Founding Corporate Members Meeting June 11, 2002 Quo Vadis CITRIS? by Ruzena Bajcsy.
TRUST, Washington, D.C. Meeting January 9–10, 2006 TRUST :Team for Research in Ubiquitous Secure...
-
Upload
evan-jacob-patterson -
Category
Documents
-
view
214 -
download
0
Transcript of TRUST, Washington, D.C. Meeting January 9–10, 2006 TRUST :Team for Research in Ubiquitous Secure...
TRUST, Washington, D.C. Meeting January 9–10, 2006
TRUST:Team for Research in Ubiquitous Secure Technologies
OverviewShankar Sastry, PI and Dir.Ruzena Bajcsy, Outreach Dir.Sigurd Meldal, Education Co-Dir.John Mitchell, co-PIVijay Raghavan, Exec DirMike Reiter, co-PIFred Schneider, Chief Sci.Janos Sztipanovits, co-PI and Education Co-DirSteve Wicker, co-PI
"Overview", Shankar Sastry 2TRUST, Washington, D.C. Meeting January 9–10, 2006
Technology Generations of Information Assurance
1st Generation1st Generation(Prevent Intrusions)(Prevent Intrusions)
Intrusions will Occur
Some Attacks will Succeed
Cryptography
Trusted Computing Base
Access Control & Physical Security
Multiple Levels of Security
2nd Generation2nd Generation(Detect Intrusions, Limit Damage)(Detect Intrusions, Limit Damage) Firewalls Intrusion Detection
SystemsBoundary Controllers VPNs
PKI
3rd Generation(Operate Through Attacks) Big Board View of Attacks
Real-Time Situation Awareness& Response
Intrusion Tolerance
Graceful Degradation
Hardened Core
Functionality
Performance
Security
"Overview", Shankar Sastry 3TRUST, Washington, D.C. Meeting January 9–10, 2006
TRUST worthy Systems
More than an Information Technology issue Complicated interdependencies and composition issues
– Spans security, systems, and social, legal and economic sciences– Cyber security for computer networks– Critical infrastructure protection – Economic policy, privacy
TRUST: “holistic” interdisciplinary systems view of security, software technology, analysis of complex interacting systems, economic, legal, and public policy issues
Trustworthiness problems invariably involve solutions with both technical and policy dimensions (theme of Schneider’s talk)
Goals: – Composition and computer security for component technologies– Integrate and evaluate on testbeds– Address societal objectives for stakeholders in real systems
"Overview", Shankar Sastry 4TRUST, Washington, D.C. Meeting January 9–10, 2006
Faking – An e-mail that seems to
be from a legitimate source
Spoofing– A Web site that appears
to be “official”
Phishing– Luring users to provide
sensitive data
From Aucsmith, Microsoft
Integrative Project: Identity Theft
"Overview", Shankar Sastry 5TRUST, Washington, D.C. Meeting January 9–10, 2006
Most people are spoofed– Over 60% have visited a fake or spoofed site
People are tricked – Over 15% admit to having provided personal data – 2780 phishing websites in March 2005 alone
Target for spoofing attacks– Banks, credit card companies, Web retailers, online auctions
(E-bay) and mortgage companies.
Economic loss– 1.2 million U.S. adults have lost money– The total dollar impact in first 6 months of 2005: $929 million, in
all of 2003 $ 1.2B.
Source: TRUSTe & Gartner
PHISHING Impact Stats
"Overview", Shankar Sastry 6TRUST, Washington, D.C. Meeting January 9–10, 2006
Software that:– Collects personal information from you – Without your knowledge or permission
Privacy– 15 percent of enterprise PCs have a keylogger
Source: Webroot's SpyAudit
– Number of keyloggers jumped three-fold in 12 monthsSource: Sophos
Reliability– Microsoft Watson
~50% of crashes caused by spyware
Support Costs– Dell, HP, IBM: Spyware causes ~30% of calls– Estimated support costs at $2.5m+ / year
SPYWARE Impact Stats
"Overview", Shankar Sastry 7TRUST, Washington, D.C. Meeting January 9–10, 2006
ID Protection: Client Side Tools
SpoofGuard: Stanford (NDSS ’04)– Alerts user when browser is viewing a spoofed web page.– Uses variety of heuristics to identify spoof pages.– A new type of anomaly detection problem.
Dynamic Security Skins: Berkeley (SOUPS ’05)– Allows a remote web server to prove its identity in a way that is easy
for human to verify and hard for attacker to spoof: uses a photograph to create trusted path
PwdHash: Stanford (Usenix Sec ’05)– Simple mechanism for strengthening password web auth.
