180 likes | 317 Views
DIRC PA6: Security and Privacy in Computer-Based Systems. Peter Ryan School of Computing Science University of Newcastle Peter.Ryan@ncl.ac.uk. DIRC. Dependability Interdisciplinary Research Collaboration. 6 year project, 5 institutions: Newcastle Edinburgh City, London York Lancaster
E N D
DIRC PA6:Security and Privacy in Computer-Based Systems Peter Ryan School of Computing Science University of Newcastle Peter.Ryan@ncl.ac.uk
DIRC • Dependability Interdisciplinary Research Collaboration. • 6 year project, 5 institutions: • Newcastle • Edinburgh • City, London • York • Lancaster • www.dirc.org
DIRC • Take account of the socio-technical as well as technical factors influencing dependability. • Computer scientists, psychologists, sociologists, ethnographers… • 9 Project Activities, 6=Security. • 5 themes: structure, diversity, timeliness, responsibility, risk.
PA6: Security • Security is an essential aspect of dependable, computer-based systems. • Many systems have top-level security requirements (e.g. medical informatics). • Others have to deal with security threats in order to dependably deliver their requirements (e.g. ATC). • Recognition of the vulnerability of critical infrastructures makes this work particularly timely.
Background • Hitherto, research in information assurance has tended to: • concentrate on technical failures and counter-measures. • aim for “Absolute” security and assume prevention mechanisms are enough. • Security policies have mainly been about (binary) information flows, MLS, MAC etc.
DIRC/PA6 Approach • Recognise that: • Most security failures are due to, or at least facilitated by, human failures. • Security policies require a mix of technical and socio-technical enforcement mechanisms. • Systems will have vulnerabilities and intrusions will occur. Hence need a mix of prevention, containment, detection and recovery. • Need to deal with exceptions. • Need richer classes of policies, e.g. privacy. • Need to deal with evolving systems, requirements and threats. • Need measures of system robustness in the face of malicious threats.
Objectives • Characterise security and privacy requirements in computer-based systems. • Characterise socio-technical threats and vulnerabilities. • Explore the theoretical and practical boundary between technical and socio-technical enforcement mechanisms. • Develop models, techniques and tools to support design and assessment w.r.t. security requirements and threats. Trade-offs. • Investigate the role of structure and diversity. • Understand the role of intrusion detection and diagnosis.
Objective 2 • Characterise the behaviours and failure modes of humans interacting with the system: • Users • Security officers • White hats, grey hats, hackers… • Insiders • Designers, implementers etc • Shaping factors (both sides): • Motivation • Competence • Rewards/losses • Complacency • Least effort • Stress • Risk perception
Case studies • Healthcare records • E-government • Financial sector • NATS • Dynamic coalitions • Distributed scientific computations (GRID).
Healthcare case study • Need to address: • Privacy (anonymity) • Integrity • Availability • Accountability • Conflicting interests of various stakeholders: • Patients • Clinicians • Researchers • Society • Administrators • Insurance • Law-enforcement
GRID Security • Excellent DIRC case study: • Strongly interdisciplinary. • “Complex, dynamic, heterogeneous user base” (B Collins). • Also complex: • Security requirements. • Threat models • Trust relationships • Is RBAC enough? • Legal and economic factors.
GRID Security • GRID is not a single well defined entity. • Many different projects with different requirements, approaches etc.
Further interdisciplinary aspects • Trust • Responsibility • Delegation • Legal aspects • Economic aspects • Exceptions • Evolving systems, requirements and threats.
FP6 ESORICS Security NoE • Facilitate and stimulate cooperation and cross-fertilisation between the principal security experts in Europe. • To address the security and privacy challenges facing e-Europe in the 21st century. • To help put Europe at the forefront research in security and privacy. • Address issues raised in, for example, the ISTAG report: security for ambient spaces etc.
ESORICS • European Symposium On Research In Computer Security. • Premier European conference on security research. • European counterpart to IEEE Security and Privacy. • Gathers together many of the key European experts in security and privacy (and some non-EU).
Peter Ryan, Newcastle UK Yves Deswarte, LAAS Fr Frederic Cuppens, ONERA Fr Dieter Gollmann, MSR UK Simon Foley, Cork Ir Pierangela Samarati, Milan It Elisa Bertino, Milan It Bart Preneel, KU Leuven B Fabio Martinelli, Milan It Jean-Jacques Quisquater, UCL B Katsikas Socrates, Aegean Gr Steve Schneider, Royal Holloway UK Refik Molva, Eurocom Fr Editorial Team
Structure • Foundations of Security and Trust • Formal methods for security analysis, Security models and policies, Information flow (non-interference), Cryptography • Security Mechanisms • Access control and authorization, Security protocol design and analysis, Secure Programming (languages, mobile code) • Security Architectures • Secure architectures, Security of middleware, Secure systems and devices (smartcards) • Communications and Distributed System Security • Secure Communications (mobile and fixed), Network Security (wireless and wireline), Intrusion Detection (forensics), Secure applications (e-business, e-vote, etc.) • Security Management • Privacy and Identity Management, Trust (Management), DRM
Activities • Research • Travel and exchanges • Education, training. • Studentships • Workshops • Standardisation • Dissemination, technology transfer….