cryptographic enforcement of segregation of duty
play

Cryptographic Enforcement of Segregation of Duty , - PowerPoint PPT Presentation

Dec 04, 2022 •359 likes •750 views

Cryptographic Enforcement of Segregation of Duty , old russian proverb rely yet verify 17.11.2015 thomas maus DeepSec 2015 Thomas Maus thomas.maus alumni.uni-karlsruhe.de

  1. Cryptographic Enforcement of Segregation of Duty ● “доверяй, но проверяй” – old russian proverb “ rely yet verify ” 17.11.2015 thomas maus ● DeepSec 2015 ● Thomas Maus ◉ thomas.maus alumni.uni-karlsruhe.de

  2. Introduction ● started with IT 1979 – school experiment ● Computer Science, University of Karlsruhe ◉ study + research ◉ EISS = European Institute of System Security ● 1993: self-employed IT security consultant ● some representive talks: ◉ risk analysis + mgmt (DECUS 2003 + others) 17.11.2015 thomas maus ◉ eHealth (in)security (21C3+22C3, various others) ◉ crypto-analytic password quality measures (various) ◉ RFID (in)security (various) ◉ Tale Telling Timings (various)

  3. Introduction … ● home-town: Trier ◉ situated between Eifel and Hunsrück ◉ low population density ➜ scarce public transport facilities ● hitchhiking? ◉ too dangerous … 17.11.2015 thomas maus

  4. Introduction … ● IT supported + secured hitchhiking? ● objectives: ◉ anonymity as far as possible ◎ at least strong pseudonymity ◎ no tracking ◉ crime prevention + prosecution ◎ mutually verifiable registration status ◎ “on-line” transaction registry 17.11.2015 thomas maus ◎ tracking of missing persons by police + next of kin ◉ coordination + matching of travel opportunities and wishes ◉ integration into public transport system ◎ tickets ◎ payment of transport providers

  5. Introduction … ● school administration SW of federal state ◉ developed by participants of school experiment ◉ i.e. mostly by pupils! ◉ chosen by proven computer versatility ◉ e.g. successful hacking of school computer ;-) ● challenge: ◉ forestall impeachment of pupil programmer's 17.11.2015 thomas maus graduation diploma ◉ build confidence in correctness → reliance

  6. Introductory Conclusions ● multi-lateral security needed ● multiple security dimensions ◉ “classical”: confidentiality+integrity+availability ◉ correctness ◉ verifiability / auditability ◉ separation of duties ◉ non-repudation / proof of volition vs. error 17.11.2015 thomas maus ◉ privacy ◎ transparency + control for subject ◎ non-traceability / data minimization ◎ robustness against inference and extrapolation ◉ …

  7. Example for Illustration: Data Retention ● soft or social Science Fiction ◉ “how a technology could transform a society” ◉ hard science core = cryptography ◎ ¼ century around: public-key cryptography ◎ construct of ideas open for debate ◉ soft socio-political outer shell ◎ fictional stances of society and various personas ◎ only for demonstration purposes 17.11.2015 thomas maus ◎ suspense of disbelief requested

  8. Visualization of Cryptographic Instruments ● asymmetric keys of cyan persona (Alice) ◉ private key ◉ public key ● asymmetric keys of red persona (Bob) ● usage examples ◉ sealed (signed) with red private key content- ⚜ ⚜ ◉ encrypted with cyan public key content 17.11.2015 thomas maus ◉ first sealed, then encrypted content- ⚜ ⚜ ◉ first encrypted, then sealed content ⚜ ⚜ ◉ typically implicit and invisible: symmetric keys ◉ decryption possible by Alice or Bob, with detached seal by Carol content ⚜ ⚜

  9. Our fictitious Society: Dramatis Personae ● civil society ◉ constitutional democracy ◉ politically participating citizens (citoyen) ◉ civil rights organisations ● investigative authorities ◉ police detectives ◉ public prosecutor 17.11.2015 thomas maus ● examining magistrate (=Ermittlungsrichter) ● (federal) privacy commissioner ● telecommunication service providers

