1 / 23

Secure Information Sharing Enabled by Trusted Computing and PEI * Models

Explore how cyber-security goals, threats, and technology have evolved, leading to the need for trusted computing and PEI models. Learn about information sharing, integrity, confidentiality, and attacks in the modern security landscape.

kbeach
Download Presentation

Secure Information Sharing Enabled by Trusted Computing and PEI * Models

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Information Sharing Enabled byTrusted Computing and PEI* Models Ravi Sandhu (George Mason University and TriCipher) Kumar Ranganathan (Intel System Research Center, Bangalore) Xinwen Zhang (George Mason University) *PEI: Policy, Enforcement, Implementation

  2. Three Megatrends • Fundamental changes in • Cyber-security goals • Cyber-security threats • Cyber-security technology

  3. Cyber-security goals have changed Cyber-security goals USAGE purpose • electronic commerce • information sharing • etcetera USAGE • multi-party security objectives • fuzzy objectives INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure

  4. Cyber-security attacks have changed • The professionals have moved in • Hacking for fun and fame • Hacking for cash, espionage and sabotage

  5. Cyber-security technology has changed • Basic premise • Software alone cannot provide an adequate foundation for trust • Old style Trusted Computing (1970 – 1990’s) • Multics system • Capability-based computers • Intel 432 vis a vis Intel 8086 • Trust with security kernel based on military-style security labels • Orange Book, eliminate trust from applications • What’s new (2000’s) • Hardware and cryptography-based root of trust • Ubiquitous availability • Trust within a platform • Trust across platforms • Rely on trust in applications • No Trojan Horses or • Mitigate Trojan Horses and bugs by legal and reputational recourse Massive paradigm shift Prevent information leakage by binding information to Trusted Viewers on the client

  6. PEI Models Framework Cannot do security without analyzing the application space in business terms } Divide and conquer AND confront and deal with issues at the correct layer Cannot do security without understanding the target platform and its limitations

  7. What is Information Sharing • The mother of all security problems • Share but protect • Requires controls on the client • Server-side controls do not scale to high assurance • Different from • Retail DRM (Digital Rights Management) • Enterprise DRM Integrity of information on the client can be crypto-guaranteed to very high assurance by digital signatures. Guarantee of confidentiality on the client needs mechanisms beyond crypto alone.

  8. Classic Approaches to Information Sharing • Discretionary Access Control (DAC), Lampson 1971 • Fundamentally broken • Controls access to the original but not to copies (or extracts) • Mandatory Access Control (MAC), Bell-LaPadula 1971 • Solves the problem for coarse-grained sharing • Thorny issues of covert channels, inference, aggregation remain but can be confronted • Does not scale to fine-grained sharing • Super-exponential explosion of security labels is impractical • Fallback to DAC for fine-grained control (as per the Orange Book) is pointless • Originator Control (ORCON), Graubart 1989 • Propagated access control lists: let copying happen but propagate ACLs to copies (or extracts) • Park and Sandhu 2002 discuss an approach based on Trusted Viewers

  9. PEI Models Framework

  10. Scoping Information Sharing: Big Issues • Secure information sharing rather than Digital Rights Management (DRM) • Sensitivity of information content is the issue not revenue potential of retail entertainment content • Open system as opposed to closed Enterprise DRM • Read-only versus read-write secure information sharing • Read-only is a useful subset • Avoids some of the complexities of read-write such as • Extraction of pieces of information • Aggregation of several sources • Version control • Ability to overwrite versus annotate • Content-independent authorization versus content-dependent authorization • Content-independent is a useful subset • Content-dependent is more complex since it requires Trusted Viewers to parse and understand the content

  11. PEI Models Framework

  12. Scoping Information Sharing • One Decomposition at the Policy Layer • Password based • Device based • Credential based Just one possibility Determined by business objectives

  13. Scoping Information Sharing: Detailed Issues • Detailed issues include • Revocation Policy • Usage Policy • Re-dissemination Policy • Distribution Policy • Accessibility Policy

  14. PEI Models Framework

  15. Password-based encryption: traditional approach Guess Verify Insecure due to off-line dictionary attacks

  16. Trusted Viewer Seal with Password Authentication

  17. Trusted Viewer Seal with Password Authentication and Encryption

  18. Trusted Viewer Seal with Device Encryption

  19. Trusted Viewer Seal with Credential Authentication

  20. Trusted Viewer Seal with Credential Encryption

  21. PEI Models Framework

  22. Trusted Viewer Seal with Password Authentication On-line password guessing Need a throttling mechanism Many possibilities

  23. Secure Information Sharing Enabled byTrusted Computing and PEI* Models Ravi Sandhu (George Mason University and TriCipher) Kumar Ranganathan (Intel System Research Center, Bangalore) Xinwen Zhang (George Mason University) Questions ?? *PEI: Policy, Enforcement, Implementation

More Related