Security and the Smarter Planet
-
Upload
ibm-research-zurich -
Category
Technology
-
view
1.037 -
download
4
description
Transcript of Security and the Smarter Planet
© 2009 IBM Corporation
Security and the Smarter Planet
Dr. Matthias KaiserswerthDirector, IBM Research - Zurich
Text
1
© 2009 IBM Corporation
IBM Research - Zurich
AGENDA
• Introduction to IBM Research
• What is a smarter planet?
• Innovations for a smarter planet
• Identity Mixer
• Zone Trusted Information Channel
• Fighting Crime with Analytics2
© 2009 IBM Corporation
IBM Research - Zurich
AGENDA
• Introduction to IBM Research
• What is a smarter planet?
• Innovations for a smarter planet
• Identity Mixer
• Zone Trusted Information Channel
• Fighting Crime with Analytics3
© 2009 IBM Corporation
IBM Research - Zurich
The sun never sets on IBM Research
Almaden (CA)Established in 1952
Austin (TX)Established in 1995
Watson (NY)Founded in New York in 1945
ZurichEstablished in 1956
HaifaEstablished in 1972
ChinaEstablished in 1995
IndiaEstablished in 1998
TokyoEstablished in 1982
4
© 2009 IBM Corporation
IBM Research - Zurich
The sun never sets on IBM Research
• Largest private research organization worldwide
• More than 3,000 scientists and engineers at 8 labs in 6 countries
• IBM spent $6B on R&D in 2008
• Patent leader for 16 years straight
• 5 Nobel Prize Laureates
Almaden (CA)Established in 1952
Austin (TX)Established in 1995
Watson (NY)Founded in New York in 1945
ZurichEstablished in 1956
HaifaEstablished in 1972
ChinaEstablished in 1995
IndiaEstablished in 1998
TokyoEstablished in 1982
5
© 2009 IBM Corporation
IBM Research - Zurich
Source: IFI Patent Intelligence
2008 US Patent Leaders
16 Consecutive Years of Patent Leadership Worldwide
Microsoft Intel HP
4500
0
Num
ber o
f Pat
ents
IBM
20301776
1424
>2x
Oracle EMC Apple Accenture Google
>20x
205 192 186 68 58
4186
70%Software
andServices
6
© 2009 IBM Corporation
IBM Research - Zurich
Open Collaboration To Expand and/or Leverage New Regions, Partners and Research Areas
7
© 2009 IBM Corporation
IBM Research - Zurich
IBM Research - Zurich Today- 350 Persons including
employees, pre-docs and post-docs and visiting scientists
- 30 different nationalities
- 90 Collaborative projects with universities, industrial partners and governments
- New Nanotech Center to open in 2011
© 2009 IBM Corporation8
© 2009 IBM Corporation
IBM Research - Zurich
Our Major Accomplishments
© 2009 IBM Corporation9
© 2009 IBM Corporation
IBM Research - Zurich
AGENDA
• Introduction to IBM Research
• What is a smarter planet?
• Innovations for a smarter planet
• Identity Mixer
• Zone Trusted Information Channel
• Fighting Crime with Analytics10
© 2009 IBM Corporation
IBM Research - ZurichIBM Research - Zurich
Global Technology Outlook Genetic Map
Dynamic e-
Business
InternetDatace
nter
TechnologyNano-TechnologyTechnology,
Systems, and Software
Technologyand Systems
Technologyand Systems
TechnologyTechnologyTechnology Technology
Post 9/11
SW Quality/Securit
y Real World Aware
Characte
ristics of On-
Demand
Event-Driven World
ModularSystems
Optimize to
Survive
Data and
Analytics
Stochastic
Analysis and
Optimization
Continual
OptimizationIntellige
nt Informa
tionMetada
taVirtual Identity
People Proxies
Pervasive
CiC Web
PlatformIntellige
nt Infrastru
ctureUtilities Autono
mic
SW Layers Next
Gen Web
On-Deman
d Framework
Architecture
of Busines
s
Innovation in
ServicesEnterpri
se SW
Services 2.0Web 2.0 Digital
Communities
SW Dependability
Legislation and Data
Systems
Design
Optimized SystemsStorage
2000 2001 2002 2003 2004 2005 2006 2007 2008
Managing
Business
Integrity
Pervasive
Embedded
Software
Pervasive
Connectivity
Speak to ITEnterpri
se Mobile
Intellect
ual
Property11
© 2009 IBM Corporation
IBM Research - Zurich
Our world is becoming
Our world is becoming
Virtually all things, processes and waysof working are becoming
Smarter Planet
INSTRUMENTED
INTERCONNECTED
INTELLIGENT
12
© 2009 IBM Corporation
IBM Research - Zurich
Smarter Planet
Smarter planet: Thinking and acting in new ways to make our systems more efficient, productive and responsive, but this doesn’t come without risk.