  10. Civil Rights Dramatis Personae: Civil Society ● ultimate democratic sovereign ◉ votes + referenda ◉ political parties ◉ NGOs ● objectives ◉ active political participation ◉ protect ◎ 17.11.2015 thomas maus constitutional democracy ◎ fundamental human + civil rights ◉ vigilant about ◎ panopticon effect ◎ correct exercise of office by representatives + officials ◉ crime prevention + prosecution

  11. Dramatis Personae: Investigative Authorities ● obligations ◉ crime investigation for prevention + prosecution ● conflicting interests ◉ fundamental civil rights ◎ privacy of correspondence, posts + telecommunications ◎ privacy of the home ◎ … ● intentions 17.11.2015 thomas maus ◉ tactical secrecy of investigation ◉ earning + keeping public confidence ◉ auditability ◉ exoneration capabilities ● public prosecutor's keys

  12. Dramatis Personae: Examining Magistrate ● obligations ◉ individual decisions within legal framework ◉ crime investigation ↔ fundamental rights ● conflicting interests ◉ enable optimal crime investigation ◉ protect fundamental civil rights ● intentions 17.11.2015 thomas maus ◉ tactical secrecy of investigation ◉ earning + keeping public confidence ◉ auditability ◉ exoneration capabilities ● examining magistrate's keys

  13. ☂ Dramatis Personae: Federal Privacy Commissioner ● obligations ◉ formal control of disclosure requests ◉ official auditing + statistics + reporting ◉ investigation + information in special cases: e.g. medical doctors, lawyers, priests, … ◉ official investigation of complaints ◉ destruction of own private key in certain cases ● intentions 17.11.2015 thomas maus ◉ protection of fundamental rights within statutes ◉ earning + keeping public confidence ● federal privacy commissioner's keys

  14. Dramatis Personae: Telecommunication ✆ Service Providers ● obligations ◉ provide legally required data structures to investigation authorities ● intentions ◉ compliance ◉ minimal involvement ◉ exoneration capabilities 17.11.2015 thomas maus ➜ rapid erasure of cleartext connection data ● telecommunication provider's keys (pars pro toto)

  15. Manifold Imaginable Socio-Political Decisions ● much flexibility needed within framework! ● creative leeway + areas of decisions ◉ initial data for investigation services? ◉ keeper of data? ◉ sequence of workflows? ◉ veto powers? ◉ … 17.11.2015 thomas maus

  16. Initial Data for Investigation Services ● selection of data to be disclosed ● general data structure ◉ “handle” → “opaque protected data” ◉ “handle” = ◎ information freely available to investigators ◎ not perceived as impairing fundamental rights ◉ “opaque protected data” = ◎ information pertaining to fundamental rights 17.11.2015 thomas maus ◎ accessible only via safeguarded procedure ○ crypto-enforced ○ segregation of duty ○ review + control ○ auditability

  17. Initial Data: The “Handle” ● subset of communication data as selector ● example of inappropriate handles ◉ (calling id, precise start time, precise end time) ◉ (called id, precise start time, precise end time) ☢ correlate time stamps → infere speaking parties ● dilution of precision / obscuration of handles! ◉ protection against inference + extrapolation 17.11.2015 thomas maus ◉ balanced with specificity ● example of diluted handles ◉ (calling id, diluted start time, diluted duration) ◉ (called id, diluted start time, diluted duration) ◉ (diluted location, diluted time period)

  18. Initial Data: The “Handle” ● subset of communication data as selector ● example of inappropriate handles ◉ (calling id, precise start time, precise end time) ◉ (called id, precise start time, precise end time) e.g. ☢ correlate time stamps → infere speaking parties ● per minute ● ⌊5 minutes⌋ ● dilution of precision / obscuration of handles! ● ⌊¼ hours⌋ ◉ protection against inference + extrapolation ● … 17.11.2015 thomas maus ◉ balanced with specificity ● depending on time-of-day ● example of diluted handles ◉ (calling id, diluted start time, diluted duration) ◉ (called id, diluted start time, diluted duration) ◉ (diluted location, diluted time period)

