1 / 17

Privacy and Secrets: Protecting Data and Information

This chapter explores the concepts of privacy and regulation, providing insights on how to handle passwords, generate random numbers, use cryptography, and secure secrets in memory.

lpeggy
Download Presentation

Privacy and Secrets: Protecting Data and Information

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy and Secrets Chapter 11

  2. Chapter Outline • Privacy and Regulation • What to do about passwords • Random Number generation • Cryptography • Secrets in Memory

  3. What is Privacy?

  4. What is Privacy? • An expectation of non-dissemination of information without consent. • What about information?

  5. What is Privacy? • An expectation of non-dissemination of information without consent. • What about information? • Confidential data about the program • Data users think is private • Data required by law to be kept as confidential

  6. What is Privacy? • An expectation of non-dissemination of information without consent. • What about information? • Confidential data about the program • Data users think is private • Data required by law to be kept as confidential • Social Security Numbers • Account numbers/credit card numbers, DL numbers • Security codes, access codes, PINs, passwords, etc. • Grades

  7. Which laws? • California's SB-1386 http://info.sen.ca.gov/pub/01-02/bill/sen/sb_1351-1400/sb_1386_bill_20020926_chaptered.html • Children's Online Protection Act (COPPA) http://www.ftc.gov/ogc/coppa1.htm • Federal Information Security Management Act (FISMA) http://csrc.nist.gov/drivers/documents/FISMA-final.pdf • Gramm-Leach-Bliley Act (GLBA) http://www.ftc.gov/privacy/glbact/index.html • Health Insurance Portability and Accountability Act (HIPAA) http://www.hhs.gov/ocr/hipaa/ • Payment Card Industry (PCI) Data Security Standard https://www.pcisecuritystandards.org • Safe Harbor Privacy Framework http://www.export.gov/safeharbor/ • Family Educational Rights and Privacy Act (FERPA): http://www.ed.gov/policy/gen/guid/fpco/pdf/ferparegs.pdf

  8. Where does private data enter? • Directly • Persisting from a DB or other data store • Indirectly

  9. How to handle Private data • Label it as such, don't hide it. Be aware at all times of which variables carry private data and which don't. • “Privacy violations” stem, for the most part, from misplaced trust. • Minimize exposure of private data. • Private data should be kept out of logs. • Be aware of threads and re-entrant code.

  10. Outbound Passwords • Keep Passwords out of the source code. • They are easy to find, even without the source code. • Don't store Clear-text Passwords • Store them, encrypted, in a configuration file. • Store the encryption key in a different file. • This can be repeated a few times.

  11. Random Numbers • Necesary for: • Cryptography (key generation)‏ • Password generation • Port randomization (for security)‏ • Unique session identifiers • Etc. • Need good entropy generators.

  12. Some notes • If there are N possible choices, there are log N bits of entropy • Expect things to go wrong. • Watch out for lack of independence • Be conservative.

  13. Cryptography • Choose a good algorithm • Watch what the standards organizations (ISO, NIST, etc) say. • Researchers may publish attacks on certain codes: that does not invalidate the code. • At the present time, recommended are: • AES • RSA • SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512)‏

  14. Cryptography • Don't roll your own • Don't: • Invent your own algorithm • Create your own implementation • Concoct your own key exchange protocol. • Security through obscurity is a delusion.

  15. Secrets in Memory

  16. How do attackers get secrets from memory? • Remote exploits such as buffer overflow or format string attacks • Physical attacks, such as stealing or discarded machines. • Accidental leakage as in core dumps or page files.

  17. How to control Information in Memory • Minimize the time the secret is held in memory • Lock the memory • Share secrets sparingly • Erase secrets securely • Easier said than done: beware of optimizing compilers! • Prevent unnecesary duplication.

More Related