SpyBlock: Stanford (under development)– Prevent Spyware from capturing sensitive data.
"Overview", Shankar Sastry 8TRUST, Washington, D.C. Meeting January 9–10, 2006
Tech Transfer from Phishing Work
SpoofGuard:– Some SpoofGuard heuristics now used in
eBay toolbar and Earthlink ScamBlocker.– Very effective against basic phishing attacks.
PwdHash:– Collaboration with RSA Security to implement
PwdHash on one-time RSA SecurID passwords. RSA SecurID passwords vulnerable to online phishing PwdHash helps strengthen SecurID passwords
"Overview", Shankar Sastry 9TRUST, Washington, D.C. Meeting January 9–10, 2006
Coordinated Research Agenda
The TRUST center will develop and demonstrate science and technology in real-life testbeds.
NSF core funding over 5 years plus option 5 years Possible support from US Air Force for IAS for GIG Network of partnerships with industry, infrastructure
stakeholders NSF/US State Department would like to make
partnerships with key international partners Coordinated research: eleven challenge areas across
three key topics:– Security Science – Systems Science– Social Science
"Overview", Shankar Sastry 10TRUST, Washington, D.C. Meeting January 9–10, 2006
TRUST Structure
Privacy
Computer andNetwork Security
Power GridTestbed
Network SecurityTestbed
Secure NetworkedEmbedded Systems
Testbed
Software Security
Trusted Platforms
Applied Crypto -graphic Protocols
NetworkSecurity
Secure NetworkEmbedded Sys
Forensic and Privacy
Complex Inter -Dependency mod.
Model -basedSecurity Integration.
Econ., Public Pol. Soc. Chall.
Secure Compo -nent platforms
HCI andSecurity
Secure Info Mgt.Software Tools
Technologies
Societal Challenges
Integrative Testbeds -
Critical Infrastructure
System Science Security Science Social Science
Role:• Connect societal challenges to technical agenda• Integrate component technologies • Measure progress in real-life context
Objective: Information Assurance in a Systems Context
"Overview", Shankar Sastry 11TRUST, Washington, D.C. Meeting January 9–10, 2006
Security Science (1)
Software Security (language based) Static Code Verification Dynamic Analysis Multi-lingual Security Software Design Trusted Platforms
Composition– Security and Vulnerability– Minimal Software and Hardware Configurations
Applied Cryptographic Protocols Protocol design methods Protocol analysis, testing, and verification
"Overview", Shankar Sastry 12TRUST, Washington, D.C. Meeting January 9–10, 2006
Security Science (2)
Network Security– Focused on making the Internet more secure– Challenges
Denial of service attacks Spoofed source addresses Routing security
– Approaches: Structured overlay networks Better infrastructure Epidemic protocols Simulation and Emulation on DETER testbed
"Overview", Shankar Sastry 13TRUST, Washington, D.C. Meeting January 9–10, 2006
Cyber Defense Technology and Experimental Reseach Network: DETER
Inadequate wide scale deployment of security technologies
Lack of experimental infrastructure– Testing and validation in small to medium-scale private
research labs
– Missing objective test data, traffic and metrics Create reusable library of test technology for
conducting realistic, rigorous, reproducible, impartial tests
– For assessing attack impact and defense effectiveness– Test data, test configurations, analysis software, and
experiment automation tools
"Overview", Shankar Sastry 15TRUST, Washington, D.C. Meeting January 9–10, 2006
System Science (1)
Complex Interdependency Modeling and Analysis– Four-fold approach to reducing vulnerability of
interdependent systems to disruptive failure Modeling Strategies Analysis Techniques Design Technologies Operational Tools
Secure Network Embedded Systems– Present unique security concerns
Conventional end-to-end approaches break down New code must be propagated throughout the network
– Focus areas: Automated design, verification, and validation Secure, composable, and adaptive software
– Emphasis on sensor networking technology as high-impact application
"Overview", Shankar Sastry 16TRUST, Washington, D.C. Meeting January 9–10, 2006
Mote Evolution
"Overview", Shankar Sastry 17TRUST, Washington, D.C. Meeting January 9–10, 2006
Secure Network Embedded System Testbed (577 nodes) at Berkeley
Software– TinyOS– Deluge
Network reprogramming– Drip and Drain (Routing Layer)
Drip: disseminate commands
Drain: collect data– DetectionEvent
Multi-moded event generator
– Multi-sensor fusion and multiple-target tracking algorithms
Other testbeds at Cornell, Vanderbilt (Wicker’s talk)
"Overview", Shankar Sastry 18TRUST, Washington, D.C. Meeting January 9–10, 2006
System Science (2)
Model-Based Integration of Trusted Platforms– Supports system integration through embedded software
Model-based design Model transformation technology QoS-enabled component middle-wareSecure Information
Management Software
Emphasis on new software tools for monitoring and controlling large sensor infrastructures
– Combines peer-to-peer protocols with epidemic algorithms Highly scalable Rigorous semantics User-friendly APIs
"Overview", Shankar Sastry 19TRUST, Washington, D.C. Meeting January 9–10, 2006
Sample Application:The proposed DoD NCES/GIG architecture
Basis is Web Services standard, although CORBA is likely to be used on server clusters
Primary application platform will be Microsoft Windows
NSA and DISA are playing key roles in mapping these components to military needs
"Overview", Shankar Sastry 20TRUST, Washington, D.C. Meeting January 9–10, 2006
Social Science
Economics, Public Policy and Societal Challenges– From privacy to personal security– Liability and insurance are critical concerns– What are the benefits and costs of security policies?– What are the nature and size of transaction costs associated with security?