  19. Initial Data: The “Handle” ● subset of communication data as selector ● example of inappropriate handles ◉ (calling id, precise start time, precise end time) ◉ (called id, precise start time, precise end time) ☢ correlate time stamps → infere speaking parties e.g. ● dilution of precision / obscuration of handles! ● per minute ◉ protection against inference + extrapolation ● {<1, <2, <3, <5, <10, <15, …} minutes 17.11.2015 thomas maus ◉ balanced with specificity ● example of diluted handles ◉ (calling id, diluted start time, diluted duration) ◉ (called id, diluted start time, diluted duration) ◉ (diluted location, diluted time period)

  20. Initial Data: The “Handle” ● subset of communication data as selector ● example of inappropriate handles ◉ (calling id, precise start time, precise end time) ◉ (called id, precise start time, precise end time) ☢ correlate time stamps → infere speaking parties ● dilution of precision / obscuration of handles! e.g. ◉ protection against inference + extrapolation ● cell base station 17.11.2015 thomas maus ● precinct ◉ balanced with specificity ● geo coord ⌊arc minute⌋ ● example of diluted handles ● … ◉ (calling id, diluted start time, diluted duration) ● depending on area ◉ (called id, diluted start time, diluted duration) ◉ (diluted location, diluted time period)

Recommend

Specication and Enforcement of Static Specication and Enforcement of Static Separation-of-Duty

Specication and Enforcement of Static Specication and Enforcement of Static Separation-of-Duty

Specication and Enforcement of Static Specication and Enforcement of Static Separation-of-Duty Policies in Usage Control Jianfeng Lu, Ruixuan Li, Zhengding Lu, Ji Jinwei Hu, and Xiaopu Ma i H d Xi M Huazhong University of Science and

625 views • 25 slides
OSHAs General Duty Clause: A Guide to Enforcement &amp; Legal Defenses Adele L. Abrams, Esq.,

OSHAs General Duty Clause: A Guide to Enforcement &amp; Legal Defenses Adele L. Abrams, Esq.,

OSHAs General Duty Clause: A Guide to Enforcement &amp; Legal Defenses Adele L. Abrams, Esq., CMSP Law Office of Adele L. Abrams P.C. www.safety-law.com 301-595-3520 Eastern Office 303-228-2170 Western Office Overview General Duty Clause

642 views • 10 slides
Duty of Candour - introduction The Duty of Candour is a legal duty on hospital, community and

Duty of Candour - introduction The Duty of Candour is a legal duty on hospital, community and

Duty of Candour - introduction The Duty of Candour is a legal duty on hospital, community and mental health trusts to inform and apologise to patients if there have been mistakes in their care that have led to significant harm Duty of

296 views • 10 slides
Simulating Chromosome Segregation Qi Zheng Simulating Chromosome Segregation Qi Zheng

Simulating Chromosome Segregation Qi Zheng Simulating Chromosome Segregation Qi Zheng

High Performance Research Computing Simulating Chromosome Segregation Qi Zheng Simulating Chromosome Segregation Qi Zheng Department of Epidemiology &amp; Biostatistics, Texas A&amp;M University What motivated this study? The

211 views • 10 slides
From randomness to segregation Schelling segregation, Ising models and network cascades George

From randomness to segregation Schelling segregation, Ising models and network cascades George

From randomness to segregation Schelling segregation, Ising models and network cascades George Barmpalias (Chinese Academy of Sciences) Richard Elwes (University of Leeds) Andy Lewis-Pye (London School of Economics) 1 More than two millennia ago,

800 views • 40 slides
Hammond and Axelrods model is not useful for studying ethnocentrism The Segregation Model

Hammond and Axelrods model is not useful for studying ethnocentrism The Segregation Model

Fredrik Jansson Hammond and Axelrods model is not useful for studying ethnocentrism The Segregation Model Schelling 1971 ncase.me/polygons The Segregation Model The Segregation Model The Dissemination of Culture Model Axelrod 1997 The

