1 / 30

Annual Workshop February 5th, 2014

Annual Workshop February 5th, 2014. The PriMan framework. SecAnon-DistriNet. Outline. Introduction PriMan PriMan app development Abstractions Next steps. Security problem? Here is the solution:. Public Key Cryptography. Mix Networks. Anonymous Credentials. Onion Routing.

agatha
Download Presentation

Annual Workshop February 5th, 2014

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Annual Workshop February 5th, 2014

  2. The PriMan framework SecAnon-DistriNet [name – KU Leuven]

  3. Outline • Introduction • PriMan • PriMan app development • Abstractions • Next steps

  4. Security problem? Here is the solution: Public Key Cryptography Mix Networks Anonymous Credentials Onion Routing One Time Password Secure Channels Tamper Proof Modules Group Signatures Blind Signatures Searchable Encryption Zero-Knowledge Proofs

  5. The Problems • Processor intensive • Complex to use (user) • Complex to use (Developer)

  6. The Problems • Processor intensive • Complex to use (user) • Complex to use (Developer)

  7. Outline • Introduction • PriMan • PriMan app development • Abstractions • Next steps

  8. PriMan • Policy driven development framework • Flexible and secure access control • Security of data in storage and transit • Goal: facilitating the development of secure and privacy friendly applications

  9. PriMan • High level technology agnostic API • Thin SW Layer • Modular design • Rapid prototyping

  10. Technology agnostic abstractions • Technology agnostic • Dev does not need to be aware of techn. specific configuration details • Techn. specific  configuration policies • High level, easy to understand operations

  11. PriMan • Thin software layer • Connects API with technologies underneath • Very low overhead (<1ms) • Modular design • Extensible

  12. PriMan • Non-Functional requirements • Usability • Modularity • Privacy/Security • Performance • Functional requirements • Secure communication channels • Secure data storage • Secure authentication

  13. Outline • Introduction • PriMan • PriMan app development • Abstractions • Next steps

  14. App development

  15. PriMan app development

  16. PriMan app development Security experts create and configure reusable (secure) FW components

  17. Outline • Introduction • PriMan • PriMan app development • Abstractions • Next steps

  18. Abstractions - Connection • Create connection • ConnectionParameters • Listen for connection (server) • Send data (Object) • Receive data (Object) • Close connection

  19. Configuration Parameters - Connections • Address • Port • Protocol • Keystore (+password) • Truststore (+password) • …

  20. Connection - Example • Code • Configuration

  21. Abstractions - Credential • Credential • Represents identity • Attributes + secret • Issuer • Authentication • Prove a Claim • Claim can be determined by auth. policy • Example:Policy: “Prove ownership of valid ePollcred”Claim: “I own this ePollcred”Proof: Cryptographic proof using secret and nonce

  22. Credential - Example • Create a Claim using a Policy • Create a Credential using Claim, secret and nonce

  23. Abstractions - Storage • Store • Load • Remove • Using Identifiers • Optional: Storage secret

  24. Outline • Introduction • PriMan • PriMan app development • Abstractions • Next steps

  25. Next steps • Move control to Service provider • Which technology is selected • Under which circumstances(context aware) • Give some control to the user

  26. Policies • Security policy • Context aware • Determines which action needs to be performed • Determines which technology will be selected • Sticky policy • Attached to an object (e.g., a credential, a data object) • Defines how the app can use that object • Context aware • User policy • ~ Security policy, but defined by the user • Service provider limits user policy capabilities

  27. PriMan app development

  28. PriMan app development

  29. Questions?

More Related