bonsai balanced lineage authentication
play

Bonsai: Balanced Lineage Authentication Ashish Gehani - PowerPoint PPT Presentation

Aug 22, 2022 •445 likes •651 views

Bonsai: Balanced Lineage Authentication Ashish Gehani Bonsai:Balanced Lineage Authentication p. 1/19 What is data lineage ? Output Operation Input 1 Input n (a) Primitive operation (b) Compound operation tree Bonsai:Balanced Lineage

  1. Bonsai: Balanced Lineage Authentication Ashish Gehani Bonsai:Balanced Lineage Authentication – p. 1/19

  2. What is data lineage ? Output Operation Input 1 Input n (a) Primitive operation (b) Compound operation tree Bonsai:Balanced Lineage Authentication – p. 2/19

  3. Why track lineage? GIS - Data origins Material science - Component pedigree Biology - Experiment reproducibility Grid - Debugging Bonsai:Balanced Lineage Authentication – p. 3/19

  4. Why certify lineage? Reproduction costly PDB - $200,000 / protein Fermilab Collision Detector - 1 month, multiple TB / datum Reliability Accreditation Ownership Auditability Bonsai:Balanced Lineage Authentication – p. 4/19

  5. What’s been done? LFS - Inputs, Outputs, Options → SQL PASS - Runtime environs → Berkeley DB Trio - Tracks data accuracy using lineage CMCS - Chemistry toolkit → WebDAV Chimera - Workflow scripts my Grid - Biology Grid workflows V esta - Incremental builds ESSW - Earth Science data management Bonsai:Balanced Lineage Authentication – p. 5/19

  6. What’s the problem? Single trust domain Chimera , my Grid , V esta , ESSW Centralized service LFS , PASS , Trio , CMCS No assurance Unsigned Incomplete Bonsai:Balanced Lineage Authentication – p. 6/19

  7. What granularity? What to audit? Processes, System calls, File system? Fine grain → High overhead Coarse grain → False positives File system: Pro - Intermediate complexity Pro - Captures most persistent change Con - Can’t track data from: Network, Keyboard, Pipes, Memory maps Bonsai:Balanced Lineage Authentication – p. 7/19

  8. Certification approach ? Input = Output No global TCB Require commitments Consumer Check agreement of: Input Output Producer output Producer Consumer input Trusted user in subtree / path → Tampering detectable Bonsai:Balanced Lineage Authentication – p. 8/19

  9. Metadata generation Intercede on calls for: exec(), fork(), exit(), open(), close(), read(), write() Maintain process table entries for: accessed, modified files File 2 Read open() close() File 3 File 1 Read close() Process open() Owner Process execution Time close() File 1 File 2 open() File 3 Write Bonsai:Balanced Lineage Authentication – p. 9/19

  10. Minimal representation Executor Signature Output Input Input n 1 Net Address Inode Time Executor: 32 bit IPv4 address, 32 bit user ID Signature: 160 bits [ S IGN K E ( E, O, I 1 , . . . , I n ) ] Input / Output File: 32 bit IPv4 address 32 bit inode 32 bit time (Seconds since 1/1/70) Bonsai:Balanced Lineage Authentication – p. 10/19

  11. Workload Berkeley NOW file system traces Month of activity Access patterns stable Instruction - 20 workstations in teaching lab Research - 13 desktops of research group Web - 1 web server running Postgres Windows - 8 Windows desktops Bonsai:Balanced Lineage Authentication – p. 11/19

  12. Cumulative lineage Current paradigm Entire tree migrates with data Metadata grows rapidly: Steps 1 2 3 4 5 Workload Instruction 0.4 KB 3 KB 31 KB 253 KB 2 MB Research 0.2 KB 0.8 KB 2 KB 8 KB 29 KB Web 1 KB 39 KB 1 MB 29 MB 813 MB Windows 0.2 KB 0.8 KB 2 KB 9 KB 30 KB Bonsai:Balanced Lineage Authentication – p. 12/19

  13. Operational impact Time (in ms ) to read tree in open() : Steps 1 2 3 4 Workload Instruction 0.04 0.05 0.11 1.72 Research 0.05 0.05 0.04 0.04 Web 0.06 0.13 6.42 997.5 Windows 0.07 0.04 0.04 0.04 Time (in ms ) to write tree in close() : Steps 1 2 3 4 Workload Instruction 0.20 0.28 0.32 0.84 Research 0.16 0.19 2.39 3.1 Web 0.16 0.24 4.82 579.14 Windows 0.16 0.50 5.34 3.17 Bonsai:Balanced Lineage Authentication – p. 13/19

  14. In actu Larger representation Unless certification available for: DHCP bindings inode mappings Clock synchronization Bonsai:Balanced Lineage Authentication – p. 14/19