Our world is becoming
Our world is becoming
Virtually all things, processes and waysof working are becoming
INSTRUMENTED
INTERCONNECTED
INTELLIGENT
13
© 2009 IBM Corporation
IBM Research - Zurich
50%INCREASE IN THE NUMBER OF MALICIOUS WEB SITES IN 2008
99% OF ALL FINANCIAL ONLINE FRAUD TARGETS THE USA AND EUROPE
IBM Internet Security Systems X-Force® 2008 Trend & Risk Report, http://www.spamlaws.com/spam-stats.html
14.5BMESSAGES A DAY ARE CONSIDERED SPAM
With growth and connectivity, comes increased risk
14
© 2009 IBM Corporation
IBM Research - Zurich
AGENDA
• Introduction to IBM Research
• What is a smarter planet?
• Innovations for a smarter planet
• Identity Mixer
• Zone Trusted Information Channel
• Fighting Crime with Analytics15
© 2009 IBM Corporation
IBM Research - Zurich
Identity MixerThe flexible RSA problem: Given an RSA modulus n and a number z ∈ Zn find an e ≥ 2and a u ∈ Zn suchue≡z (modn)Strong RSA assumption: solving the flexible RSA problem is hard for big n.Remember : FACTORING ≥ RSA ≥ S-RSASystemparameters: integer invervals Γ, ∆, Λ and length lnOrg Oʼs pk: RSA mod nO > 2ln and (aO, bO, dO, gO, hO) ∈R QRnO
User Uʼs master secret key: xU ∈ ΓUʼs nym with O: P(U,O) = aOxUbOs(U,O), where s(U,O) ∈R ∆ (s(U,O) = Uʼs secret)Credential by O on P(U,O): (c(U,O), e(U,O)) where – e(U,O) ∈R Λ and prime.– c(U,O)e(U,O) ≡ P(U,O)dO ≡ aOxUbOs(U,O)dO (mod nO) Theorem: Given an oracle O that on input xi ∈ Γ outputs(si, ei, ci) s.t. si ∈R ∆, prime ei ∈R Λ and ciei ≡ aOxibOsidO , then computing (c, e, x, s) s.t.c2e ≡ (aOxbOsdO)2& (mod nO) and (x, s, e, c) ̸= (xi, si, ei, ci) is infeasible under the SRSA.U has established pseudonym P(U,Oi) = aOixUbOis(U,Oi) with Oi. U want to prove to Oi possession of a credential by Oj, i.e., valuess(U,Oj), c(U,Oj), e(U,Oj)! s.t.! c(U,Oj)e(U,Oj)! ≡ aOjxUbOjs(U,Oj)dOj 1. U sends A = c(U,Oj)hOjr1 and B = hOjr1gOjr2 to Oi,where r1, r2 ∈R {0, 1}2ln PK{(α,β,γ,δ,ε,ζ,ξ,η) : dOj2 = (A2)α(a1 2)β(b1 2)γ(h1 2)δ ∧Oj Oj OjB2 = (hOj2)ε(gOj2)ζ ∧ 1 = (B2)α(h1 2)δ(g1 2)ξ ∧ Oj! OjP(U,Oi)2 =(aOi2)β(bOi2)η ∧ β∈Γ ∧ γ∈∆ ∧ α∈Λ} .16
© 2009 IBM Corporation
IBM Research - Zurich
Identity Mixer
• Anonymous sharing of data
• On the Internet or via Smart Cards
• Data owner controls who sees the data, for how long and who they can share it with
17
© 2009 IBM Corporation
IBM Research - Zurich
Identity Mixer
You
Friend
Auto Insurance Company
Call Center
Health Insurance
Family Doctor
DNA Database18
© 2009 IBM Corporation
IBM Research - Zurich
AGENDA• Introduction to IBM Research
• What is a smarter planet?
• Innovations for a smarter planet
• Identity Mixer
• Zone Trusted Information Channel
• Fighting Crime with Analytics
19
© 2009 IBM Corporation
IBM Research - Zurich
Typical online banking scenario
BankYou USB Bank Token
sign(message) SSL/TLS connection
20
© 2009 IBM Corporation
IBM Research - Zurich
Man in the Middle online banking breach
BankYou Spoofed email (phishing)
Trojan Horse Virus
Impersonation
Fake Client
21
© 2009 IBM Corporation
IBM Research - Zurich
22
© 2009 IBM Corporation
IBM Research - Zurich
Zone Trusted Information Channel (ZTIC)
Back End Server (Bank)
Maintains all asymmetric keys and TLS session keys
for server connection
User PC (possibly under attack)
Looks at/interacts with
ZTIC(secure display)
Separate ZTIC hardware
ZTICProxy
23
© 2009 IBM Corporation
IBM Research - Zurich
AGENDA• Introduction to IBM Research
• What is a smarter planet?
• Innovations for a smarter planet
• Identity Mixer
• Zone Trusted Information Channel
• Fighting Crime with Analytics
24
© 2009 IBM Corporation
IBM Research - Zurich
Business Analytics
25
Business Optimization
Business Intelligence
Resource planning
Business Automation
© 2009 IBM Corporation
IBM Research - Zurich
NYPD Real Time Crime Center
26
© 2009 IBM Corporation
IBM Research - Zurich
Fighting Crime with Analytics
27
© 2009 IBM Corporation
IBM Research - Zurich
Summary
• Progress always comes with great risk. For this reason security needs to be a top priority from the start
• Open collaboration between corporations, academia and government are critical in reducing this risk
• Happy 60th Birthday
28
© 2009 IBM Corporation
IBM Research - Zurich
29
Zurich Research Lab
29