how to delete data for realz this presentation will self
play

How to Delete Data for Realz: This Presentation Will Self-Destruct - PowerPoint PPT Presentation

Nov 10, 2023 •247 likes •599 views

#RSAC #RSAC SESSION ID: SESSION ID: PDAC-R10F How to Delete Data for Realz: This Presentation Will Self-Destruct In... Davi Ottenheimer Ian Smith President Research Scientist Flyingpenguin University of Washington @daviottenheimer

  1. #RSAC #RSAC SESSION ID: SESSION ID: PDAC-R10F How to Delete Data for Realz: This Presentation Will Self-Destruct In... Davi Ottenheimer Ian Smith President Research Scientist Flyingpenguin University of Washington @daviottenheimer @sesosek Rashomon Security

  2. #RSAC Rashomon = Solving “Uncertainty of Fact” * * “The Samurai Film,” Alain Silver, 1983 p 47 Rashomon Security

  3. #RSAC Rising Problem of “ unDEAD ” Data The Ghost Kohada Koheiji Rashomon Rashomon Katsushika Hokusai (1760-1849) Security Security

  4. #RSAC Data Lifecycle Store Access Create Modify Destroy Destroy Share Backup Rashomon Security

  5. #RSAC MSM Awareness Rashomon Security

  6. #RSAC Example: Internet of Snitches US Government collecting social media information from foreign travelers Data from pacemaker used to arrest man for arson, insurance fraud Rashomon Security

  7. #RSAC Example: Plaintext Distributed Data to Cloud Flask DB REST API bins/libs bins/libs Container Engine (Docker) Host OS Rashomon Security

  8. #RSAC Example: War of Words Rashomon Rashomon Security Security

  9. #RSAC “Use Bleach” to Purge History Rashomon Security

  10. #RSAC Broken Solutions Unlinking Overwriting Master Key Physical Destruction Rashomon Security

  11. #RSAC Classic PGP (No Forward Secrecy) is Classic Classic PGP (No Forward Secrecy) is Classic D sk_bob (E pk_bob (M)) E pk_bob (M) → Server → M sk = secret key pk = public key Rashomon Rashomon Security Security

  12. #RSAC Classic PGP (No Forward Secrecy) is Classic D sk_bob (E pk_bob (M)) → E pk_bob (M) → Server M Attacker with sk_bob can read all past messages Rashomon Rashomon Security Security

  13. #RSAC In Search of an Improved Trust Level Rashomon Security

  14. Distributed Expiring Auditable Data (DEAD) #RSAC 1. Automatic expiration timers 2. Always, even when replicated or offline 3. Audited Rashomon Security

  15. #RSAC Data, Prepare to be DEAD Rashomon Security

  16. #RSAC DEAD Example Architecture 1. Automatic: Access gone after expiration 2. Always: Stored keys disappear over time, destroying data 3. Audited: Action required for initial data access Rashomon Security

  17. #RSAC Split secret S into n pieces • Knowledge of any m of them makes S easy to compute. • Knowledge of any m - 1 or fewer leaves S completely undetermined. Plot: Vlsergey Rashomon Security

  18. #RSAC Automatic Key Expiration • Store(secret, expiration time) → index • Get(index) → secret, if not yet expired Expire in: Expire in: 72 hours 72 hours <index> Rashomon Security

  19. #RSAC Automatic Key Expiration • Store(secret, expiration time) → index • Get(index) → secret, if not yet expired <index> not found Rashomon Security

  20. #RSAC Always (Forward Secrecy) Backups Server Server D k (D sk_bob (E pk_bob (E k (M), I))) → M E pk_bob (E k (M), I) → I I E pk_bob (k) →S D sk_bob (S) → k S S Rashomon Security Alice, Bob: xkcd.com

  21. #RSAC Always (Forward Secrecy) Attacker with sk_bob cannot Backups read any expired messages Server Server Server D k (D sk_bob (E pk_bob (E k (M), I))) → M E pk_bob (E k (M), I) → I I E pk_bob (k) →S D sk_bob (S) → k D sk_bob (S) → k S S Rashomon Security Alice, Bob: xkcd.com

  22. #RSAC Audited (e.g. Cloud Delete) Flask DB REST API bins/libs bins/libs Container Engine (Docker) Host OS DEAD Service (audits key requests) Rashomon Security

  23. #RSAC Audited (e.g. Cloud Delete) Flask DB REST API bins/libs bins/libs Container Engine (Docker) Host OS DEAD Service (audits key requests) Rashomon Security

  24. #RSAC Resilient to Attack: Privacy DEAD secrets can not be read without the index %#&$!! Rashomon Security