  15. Decentralized lineage Proposed paradigm Remote pointers replace branches Metadata remains small: Workload Storage Instruction 0.4 KB Research 0.2 KB Web 1 KB Windows 0.2 KB Bonsai:Balanced Lineage Authentication – p. 15/19

  16. Verifying lineage Algorithm : C HECK L INEAGE ( D ) { E, S, O, I 1 , . . . , I n } ← G ET R OOT ( D ) O UTPUT ( E ) P E ← P KI L OOKUP ( E ) if I 1 , . . . , I n = {}  Result ← V ERIFY ( P E , S, E, O )   then if Result = F ALSE  then CheckFailed   Result ← V ERIFY ( P E , S, E, O | I 1 | . . . | I n )    if Result = T RUE    � else for i ← 1 to n then  do C HECK L INEAGE ( I i ) Reliability drops ← −      else CheckFailed Bonsai:Balanced Lineage Authentication – p. 16/19

  17. Increasing availability Traditional strategy: Form virtual topology Flood neighbors Inefficient use of storage Bonsai:Balanced Lineage Authentication – p. 17/19

  18. Bonsai Prune lineage tree Stored locally Pruned − must be recovered λ from remote node levels Pruned Bonsai:Balanced Lineage Authentication – p. 18/19

  19. Simplest pruning Trade verification reliability for storage Bonsai:Balanced Lineage Authentication – p. 19/19

Recommend

Scalable Distributed Lineage Authentication Ashish Gehani Scalable Distributed Lineage

Scalable Distributed Lineage Authentication Ashish Gehani Scalable Distributed Lineage

Scalable Distributed Lineage Authentication Ashish Gehani Scalable Distributed Lineage Authentication p. 1/59 What is data lineage ? Output Operation Input 1 Input n (a) Primitive operation (b) Compound operation tree Scalable

843 views • 59 slides
Presentation of the BONSAI Board 2016 Prof. Bo Weidema, Chair Founder of the BONSAI initiative.

Presentation of the BONSAI Board 2016 Prof. Bo Weidema, Chair Founder of the BONSAI initiative.

Presentation of the BONSAI Board 2016 Prof. Bo Weidema, Chair Founder of the BONSAI initiative. Professor at Aalborg University, committed to trans-disciplinary research that bridges economic, social, engineering and environmental sciences. With

63 views • 3 slides
Mentor: Christine E. Edwards A separately evolving metapopulation lineage where lineage

Mentor: Christine E. Edwards A separately evolving metapopulation lineage where lineage

Rebekah A. Mohn Miami University, Oxford, Ohio mohnra@miamioh.edu Mentor: Christine E. Edwards A separately evolving metapopulation lineage where lineage refers to an ancestor -descendent lineage. (De Queiroz, 2007) De Queiroz.

430 views • 24 slides
plants as bonsai, with a demonstration of potting up a Myrtle Beech ( Nothofagus cunninghamii )

plants as bonsai, with a demonstration of potting up a Myrtle Beech ( Nothofagus cunninghamii )

Aus Australian Na ralian Native ive Pla Plants s as B as Bonsa nsai The long tradition of the art of Bonsai can be traced back through Japan and China, especially over the past 200 years or so. The art now continues to develop and

73 views • 3 slides
1.Lineage 2.Consistency Relational 3.Query Mining 4 6 Lineage + Interactions Lineage +

1.Lineage 2.Consistency Relational 3.Query Mining 4 6 Lineage + Interactions Lineage +

1/24/17 3 Database Problems in Data Visualization Management Systems VIZ DATA Eugene Wu Fotis Psallidas, Zhengjie Miao, Haoci Zhang,Laura Rettig, Yifan Wu, Larry Xu, Thibault Sellam, Remco Chang, Joe Hellerstein 3 3 Database Problems

571 views • 5 slides
AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

SECURITY TOPICS PART 2 AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources: getting entrance to a computer lab

833 views • 44 slides
Jehoshua (Shuki) Bruck From Screws to Systems The Lineage of BMW It happens in biological

Jehoshua (Shuki) Bruck From Screws to Systems The Lineage of BMW It happens in biological

Jehoshua (Shuki) Bruck From Screws to Systems The Lineage of BMW It happens in biological systems!!! C. Elegans Lineage total of 959 cells 302 nerve cells 131 cells are destined to die C. Elegans Lineage Simple Questions Dealing

1.04k views • 66 slides
HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication

288 views • 10 slides
Low rate of lineage High rates of diversification lineage diversification Ancestral trait

Low rate of lineage High rates of diversification lineage diversification Ancestral trait

Low rate of lineage High rates of diversification lineage diversification Ancestral trait Evolutionary dead Key innovation innovation ends (e.g. hypothesis for specialization diversity hypothesis) Low rate of trait Niche conservatism

381 views • 6 slides
Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a precondition How to authenticate: Something you know Password, Secrets Something you have Smart Card, Token Something you are Biometrie

