1 / 7

Systems Security – Case Study

Systems Security – Case Study. Jon Crowcroft, http://www.cl.cam.ac.uk/~jac22 http:// unikernel.com http:// hubofallthings.com / BL, 22.3.16. The components & Stakeholders. You&your data Smart home/car/city etc Consumers running analytics wholesale/retail tescos,boots,EDF,GWrail

lbrockman
Download Presentation

Systems Security – Case Study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Systems Security – Case Study Jon Crowcroft, http://www.cl.cam.ac.uk/~jac22 http://unikernel.com http://hubofallthings.com/ BL, 22.3.16

  2. The components & Stakeholders • You&your data • Smart home/car/city etc • Consumers running analytics • wholesale/retail tescos,boots,EDF,GWrail • The HATs – many, not for profit • Secure,privacy preserving aggregators • The HATDeX – a few – for profit • Data exchange/stock market in “smart”

  3. Design for Privacy • BAR-T – mechanism design • for strategy proof distributed systems • No “honest but curious” component • Incentive compatible • Best Common Practice in PET@servers • Crypto in transit & at rest • Keys owned by user not service (estonia) • Query on aggregator at worst diffpriv • If available, homomorphic fn

  4. To do (research) • Faster search/query on crypto • S/w attestation, validation, verification and if possible proofs (c.f. EPSRC REMS Project) • Servers run on mirageOS not (vanilla) docker • Client side at least up to Apple Security White Paper spec.

  5. Auditing • Need extrusion detection • Use IFC, and immutable tagging (irmin) • Distributed ledger • for HAT query&HATDeX transactions • Payment in user choice • Loyalty points • Discounts • Real money • rscoin when available

  6. Thanks & Q&A • Ack to EPSRC&ESRC for • Horizon, HAT& REMS • To EU for T2&UCN • For bits of mirage • To Jane Street Capital • for lots of donations for unikernels • Any questions?

More Related