  25. #RSAC Resilient to Attack: Availability Rashomon Security Alice: xkcd.com

  26. #RSAC Resilient to Attack: Availability Rashomon Security Alice: xkcd.com

  27. #RSAC Resilient to Attack: Privacy + Availability Num. storage locations 1 2 3 4 5 n Quorum threshold 1/1 1/2 2/2 1/3 2/3 3/3 1/4 2/4 3/4 4/4 1/5 2/5 3/5 4/5 5/5 m / n Num. compromised to violate privacy 1 1 2 1 2 3 1 2 3 4 1 2 3 4 5 m Num. failed to violate availability 1 2 1 3 2 1 4 3 2 1 5 4 3 2 1 n - m + 1 S S 1 S 2 S 3 S 4 S 5 Rashomon Security

  28. #RSAC Resilient to Attack: Privacy + Availability Num. storage locations 1 2 3 4 5 n Quorum threshold 1/1 1/2 2/2 1/3 2/3 3/3 1/4 2/4 3/4 4/4 1/5 2/5 3/5 4/5 5/5 m / n Num. compromised to violate privacy 1 1 2 1 2 3 1 2 3 4 1 2 3 4 5 m Num. failed to violate availability 1 2 1 3 2 1 4 3 2 1 5 4 3 2 1 n - m + 1 S 1 S 2 S 3 S 4 S 5 Rashomon Security

  29. #RSAC Resilient to Attack: Privacy + Availability Num. storage locations 1 2 3 4 5 n Quorum threshold 1/1 1/2 2/2 1/3 2/3 3/3 1/4 2/4 3/4 4/4 1/5 2/5 3/5 4/5 5/5 m / n Num. compromised to violate privacy 1 1 2 1 2 3 1 2 3 4 1 2 3 4 5 m Num. failed to violate availability 1 2 1 3 2 1 4 3 2 1 5 4 3 2 1 n - m + 1 S %#&$!! %#&$!! S 1 S 2 S 3 S 4 S 5 Rashomon Security

  30. #RSAC Resilient to Attack: Privacy + Availability Num. storage locations 15 n Quorum threshold 8 / 15 m / n Num. compromised to violate privacy 8 m Num. failed to violate availability 8 n - m + 1 %#&$!! %#&$!! Example: 8/15 %#&$!! %#&$!! %#&$!! %#&$!! %#&$!! Rashomon Security

  31. #RSAC Distributed Expiring Auditable Data (DEAD) 1. Automatic expiration timers 2. Always, even when replicated or offline 3. Audited Rashomon Security

  32. #RSAC Apply 1. Identify data flows in your organization a. Source code b. Customer and operations data c. Internal communications d. API tokens, TLS certs, SSH keys, DB credentials e. Internet of snitches f. Partners and service providers 2. Assess unDEAD data risk (severity x probability) 3. Flag processes where DEAD required Rashomon Security

  33. #RSAC Apply: Russian Containers Rashomon Security

  34. #RSAC Get DEAD • Amazon KMS • Fugue Credstash • HashiCorp Vault • Kubernetes secret objects • Docker SwarmKit secrets • OpenStack Barbican Rashomon Rashomon Security Security

  35. #RSAC DEAD Data Demo Join our Focus-On session Learn how to make data DEAD • Automatic • Always • Audited Time: 2:45 - 3:30 PM Session Code: FON3-R11 Rashomon Security

Recommend

How to Delete Data for Realz: This Presentation Will Self-Destruct In... (Focus-On) Davi

How to Delete Data for Realz: This Presentation Will Self-Destruct In... (Focus-On) Davi

#RSAC SESSION ID: SESSION ID: FON3-R11 How to Delete Data for Realz: This Presentation Will Self-Destruct In... (Focus-On) Davi Ottenheimer Ian Smith President Research Scientist Flyingpenguin University of Washington @daviottenheimer

605 views • 23 slides
Control Alt Delete: Control Data, Use Alternatives, and Delete Risks APRIL 30 PRIL 30

Control Alt Delete: Control Data, Use Alternatives, and Delete Risks APRIL 30 PRIL 30

Control Alt Delete: Control Data, Use Alternatives, and Delete Risks APRIL 30 PRIL 30 MA MAY 2 Y 2, 2 , 2018 Keynote Address: Big Data/Big Privacy Keynote Speaker: Nora Young (Host &amp; Creator, Spark (CBC)) As individuals,

428 views • 10 slides
Deletion Can only delete a tuple/tuples. Cannot delete values for particular attibutes delete

Deletion Can only delete a tuple/tuples. Cannot delete values for particular attibutes delete