Digital Forensics and Privacy– Privacy cuts across the trust/security issues that are the focus of TRUST– Common interfaces are needed for specifying privacy requirements– Emphasis on strong audit, selective revelation of information, and rule-
processing technologies Human Computer Interfaces and Security
– Security problems may arise through the mis-configuration of complex systems
– Generally, humans lack many computational abilities that are conducive to securing networks and systems
Strengthening standard passwords Using biometric information Using image recognition
"Overview", Shankar Sastry 21TRUST, Washington, D.C. Meeting January 9–10, 2006
Healthcare Information Technology
Rise in mature population- Population of age 65 and older with
Medicare was 35 million for 2003 and 35.4 million for 2004
New types of technology– Sensors for elderly assisted living
Increased demand for health data– Health information technology
Commercial use of health data Current Responses for Technology
Assisting Healthcare:– Electronic Patient Records– Telemedicine– Remote Patient Monitoring
Table compiled by the U.S. Administration on
Aging based on data from the U.S. Census Bureau.
United Nations ▪ “Population Aging ▪ 2002”
2050
Percentage of Population over 60 years oldGlobal Average = 21%
"Overview", Shankar Sastry 22TRUST, Washington, D.C. Meeting January 9–10, 2006
Patient Portal Project
Vanderbilt Patient Portal– Electronic healthcare records
Include real-time monitoring of congestive heart failure patients– Heterogeneous sensor network for monitoring– Data integrated into MyHealth@Vanderbilt patient portal
Berkeley ITALH Testbed: seniors in Sonoma
– Stationary sensors: Motion detectors, Camera systems– Wearable sensor: Fall sensors, Heart rate or pulse monitors
Fall Detector with Bluetooth
Berkeley Motes Sensors with
Bluetooth
Ad hoc Zigbee network
Zigbee
Sensors: at home and wearableMobile Gateway
Home Health System
Mobile Phone
Integrated Camera
Secure Internetand/or
telephone
Berkeley Mote
Sensors
Hospital
Terminal
BluetoothWLAN
"Overview", Shankar Sastry 23TRUST, Washington, D.C. Meeting January 9–10, 2006
LARGE INTEGRATIVE PROJECTS
My Health Portals for Electronic Patient Records: Vanderbilt, Berkeley, Cornell (Sztipanovits’ talk)
Phishing, Spyware, Identity Theft: Stanford, Berkeley (Mitchell’s talk)
Secure Sensor Networks: Berkeley, CMU, Cornell, Vanderbilt (Wicker’s talk)
DoD GIG IAS: Cornell, Vanderbilt, Berkeley (Birman’s talk)
Cybersecurity Educational Modules: SJSU, Vanderbilt, Stanford (Meldal’s talk)
"Overview", Shankar Sastry 24TRUST, Washington, D.C. Meeting January 9–10, 2006
ProviderPatient
Payer Society
Primary care
Specialists
AncillariesImmediate
FamilyExtended
Family
Community Support
FriendsLegally Authorized
Reps
Admin.