607 views • 4 slides
Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

1.66k views • 27 slides
Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

613 views • 27 slides
Thermal Flywheeling Alex Woolf, PhD - Principal Data Scientist Lineage Logistics 1 THE NEED FOR

Thermal Flywheeling Alex Woolf, PhD - Principal Data Scientist Lineage Logistics 1 THE NEED FOR

Thermal Flywheeling Alex Woolf, PhD - Principal Data Scientist Lineage Logistics 1 THE NEED FOR COLD 2 THE NEED FOR COLD 3 THE NEED FOR COLD 4 THE NEED FOR COLD 5 LINEAGE INTRO 6 WAREHOUSE 7 LINEAGE INTRO 8 APPROACH QTY POWER

490 views • 29 slides
Presentation of the BONSAI Board 2018 Dr. Christopher Mutel, Chair As a student, consultant, and,

Presentation of the BONSAI Board 2018 Dr. Christopher Mutel, Chair As a student, consultant, and,

Presentation of the BONSAI Board 2018 Dr. Christopher Mutel, Chair As a student, consultant, and, since 2014, scientist at the Paul Scherrer Institute, I have used and researched life cycle assessment (LCA) for the last 10 years. My research

309 views • 3 slides
Tracing Lineage Beyond Relational Operators Mingwu Zhang 1 Xiangyu Zhang 1 Xiang Zhang 2 Sunil

Tracing Lineage Beyond Relational Operators Mingwu Zhang 1 Xiangyu Zhang 1 Xiang Zhang 2 Sunil

Tracing Lineage Beyond Relational Operators Mingwu Zhang 1 Xiangyu Zhang 1 Xiang Zhang 2 Sunil Prabhakar 1 1 Computer Science 2 Bindley Bioscience Center Purdue University Introduction Lineage (Data Provenance) is defined as description of

728 views • 30 slides
Bonsai in the Fog: an Active Learning Lab with Fog Computing Antonio Brogi, Stefano Fort orti,

Bonsai in the Fog: an Active Learning Lab with Fog Computing Antonio Brogi, Stefano Fort orti,

Bonsai in the Fog: an Active Learning Lab with Fog Computing Antonio Brogi, Stefano Fort orti, Ahmad Ibrahim and Luca Rinaldi Service-oriented, Cloud and Fog Computing Research Group Department of Computer Science University of Pisa, Italy 3rd

756 views • 33 slides
A2: Broken Authentication and Session Management But first Authentication, Authorization,

A2: Broken Authentication and Session Management But first Authentication, Authorization,

A2: Broken Authentication and Session Management But first Authentication, Authorization, Sessions Authentication Determining user identity Multiple ways What you know (password) What you have (phone, RSA SecureID, Yubikey)

1.57k views • 28 slides
Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password Token-based authentication Third party authentication Local Authentication How to store and verify password? Clear Data can be hacked

615 views • 14 slides
The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch

The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch

The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch Security Engineer kbabioch@suse.de New authentication standards ... 2 Some authentication technologies ... 3 - Authentication theory -

1.28k views • 88 slides
Outline Introduction Authentication Basic authentication mechanisms CS 239

Outline Introduction Authentication Basic authentication mechanisms CS 239

Outline Introduction Authentication Basic authentication mechanisms CS 239 Authentication on a single machine Computer Security Authentication across a network February 21, 2007 Lecture 9 Lecture 9 Page 1 Page 2 CS 236,

302 views • 8 slides
I know who you are, but you can't come in Authentication and single sign-on in the SAS platform

I know who you are, but you can't come in Authentication and single sign-on in the SAS platform

I know who you are, but you can't come in Authentication and single sign-on in the SAS platform Agenda Authentication Inbound authentication Outbound authentication Single Sign-on Definitions Stage Process Method Physical

781 views • 48 slides
Spatiotemporal Cell Population Tracking & Cell Population Tracking and Lineage Construction

Spatiotemporal Cell Population Tracking & Cell Population Tracking and Lineage Construction

Spatiotemporal Cell Population Tracking & Cell Population Tracking and Lineage Construction Lineage Construction Kang Li , Takeo Kanade Carnegie Mellon University Mei Chen Intel Research Pittsburgh Cell Population Tracking Cell Population

357 views • 25 slides
HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been

HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been

HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been proposed for applications including: Encryption and authentication For detecting malicious alterations of design components For

645 views • 15 slides
1 Password-Based Authentication Node A has a secret ( password ): e.g., lisa To

1 Password-Based Authentication Node A has a secret ( password ): e.g., lisa To

Authentication Protocols Guevara Noubir College of Computer and Information Science Northeastern University noubir@ccs.neu.edu Outline Overview of Authentication Systems [Chapter 9] Authentication of People [Chapter 10]

396 views • 17 slides

More recommend