Deletion Can only delete a tuple/tuples. Cannot delete values for particular attibutes delete from r where P Deletes all tuples t in r for which P(t) is true. delete operates on one relation only . delete from r deletes all tuples

523 views • 4 slides
Review Linked List Struktur Data &amp; Algoritme insert, find, delete operations take O(n)

Review Linked List Struktur Data &amp; Algoritme insert, find, delete operations take O(n)

Review Linked List Struktur Data &amp; Algoritme insert, find, delete operations take O(n) Stack &amp; Queue ( Data Structures &amp; Algorithms ) insert, find, delete operations take O(1) but the access is restricted Hash Table

665 views • 9 slides
SQL Workshop Insert, Update, Delete Doug Shook Test Tables So far we have only read data

SQL Workshop Insert, Update, Delete Doug Shook Test Tables So far we have only read data

SQL Workshop Insert, Update, Delete Doug Shook Test Tables So far we have only read data When testing code that may change data, it is important to NEVER use the production DB Run the statements on test tables before deploying

588 views • 31 slides
Trees Weiss sec. 7.3.5 (preview) ch. 18 (sort of) Data Structures So Far Arrays random

Trees Weiss sec. 7.3.5 (preview) ch. 18 (sort of) Data Structures So Far Arrays random

Trees Weiss sec. 7.3.5 (preview) ch. 18 (sort of) Data Structures So Far Arrays random access, fixed size, hard to insert/delete java.util.ArrayList random access, dynamic resize, hard to insert/delete Linked Lists

846 views • 15 slides
Space Invaders Game Instructions Set up the Environment Delete Scratchy Sprite (right click,

Space Invaders Game Instructions Set up the Environment Delete Scratchy Sprite (right click,

Space Invaders Game Instructions Set up the Environment Delete Scratchy Sprite (right click, delete) Create backdrop Select Backdrop from tabs Edit it Make it completely black If you want, add some stars (small white dots)

605 views • 31 slides
SQL CRUD Create, Read, Update, Delete 1 / 11 CRUD Operations in SQL Create (INSERT) Read

SQL CRUD Create, Read, Update, Delete 1 / 11 CRUD Operations in SQL Create (INSERT) Read

SQL CRUD Create, Read, Update, Delete 1 / 11 CRUD Operations in SQL Create (INSERT) Read (SELECT - covered later) Update (UPDATE) Delete (DELETE, DROP) 2 / 11 INSERT Command General form is INSERT INTO &lt;table_name&gt;

444 views • 11 slides
A. Acres Homes Carver &amp; Cebra BGE, Inc. 9 Location 10 Request Delete Cebra St (MJ-

A. Acres Homes Carver &amp; Cebra BGE, Inc. 9 Location 10 Request Delete Cebra St (MJ-

A. Acres Homes Carver &amp; Cebra BGE, Inc. 9 Location 10 Request Delete Cebra St (MJ- 4-80/100) and add Carver Rd and Cebra St as Major Collectors to DeSoto St MTFP AMENDMENT REQUEST ADD REALIGN DELETE RECLASSIFY Street Class

303 views • 5 slides
Strategic Code Deletion Michael Feathers R7K Research &amp; Conveyance (everyone wants to delete

Strategic Code Deletion Michael Feathers R7K Research &amp; Conveyance (everyone wants to delete

Strategic Code Deletion Michael Feathers R7K Research &amp; Conveyance (everyone wants to delete code) When Can We Delete Code? Varieties of Useless Code And another one.. Low Value code No wikipedia entry (yet) :-) Coverage gprof

830 views • 70 slides
Revising poor design (1) Student Web Presence Guidelines Cut, delete, edit, review The more

Revising poor design (1) Student Web Presence Guidelines Cut, delete, edit, review The more

Revising poor design (1) Student Web Presence Guidelines Cut, delete, edit, review The more you delete, the more you simplify. The more you simplify the more you increase the chances of your users suceeding on your website

211 views • 8 slides
C3.1 AND/OR Graphs The heuristics we will consider can all be understood in terms of

C3.1 AND/OR Graphs The heuristics we will consider can all be understood in terms of

Planning and Optimization October 27, 2016 C3. Delete Relaxation: AND/OR Graphs Planning and Optimization C3.1 AND/OR Graphs C3. Delete Relaxation: AND/OR Graphs C3.2 Forced Nodes Malte Helmert and Gabriele R oger C3.3 Most and Least

331 views • 8 slides
SQL Queries select, from, where : the 3 clauses. select = project of algebra. Lists the

SQL Queries select, from, where : the 3 clauses. select = project of algebra. Lists the

Modifying content Newly created relation is empty. Insert by insert into employee values (Smith, 2000.00, 2, 3) Delete all tuples delete from employee Remove a relation completely drop table r Alter the schema (add attributes) alter

