lecture outline
play

Lecture Outline Announcements: Homework for next week out by this - PowerPoint PPT Presentation

Aug 26, 2022 •432 likes •840 views

Lecture Outline Announcements: Homework for next week out by this evening Guest lecture a week from Friday Bill Marczak on Abusive Surveillance Today: broader notions relating to authentication Architecting to resist

  1. Lecture Outline • Announcements: – Homework for next week out by this evening – Guest lecture a week from Friday • Bill Marczak on Abusive Surveillance • Today: broader notions relating to authentication – Architecting to resist subverted clients – Imprinting – Multi-party identities (Ecommerce, web advertising) – Bot-or-Not (CAPTCHAs)

  2. Architecting to Resist Subverted Clients

  3. Threats? • Sniffing, MITM (network; app-level relay) ⇒ Theft of password and/or authenticator • 3 rd -party manipulation of automation – E.g. CSRF (browser fetching of images) – E.g. XSS (browser execution of JS replies) • Password security – Blind guessing / bruteforcing – Reuse (breaches) – Phishing • Compromised client: hijacking

  4. Tackling Transaction Generators? • How about using a separate system? – Very inconvenient • Desired properties: – Compatible w/ existing legacy OS’s – Can run general web applications – No need to trust host OS – Small TCB: attestable via TPM

  5. Cloud Terminal Architecture Trusted hypervisor mediates all physical I/O events

  6. Cloud Terminal Architecture Only hypervisor has access to user’s credentials: the user doesn’t know their own passwords

  7. Cloud Terminal Architecture User signals Hypervisor to begin a secure session using a specific hardware keystroke combination (“Secure Attention Key”)

  8. Cloud Terminal Architecture Upon this request, a “thin client” UI runs in the hypervisor context (= trusted)

  9. Cloud Terminal Architecture It’s locked down to only talk to services previously registered with the Hypervisor – user can’t be phished

  10. Cloud Terminal Architecture After selecting which service to interact with (e.g., user’s bank ), Hypervisor interacts using untrusted host OS for networking & storage

  11. Cloud Terminal Architecture Doing so reduces TCB

  12. Cloud Terminal Architecture End-to-end encryption obviates need to trust host OS; only threat is DoS

  13. Cloud Terminal Architecture Hypervisor ensures authenticity of remote service by (correctly) validating TLS certificate

  14. Cloud Terminal Architecture Hypervisor authenticates user to service using password in key store

  15. Cloud Terminal Architecture Remote service (e.g., user’s bank ) renders interaction UI locally using kiosk software

  16. Cloud Terminal Architecture UI is presented to user using VNC- style low-level frame buffer protocol

  17. Cloud Terminal Architecture Rendered directly into video hardware by RUI client + hypervisor

  18. Cloud Terminal Architecture Malware has no capability to observe what’s displayed

  19. Cloud Terminal Architecture User interacts using physical hardware events mediated by hypervisor directly to RUI client

  20. Cloud Terminal Architecture Malware has no opportunity to influence interaction

  21. Tackling Transaction Generators • Desired properties: – Compatible w/ existing legacy OS’s • They run in VMs controlled by hypervisor – Can run general web applications • Anything that remote site can render into VNC-style framebuffer protocol – No need to trust host OS • Hypervisor provides strong isolation – Small TCB: attestable via TPM • Working implementation: 22 KLOC

  22. Architectural Elements? • Abstractions: – Interactions via “dumb” separate terminal • Placement of functionality: – Move rendering into controlled environment – Add trusted hypervisor w/ local secrets/smarts – Require interactions to come from physical hardware – Use E2E principle to leverage untrustworthy code • State: – Isolated to trusted component • Naming: – Use existing PKI system + TPM

  23. Imprinting

  24. Device Authentication: IOT For IOT device + home controller, want secure, impermanent associations. Impermanent: so you can sell your device but a thief cannot.