589 views • 26 slides
CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools

CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools

CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools Cryptographic Tools Cryptographic algorithms important element in security services Review various types of elements symmetric encryption secure

1.27k views • 23 slides
FIT FOR DUTY PHYSICAL AND PSYCHOLOGICAL AWARENESS WHAT TO LOOK FOR WHAT TO LISTEN FOR FIT

FIT FOR DUTY PHYSICAL AND PSYCHOLOGICAL AWARENESS WHAT TO LOOK FOR WHAT TO LISTEN FOR FIT

FIT FOR DUTY PHYSICAL AND PSYCHOLOGICAL AWARENESS WHAT TO LOOK FOR WHAT TO LISTEN FOR FIT FOR DUTY VS IMPAIRMENT Fit for Duty: Fit-for-duty means that an individual is in a healthy physica ysical l and psycholog ychologica ical l

435 views • 25 slides
Rheology and Segregation Segregation of of Rheology and Granular Mixtures in Dense Flows

Rheology and Segregation Segregation of of Rheology and Granular Mixtures in Dense Flows

Rheology and Segregation Segregation of of Rheology and Granular Mixtures in Dense Flows Granular Mixtures in Dense Flows Devang Khakhar Department of Chemical Engineering Indian Institute of Technology Bombay Mumbai, India Unifying

695 views • 33 slides
Cryptographic protocols Cryptographic protocols small programs designed to secure Introduction

Cryptographic protocols Cryptographic protocols small programs designed to secure Introduction

Cryptographic protocols Cryptographic protocols small programs designed to secure Introduction to cryptographic protocols communication (various security goals) Bruno Blanchet use cryptographic primitives (e.g. encryption, hash function,

451 views • 14 slides
Segregation and Lynching Motivation Lynching Data Measuring Lisa D. Cook Segregation Trevon

Segregation and Lynching Motivation Lynching Data Measuring Lisa D. Cook Segregation Trevon

Segregation and Lynching Lisa D. Cook Trevon D. Logan John M. Parman Introduction Segregation and Lynching Motivation Lynching Data Measuring Lisa D. Cook Segregation Trevon D. Logan Results John M. Parman March 27, 2015 Segregation

419 views • 22 slides
in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order

in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order

Monitoring of enforcement in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order Ordering enforcement Authorities court notary public Enforcement order certificate of enforcement

540 views • 12 slides
Cryptographic Logical Relations What is the contextual equivalence for cryptographic

Cryptographic Logical Relations What is the contextual equivalence for cryptographic

Cryptographic Logical Relations What is the contextual equivalence for cryptographic protocols and how to prove it? Yu ZHANG Including joint work with J. Goubault-Larrecq, D. Nowak and S. Lasota EVEREST, INRIA Sophia-Antipolis February

487 views • 37 slides
How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic

How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic

Department of Informatics Security and Privacy Maximilian Blochberger How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic pitfalls by design Goal Raise awareness of cryptographic misuse Disclaimer

910 views • 29 slides
Asylum seekers and refugees Lisa Doyle Refugee Council Duty, Duty, Duty: Bridging Race Equality,

Asylum seekers and refugees Lisa Doyle Refugee Council Duty, Duty, Duty: Bridging Race Equality,

Asylum seekers and refugees Lisa Doyle Refugee Council Duty, Duty, Duty: Bridging Race Equality, Community Cohesion and Well-Being in Schools 4 th December 2008 Asylum is a human right www.refugeecouncil.org.uk Mobility Forced

508 views • 7 slides
ACCOUNTING SEGREGATION Use of the system and experiences in Norway A presentation by Ulf Hoberg

ACCOUNTING SEGREGATION Use of the system and experiences in Norway A presentation by Ulf Hoberg

ACCOUNTING SEGREGATION Use of the system and experiences in Norway A presentation by Ulf Hoberg The Directorate of Customs and Excise Tollvesenet ACCOUNTING SEGREGATION OR THE USE OF FUNGIBLE MATERIALS MEANING THE STORAGE AND USE OF