529 views • 4 slides
Why important ? You must know how to: Create a file Create a folder Delete

Why important ? You must know how to: Create a file Create a folder Delete

Why important ? You must know how to: Create a file Create a folder Delete a file Delete a folder Show current Path Navigate through folders Show content in folder Show content in file Copy

667 views • 13 slides
Lead {Delete the words that are not your own} Introduction Slide Introduction to Teen Activism

Lead {Delete the words that are not your own} Introduction Slide Introduction to Teen Activism

Topic: Teen Activist Your Name Introduction Slide Lead {Delete the words that are not your own} Introduction Slide Introduction to Teen Activism {Delete the words that are not your own} Introduction Slide Claim with 3 supporting reasons

606 views • 6 slides
Lecture 2: Stacks and CSE 373: Data Structures and Queues Algorithms CSE 373 19 SP - KASEY

Lecture 2: Stacks and CSE 373: Data Structures and Queues Algorithms CSE 373 19 SP - KASEY

Lecture 2: Stacks and CSE 373: Data Structures and Queues Algorithms CSE 373 19 SP - KASEY CHAMPION 1 Q: Which data structure implementation of the Warm Up List ADT would you choose to optimize for the delete function? Instructions

511 views • 16 slides
Hash tables Most data structures that were going to see are about storing and manipulating data

Hash tables Most data structures that were going to see are about storing and manipulating data

Hash tables Most data structures that were going to see are about storing and manipulating data When only operations Insert , Search and Delete as dictionary op- erations are needed, hash tables can be quite good Many variations of hash tables

1.04k views • 17 slides
Goals SQL: Data Definition Language CREATE ALTER DROP SQL: Data Manipulation

Goals SQL: Data Definition Language CREATE ALTER DROP SQL: Data Manipulation

IT360: Applied Database Systems SQL: Structured Query Language DDL and DML (w/o SELECT) (Chapter 7 in Kroenke) 1 Goals SQL: Data Definition Language CREATE ALTER DROP SQL: Data Manipulation Language INSERT DELETE

293 views • 7 slides
Instructions for use Save this presentation Feel free to add or delete slides as necessary,

Instructions for use Save this presentation Feel free to add or delete slides as necessary,

Instructions for use Save this presentation Feel free to add or delete slides as necessary, change information to suit local needs and as new guidance or evidence is published Disclaimer: Whilst the working group has made every effort to

881 views • 39 slides
36.1 Relaxed Planning Graphs 34. Planning Formalisms 35.36. Planning Heuristics: Delete

36.1 Relaxed Planning Graphs 34. Planning Formalisms 35.36. Planning Heuristics: Delete

Foundations of Artificial Intelligence May 9, 2016 36. Automated Planning: Delete Relaxation Heuristics Foundations of Artificial Intelligence 36.1 Relaxed Planning Graphs 36. Automated Planning: Delete Relaxation Heuristics 36.2 Maximum

2.95k views • 6 slides
Spock Data driven testing RESTful API What is a RESTful API ? A RESTful API is an application

Spock Data driven testing RESTful API What is a RESTful API ? A RESTful API is an application

Spock Data driven testing RESTful API What is a RESTful API ? A RESTful API is an application program interface ( API ) that uses HTTP requests to GET, PUT, POST and DELETE data. RESTful API stucture Endoint Method Type Payload

290 views • 7 slides
Data structures Organize your data to support various queries using little time an space

Data structures Organize your data to support various queries using little time an space

Data structures Organize your data to support various queries using little time an space Example: Inventory Want to support SEARCH INSERT DELETE Given n elements A[1..n] Support SEARCH(A,x) := is x in A? Trivial solution: scan

1.17k views • 100 slides
. are at odds with linear types. More generally, control effects may delete or duplicate por-

. are at odds with linear types. More generally, control effects may delete or duplicate por-

. . Exceptions are invaluable for structured error handling in high-level languages, but they . are at odds with linear types. More generally, control effects may delete or duplicate por- tions of the stack, which, if we are not careful,

805 views • 55 slides
11 th July 2017 &quot;A4rb_standard_band_photo&quot; 20100111 do not delete this Outline

11 th July 2017 &quot;A4rb_standard_band_photo&quot; 20100111 do not delete this Outline

&quot;A4rb_standard_band_photo&quot; 20100111 do not delete this Exploring Opportunities for Increasing the Deployment of Agent Networks in Nigeria Findings from EFInA A2F 2016 Survey 11 th July 2017 &quot;A4rb_standard_band_photo&quot;

498 views • 31 slides

More recommend