  25. Resurrecting Duckling Imprinting on Mother: Device shares key on 1 st contact with controller Metempsychosis: Upon death, soul progresses to a new body Reverse metempsychosis: Upon death, new soul can enter the body Resistance to assassination: Only mother can kill her ducklings Escrowed seppuku: Thief can’t “kill” device ⇒ no utility for anyone Manufacturer can kill too who buys it from them

  26. https://www.citrix.com/blogs/2015/04/20/resurrecting-duckling-a-model-for-securing-iot-devices/

  27. Imprinting in Other Contexts • What is SSH’s PKI model? – It doesn’t have one: Leap-of-Faith • Pros: – Ease of deployment • Cons: – Security properties require users to non-satisfice – No revocation model – Disaster if attacker gets there first

  28. Persistent Ungrounded Identity • Idea: systems generate (unanchored!) public key and consistently include it w/ (signed) messages – Provides recipient a lever for “ this is the same entity I talked with previously ” … – … even though actual identity (“persona”) not known “Assurance through continuity”

  29. Persistent Ungrounded Identity • Idea: systems generate (unanchored!) public key and consistently include it w/ (signed) messages – Provides recipient a lever for “ this is the same entity I talked with previously ” … – … even though actual identity (“persona”) not known • E.g.: consistently sign your email/texts – Recipient can associate reputation w/ each persona, use them for whitelisting – User can migrate persona to additional systems • E.g.: use for SBGP instead of a PKI – Game theory result: deployment gains a network effect

  30. Persistent Ungrounded Identity • Idea: systems generate (unanchored!) public key and consistently include it w/ (signed) messages – Provides recipient a lever for “ this is the same entity I talked with previously ” … Issues? – … even though actual identity (“persona”) not known Key compromise is a disaster • E.g.: consistently sign your email/texts No apparent handle for revocation – Recipient can associate reputation w/ each persona, use them for whitelisting – User can migrate persona to additional systems • E.g.: use for SBGP instead of a PKI – Game theory result: deployment gains a network effect

  31. Multi-Party Identities

  32. Cashier-as-a-Service (CAAS) Abstract Ecommerce workflow: 1. Shopper surfs Merchant’s site 2. Shopper sends over …/place_order.html 3. Merchant sends back redir. to CAAS.com 4. Shopper interacts with CAAS 5. CAAS interacts with Merchant 6. CAAS redirects shopper back to Merchant

  33. CAAS Attack #1 ? S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment?orderID= X &price= Y [ C records payment info, generates transaction # T ] C ⟶ S ⟶ M: finish?transID= T [ M contacts C for identifer X associated w/ T ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ] Note: we view Merchant and Cashier as trustworthy. The Shopper , OTOH …

  34. CAAS Attack #1 ! S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment?orderID= X &price= Y [ C records payment info, generates transaction # T ] C ⟶ S ⟶ M: finish?transID= T [ M contacts C for identifer X associated w/ T ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ]

  35. CAAS Scheme #2 ? S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment?orderID= X &price= Y [ C records payment info, generates transaction # T ] C ⟶ S ⟶ M: finish?transID= T [ M contacts C for identifer X associated w/ T ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ]

  36. CAAS Attack #2 ? S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment?SIGN M (ID= X ,price= Y ) [ C verifies signature; records payment info, generates # T ] C ⟶ S ⟶ M: finish?SIGN C (ID= X ,price= Y , PAID ) [ M verifies signature and PAID is indicated ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ]

  37. CAAS Attack #2 ! S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment?SIGN M ' (ID= X ,price= Y ) [ C verifies signature; records payment info, generates # T ] C ⟶ S ⟶ M: finish?SIGN C (ID= X ,price= Y , PAID ) [ M verifies signature and PAID is indicated ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ] Shopper colludes with another merchant M' to get a signature on same identifier X for price Y … without having to ultimately pay

  38. Fix for CAAS Attack #2 S ⟶ M: place_order.html [ M inserts ID and price into database; status= PENDING ] M ⟶ S ⟶ C: get_payment? SIGN M (ID= X ,price= Y ,merch= M ) [ C verifies signature; records payment info, generates # T ] C ⟶ S ⟶ M: finish? SIGN C (ID= X ,price= Y ,merch= M , PAID ) [ M verifies signature and PAID is indicated, etc. ] [ M retrieves orderID= X from database; if order status = PENDING → mark as PAID ; ship X ]

Recommend

18.175: Lecture 4 Integration Scott Sheffield MIT 1 18.175 Lecture 4 Outline Integration

18.175: Lecture 4 Integration Scott Sheffield MIT 1 18.175 Lecture 4 Outline Integration

18.175: Lecture 4 Integration Scott Sheffield MIT 1 18.175 Lecture 4 Outline Integration Expectation 2 18.175 Lecture 4 Outline Integration Expectation 3 18.175 Lecture 4 Recall definitions Probability space is triple ( , F , P ) where

451 views • 11 slides
Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4

Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4

Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4 Basics of Feedback Control Robert Babu ska Today: Steady-state response. Delft Center for Systems and Control Faculty of Mechanical

388 views • 7 slides
Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11

Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11

Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11 State-space models and state feedback control (We are finished with frequency domain methods.) Robert Babu ska Today: Delft Center for

452 views • 6 slides
Lecture Outline Regeltechniek Lecture 1 Introduction Information about the course.

