peer-to-peer technologies

  7. Integrity and Privacy Issuesfor Active CDNs • Nodes in peer-to-peer overlay generally untrusted • Though, local nodes may be trusted • Connection-oriented security (SSL) inappropriate • End-to-end negates CDN, hop-by-hop negates security • Resource-oriented security required • Servers sign or encrypt content • Trusted proxy verifies signatures, decrypts content • What about dynamically generated/transformed content? • Scripts still may execute on any node (for p2p load balancing) • But trusted proxy probabilistically verifies dynamic contentand adjusts reputation based on results

  8. What’s Missing? • Reputation-based security model • Selection of content to verify • Scoring and accumulation of results • Exchange of results • Centralized blacklists vs. web of trust • HTTP extensions for resource-based security • Beware of interaction with caching • E.g., sign only headers but not body, include hash of body • Experiences from real deployment • On the Wild Wild Web, surprising things may happen • E.g., see Pai et al., The Dark Side of the Web, HotNets ‘03

  9. The Larger Issue • Securely placing functionality (computations & storage) on untrusted nodes placed between clients and servers

  10. http://www.cs.nyu.edu/rgrimm/

More Related