429 views • 11 slides
TRUSTEES BEWARE: Discussion of Duties and Dangers Common Issues Duty to Invest Prudently

TRUSTEES BEWARE: Discussion of Duties and Dangers Common Issues Duty to Invest Prudently

TRUSTEES BEWARE: Discussion of Duties and Dangers Common Issues Duty to Invest Prudently Duty of Loyalty Duty of Impartiality Duty to Keep Beneficiaries Informed Trust Litigation Homestead Duty to Invest Prudently

729 views • 37 slides
Meas u ring Segregation : The Inde x of Dissimilarit y AN ALYZIN G U S C E N SU S DATA IN P YTH

Meas u ring Segregation : The Inde x of Dissimilarit y AN ALYZIN G U S C E N SU S DATA IN P YTH

Meas u ring Segregation : The Inde x of Dissimilarit y AN ALYZIN G U S C E N SU S DATA IN P YTH ON Lee Hachadoorian Asst . Professor of Instr u ction , Temple Uni v ersit y What is Segregation ? ANALYZING US CENSUS DATA IN PYTHON Inde x of

496 views • 46 slides
14.471: Public Economics Tax Enforcement Emmanuel Saez MIT: Fall 2009 1 Tax Enforcement

14.471: Public Economics Tax Enforcement Emmanuel Saez MIT: Fall 2009 1 Tax Enforcement

14.471: Public Economics Tax Enforcement Emmanuel Saez MIT: Fall 2009 1 Tax Enforcement Problem Most models of optimal taxation (income or commodity) as- sume away enforcement issues. In practice: 1) Enforcement is costly (eats up around 10%

1.12k views • 45 slides
The New Transitional Duty The New Transitional Duty Program Program Philip Adamo, M.D., MPH

The New Transitional Duty The New Transitional Duty Program Program Philip Adamo, M.D., MPH

The New Transitional Duty The New Transitional Duty Program Program Philip Adamo, M.D., MPH FACOEM, CIME Sandra Lyall ,LMHC,NCC,CEAP Senior Medical Director Employee Health Manager, Disability and Leave and Occupational Medicine Baystate

554 views • 22 slides
JOINT ENFORCEMENT AGREEMENT SE DIVISION Cooperative Enforcement Program Joint Enforcement

JOINT ENFORCEMENT AGREEMENT SE DIVISION Cooperative Enforcement Program Joint Enforcement

Assistant Commander Brandi Reeder Law Enforcement Division - Fisheries Law Administrator JOINT ENFORCEMENT AGREEMENT SE DIVISION Cooperative Enforcement Program Joint Enforcement Agreement One of the most effective programs in NOAAs

600 views • 30 slides
Classical segregation analysis 28.10.2005 GE02 day 4 part 3 Yurii Auchenko Erasmus MC Rotterdam

Classical segregation analysis 28.10.2005 GE02 day 4 part 3 Yurii Auchenko Erasmus MC Rotterdam

Classical segregation analysis 28.10.2005 GE02 day 4 part 3 Yurii Auchenko Erasmus MC Rotterdam Segregation analysis: dominant disease Segregation analysis assuming rare dominant disease: Ascertainment: collect all families with one

464 views • 14 slides
OTHERING DISABILITY From pity and blame to strategies for full participation Living in the

OTHERING DISABILITY From pity and blame to strategies for full participation Living in the

OTHERING DISABILITY From pity and blame to strategies for full participation Living in the shadow of segregation Some UK asylums now luxury Segregation within gated communities (eg Friern), segregation others secure units or prisons

390 views • 13 slides
Pathways to Military Service Active Duty duty || Full-Time Military Service || Referred to as

Pathways to Military Service Active Duty duty || Full-Time Military Service || Referred to as

Pathways to Military Service Active Duty duty || Full-Time Military Service || Referred to as Active Duty . Each branch has specific jobs but there are more occupations that they have in common. Active- duty service members can pursue a

306 views • 11 slides

More recommend