Lecture Outline Regeltechniek Lecture 1 Introduction Information about the course.

Lecture Outline Regeltechniek Lecture 1 Introduction Information about the course. Robert Babu ska Why is control essential. Delft Center for Systems and Control Faculty of Mechanical Engineering Basic elements of feedback.

403 views • 11 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, stability, stability

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, stability, stability

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, stability, stability margins. Lecture 9 Lead and Lag Compensators Robert Babu ska Today: PID controller design. Delft Center for Systems and Control Faculty

447 views • 8 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: PID controller design, lead and

Lecture Outline Systeem- en Regeltechniek II Previous lecture: PID controller design, lead and

Lecture Outline Systeem- en Regeltechniek II Previous lecture: PID controller design, lead and lag compen- Lecture 10 Nyquist plot and stability criterium sators. Robert Babu ska Today: Delft Center for Systems and Control Nyquist

444 views • 7 slides
18.175: Lecture 17 Poisson random variables Scott Sheffield MIT 18.175 Lecture 16 1 Outline More

18.175: Lecture 17 Poisson random variables Scott Sheffield MIT 18.175 Lecture 16 1 Outline More

18.175: Lecture 17 Poisson random variables Scott Sheffield MIT 18.175 Lecture 16 1 Outline More on random walks and local CLT Poisson random variable convergence Extend CLT idea to stable random variables 18.175 Lecture 16 2 Outline More on

225 views • 21 slides
Semantics & Verification Lecture 13 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 13 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 13 Gerd Behrmann Outline of remaining lectures Lecture 9: Modelling real time system Lecture 10: More on Uppaal + mini projects Lecture 11: Mini projects Lecture 12: Verification of timed

589 views • 31 slides
Semantics & Verification Lecture 14 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 14 Gerd Behrmann Outline of remaining lectures Lecture

Semantics & Verification Lecture 14 Gerd Behrmann Outline of remaining lectures Lecture 9: Modelling real time system Lecture 10: More on Uppaal + mini projects Lecture 11: Mini projects Lecture 12: Verification of timed

779 views • 42 slides
Lecture Outline Regeltechniek Previous lecture: representation of dynamic models, transfer func-

Lecture Outline Regeltechniek Previous lecture: representation of dynamic models, transfer func-

Lecture Outline Regeltechniek Previous lecture: representation of dynamic models, transfer func- Lecture 3 Stability analysis and transient response tions and state-space models. Robert Babu ska Today: Delft Center for Systems and

266 views • 8 slides
Lecture 2 (I ): Lecture 2 (I ): Pipelining & Retiming Pipelining & Retiming

Lecture 2 (I ): Lecture 2 (I ): Pipelining & Retiming Pipelining & Retiming

Lecture 2 (I ): Lecture 2 (I ): Pipelining & Retiming Pipelining & Retiming Hsie-Chia Chang E-mail : hcchang@mail.nctu.edu.tw Fall 2006 Outline Outline Pipelining of FI R Digital filters Data-Broadcast Structures

453 views • 28 slides
15-780 Graduate AI: Lecture 1: Introduction and Logistics J. Zico Kolter (this lecture),

15-780 Graduate AI: Lecture 1: Introduction and Logistics J. Zico Kolter (this lecture),

15-780 Graduate AI: Lecture 1: Introduction and Logistics J. Zico Kolter (this lecture), Nihar Shah Carnegie Mellon University Spring 2020 1 Outline What is Artificial Intelligence? A brief history of AI Course logistics 2 Outline

580 views • 36 slides
Lecture Outline Regeltechniek Previous lecture: Root locus, frequency response derivation.

Lecture Outline Regeltechniek Previous lecture: Root locus, frequency response derivation.

Lecture Outline Regeltechniek Previous lecture: Root locus, frequency response derivation. Lecture 7 Frequency Response, Bode Plots Robert Babu ska Today: Handout for the remaining computer sessions. Delft Center for Systems and

332 views • 6 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: The root locus method, analysis,

Lecture Outline Systeem- en Regeltechniek II Previous lecture: The root locus method, analysis,

Lecture Outline Systeem- en Regeltechniek II Previous lecture: The root locus method, analysis, design. Lecture 6 Root Locus, Frequency Response Robert Babu ska Today: Remarks on the computer session. Delft Center for Systems and

226 views • 6 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, non-minimum-phase