Staff
Claims Processors
Subcontractors
Clearinghouses
Insurers
Public Health
State Licensure
Boards
Law Enforcement
Internal QA
External accreditation
orgs
Clinical Trials
Sponsors
Fraud Detection
Medical Information
Bureau
Business Consultants
National Security
Bioterrorism Detection
Healthcare Information Access Privacy and Security Everywhere
"Overview", Shankar Sastry 25TRUST, Washington, D.C. Meeting January 9–10, 2006
Sensor Networks in Public Places
Protecting Infrastructure– Opportunities for embedding sensor networks
Transportation Water and Fuel Power Grid
– TRUST is emphasizing development of supporting technology for randomly distributed sensors
Buildings– Combine surveillance with energy control– Integrate into building materials
Open Spaces (parks, plazas, etc.)– Combine surveillance with environmental monitoring – Line-of-sight surveillance technologies
"Overview", Shankar Sastry 26TRUST, Washington, D.C. Meeting January 9–10, 2006
EDUCATIONAL INITIATIVES
Meldal, Sztipanovits and Bajcsy will speak in detail about the repositories, course work development, summer school and other educational initiatives under way
Policy, Technology, Psychological Motivations of Terrorism: Maurer (Berkeley), Lazowska (Washington), Savage (UCSD) and Microsoft, Fall 05 http://www.cs.washington.edu/education/courses/csep590/05au/lectures/
– Lampson, “Accountability and Freedom– Varian “Economics and Computer Security”– Maurer “The Third Wave of Terrorism”– Aucsmith “Crime on the Internet”
Samuelson, Mulligan, Wicker, and Goldberg: Video Privacy in Public Places?
Capacity Building program for HBCU, HIS: Reiter TRUST Summer School (TSS) in June 2006
"Overview", Shankar Sastry 27TRUST, Washington, D.C. Meeting January 9–10, 2006
Outreach Initiatives
BFOIT - Berkeley Foundation for Opportunities in Information Technologyhttp://www.bfoit.org/
SUPERB-IT - Summer Undergraduate Program in Engineering Research at Berkeley - Information Technologyhttp://www.eecs.berkeley.edu/Programs/ugrad/superb/superb.html
SIPHER - Summer Internship Program in Hybrid and Embedded Software Researchhttp://fountain.isis.vanderbilt.edu/fountain/Teaching/
Pennsylvania Area HBCU Outreach - Historically Black Colleges and Universitieshttp://is.hss.cmu.edu/summer.html
Women’s Institute in Summer Enrichment (WISE) to be kicked off in July 2006
"Overview", Shankar Sastry 28TRUST, Washington, D.C. Meeting January 9–10, 2006
SUMMARY
TRUST has been successfully launched: research, education, outreach programs under way
Hallmark of TRUST: Grand Challenge Projects– Large Integrative Projects
Identity Theft Secure Network Embedded Systems Secure Electronic Patient Records Portal DoD Global Information Grid Security
– Education: Large Projects Repositories: Evaluation using Learning Theory Modules for existing courses TRUST Summer School
– Outreach: Comprehensive BFOIT, SUPERB, SIPHER Capacity Building Program for HBCU/HSI WISE outreach to women researchers
TRUST, Washington, D.C. Meeting January 9–10, 2006
BACKUPS
"Overview", Shankar Sastry 30TRUST, Washington, D.C. Meeting January 9–10, 2006
Systems Science Teams Social Science TeamsSecurity Technology Teams
Software Security
Trusted Platforms
Applied Cryptographic Protocols
Network Security
Complex Interdependency
Modeling and Analysis
Secure Network Embedded Systems
Model-based Integration of Trusted Components
Secure Information Management Software
Economics, Public Policy and Societal
Challenges
Digital Forensics and Privacy
Human Computer Interfaces and Security
Integrative Projects
Patient Portals VUMC
System/Sec CoDesign Boeing+Raytheon
Sensor NetworksORNL
Education Program
Summer School
Curriculum
Learning Science & Technology Insertion
Repository
Project Structure
"Overview", Shankar Sastry 31TRUST, Washington, D.C. Meeting January 9–10, 2006
Example Experiment: Bandwidth-limited Scanning Worm Experiment
ICSI and PSU: characterization, modeling and scale-down simulation of Slammer SQL worm’s propagation through the Internet: ICSI+PSU WORM’04 paper.
Development of virtual nodes that model the response of sub-networks or whole Internet to a worm attack for the purposes of scale-down – 1/64th scale Internet
Near term activity:– Other worm attack recreations in the near term– Collaborative defenses under test– Large-scale enterprise network simulation
"Overview", Shankar Sastry 32TRUST, Washington, D.C. Meeting January 9–10, 2006
NEST Final Experiment: Demo
"Overview", Shankar Sastry 33TRUST, Washington, D.C. Meeting January 9–10, 2006
Overview of Agenda
Schneider “Technology + Policy” Sztipanovits “Patient Medical Records Portals” Wicker “Secure Sensor Networks and Network
Embedded Systems Mitchell “PwdHash, Spoofguard, Spyware, Botnets” Birman “Global Information Grid” POSTERS with 3 minute introductions Meldal, Sztipanovits and Bajcsy, Education and
Outreach Activities Tygar, Technology Transition Strategy