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, non-minimum-phase

Lecture Outline Systeem- en Regeltechniek II Previous lecture: Bode plots, non-minimum-phase systems. Lecture 8 Frequency Domain Design Robert Babu ska Today: Bodes gain-phase relation. Delft Center for Systems and Control

109 views • 7 slides
Outline of the lecture Outline of the lecture Inequality and income The inverted-U

Outline of the lecture Outline of the lecture Inequality and income The inverted-U

Questions that we will discuss today Take historically given an initial distribution of assets, but then Inequality and Development Week 10 T k hi i ll i i i i l di ib i f b h ask the question: March 12 Do inequalities

180 views • 16 slides
The Hidden Markov The Hidden Markov Model (HMM) Model (HMM) 1 Lecture Outline Lecture Outline

The Hidden Markov The Hidden Markov Model (HMM) Model (HMM) 1 Lecture Outline Lecture Outline

Digital Speech Processing Digital Speech Processing Lecture 20 Lecture 20 The Hidden Markov The Hidden Markov Model (HMM) Model (HMM) 1 Lecture Outline Lecture Outline Theory of Markov Models discrete Markov processes

991 views • 87 slides
Lecture Outline Strengthening Induction Hypothesis. Lecture Outline Strengthening Induction

Lecture Outline Strengthening Induction Hypothesis. Lecture Outline Strengthening Induction

Lecture Outline Strengthening Induction Hypothesis. Lecture Outline Strengthening Induction Hypothesis. Strong Induction Lecture Outline Strengthening Induction Hypothesis. Strong Induction Well ordered principle. Tutoring Option. How does

1.73k views • 154 slides
Lecture Outline Systeem- en Regeltechniek II Previous lecture: State-space models,

Lecture Outline Systeem- en Regeltechniek II Previous lecture: State-space models,

Lecture Outline Systeem- en Regeltechniek II Previous lecture: State-space models, representation, pole place- Lecture 12 State-space models and state feedback control ment. Robert Babu ska Today: Delft Center for Systems and Control

233 views • 6 slides
Game Theory -- Lecture 1 Patrick Loiseau EURECOM Fall 2016 1 Lecture 1 outline 1.

Game Theory -- Lecture 1 Patrick Loiseau EURECOM Fall 2016 1 Lecture 1 outline 1.

Game Theory -- Lecture 1 Patrick Loiseau EURECOM Fall 2016 1 Lecture 1 outline 1. Introduction 2. Definitions and notation Game in normal form Strict and weak dominance 3. Iterative deletion of dominated strategy A first model

962 views • 49 slides
18.175: Lecture 30 Markov chains Scott Sheffield MIT 1 18.175 Lecture 30 Outline Review what you

18.175: Lecture 30 Markov chains Scott Sheffield MIT 1 18.175 Lecture 30 Outline Review what you

18.175: Lecture 30 Markov chains Scott Sheffield MIT 1 18.175 Lecture 30 Outline Review what you know about finite state Markov chains Finite state ergodicity and stationarity More general setup 2 18.175 Lecture 30 Outline Review what you know

701 views • 21 slides
18.175: Lecture 31 More Markov chains Scott Sheffield MIT 1 18.175 Lecture 31 Outline

18.175: Lecture 31 More Markov chains Scott Sheffield MIT 1 18.175 Lecture 31 Outline

18.175: Lecture 31 More Markov chains Scott Sheffield MIT 1 18.175 Lecture 31 Outline Recollections General setup and basic properties Recurrence and transience 2 18.175 Lecture 31 Outline Recollections General setup and basic properties

430 views • 19 slides
18.175: Lecture 26 More on martingales Scott Sheffield MIT 18.175 Lecture 26 1 Outline Conditional

18.175: Lecture 26 More on martingales Scott Sheffield MIT 18.175 Lecture 26 1 Outline Conditional

18.175: Lecture 26 More on martingales Scott Sheffield MIT 18.175 Lecture 26 1 Outline Conditional expectation Regular conditional probabilities Martingales Arcsin law, other SRW stories 18.175 Lecture 26 2 Outline Conditional expectation Regular

449 views • 23 slides
Lecture 1: Overview Lecture 1: Overview Hsie-Chia Chang E-mail :

Lecture 1: Overview Lecture 1: Overview Hsie-Chia Chang E-mail :

Lecture 1: Overview Lecture 1: Overview Hsie-Chia Chang E-mail : hcchang@mail.nctu.edu.tw Fall 2006 Outline Outline Typical DSP Algorithm Convolution Correlation Digital Filter Adaptive Filter Decimator and

468 views • 26 slides

More recommend