outsourcing mobile security in the cloud
play

Outsourcing Mobile Security in the Cloud Gatan Hurel - PowerPoint PPT Presentation

Dec 04, 2023 •19 likes •299 views

Outsourcing Mobile Security in the Cloud Gatan Hurel <gaetan.hurel@inria.fr> Rmi Badonnel <remi.badonnel@loria.fr> Abdelkader Lahmadi <abdelkader.lahmadi@loria.fr> Olivier Festor <olivier.festor@inria.fr> Gatan Hurel

  1. Outsourcing Mobile Security in the Cloud Gaëtan Hurel <gaetan.hurel@inria.fr> Rémi Badonnel <remi.badonnel@loria.fr> Abdelkader Lahmadi <abdelkader.lahmadi@loria.fr> Olivier Festor <olivier.festor@inria.fr> Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 1 / 20

  2. Plan Introduction Related work Mobile Security as a Service Preliminary results Conclusions Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 2 / 20

  3. Context Ubiquity of mobile devices – large-scale deployment – mainly smartphones and tablets source: IDC analytics 2013 Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 3 / 20

  4. Context Ubiquity of mobile devices – large-scale deployment – mainly smartphones and tablets source: IDC analytics 2013 Mobile malware increase – devices carry sensitive and valuable information – numerous attacks & infection vectors source: Juniper mobile threat report 2013 Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 3 / 20

  5. Traditional mobile security On-device approaches: – dedicated applications installed on the smartphones – security checks mainly based on devices’ resources Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 4 / 20

  6. Traditional mobile security On-device approaches: – dedicated applications installed on the smartphones – security checks mainly based on devices’ resources Limits of on-device security approaches – resource consumption – installation, configuration & maintenance – users’ awareness and involvement Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 4 / 20

  7. Traditional mobile security On-device approaches: – dedicated applications installed on the smartphones – security checks mainly based on devices’ resources Limits of on-device security approaches – resource consumption – installation, configuration & maintenance – users’ awareness and involvement ⇒ How to efficiently provide security for mobile = devices using cloud-based mechanisms? Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 4 / 20

  8. Plan Introduction Related work Mobile Security as a Service Preliminary results Conclusions Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 5 / 20

  9. Virtualization and cloning methods Virtual replicas of real devices [1] – execution traces and traffic mirroring from real devices – real devices’ activity replayed on replicas – detecting threats on replicas, applying protections on devices Virtual mobile instances (VMI) [2] – with larger resources to host complex applications – accessed by real devices to execute those applications – dedicated monitoring subsystem to detect anomalies within VMIs Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 6 / 20

  10. Mobile security functions outsourcing Pure cloud-based outsourcing – e.g. application firewall [3], antivirus [4] SDN-based outsourcing [5] – leverages network controller’s global view – security checks transparently applied on traffic NFV-based outsourcing [6] – dynamic deployment of middleboxes in the cloud using virtualization – not dedicated to mobile security, but shows the potentiality of the cloud Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 7 / 20

  11. Motivation Limitations of current cloud-based approaches: – focus on specific instance(s) of the whole security threats set – lack of flexibility and contextualization regarding how and when to use them Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 8 / 20

  12. Motivation Limitations of current cloud-based approaches: – focus on specific instance(s) of the whole security threats set – lack of flexibility and contextualization regarding how and when to use them Security threats may vary depending on context: – time and space (e.g. malware trends, attached network) – applications (e.g. gaming, banking) – remote destinations (e.g. unknown/well-known server) Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 8 / 20

  13. Motivation Limitations of current cloud-based approaches: – focus on specific instance(s) of the whole security threats set – lack of flexibility and contextualization regarding how and when to use them Security threats may vary depending on context: – time and space (e.g. malware trends, attached network) – applications (e.g. gaming, banking) – remote destinations (e.g. unknown/well-known server) – ... Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 8 / 20

  14. Plan Introduction Related work Mobile Security as a Service Preliminary results Conclusions Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 9 / 20

  15. Proposed approach Dynamic composition of mobile security functions in the cloud: – outsource mobile security functions in the cloud – dynamically select and activate security functions – transparently link and instantiate compositions of security functions Main enablers: – Network Function Virtualization (NFV) – Software-Defined Networking (SDN/Openflow) Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 10 / 20

  16. Our cloud-based mobile security architecture A new cloud-based architecture to: – host a large set of mobile security functions – build and deploy tailored security compositions depending on context and risks Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 11 / 20

  17. Key entities Involves three entities: – the mobile device with running applications and a virtual OpenFlow-based switch – the security manager - in cloud infrastructure - to manage outsourced security functions – the remote dest. interacting with the mobile device Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 12 / 20

  18. Main idea An application wants to communicate with a (new) dest. : 1. the switch probes the OpenFlow controller 2. the security manager possibly activates new security functions 3. the controller links those functions and build a tailored composition 4. the controller notifies the switch of the resulting composition 5. the switch makes traffic pass through the security composition Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 13 / 20

  19. Plan Introduction Related work Mobile Security as a Service Preliminary results Conclusions Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 14 / 20

  20. Our first outsourced security function Implementation of a configuration checker for mobile devices [7]. Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 15 / 20

  21. Our first outsourced security function - cont’d Outsourced configuration checker: – based on the OVAL standard – remotely checks configuration of mobile devices – detects vulnerable states – implements a probabilistic model to efficiently schedule assessments Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 16 / 20

  22. Our first outsourced security function - cont’d Outsourced configuration checker: – based on the OVAL standard – remotely checks configuration of mobile devices – detects vulnerable states – implements a probabilistic model to efficiently schedule assessments → Collected information about vulnerable − configurations can be exploited by the security manager Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 16 / 20

  23. Plan Introduction Related work Mobile Security as a Service Preliminary results Conclusions Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 17 / 20

  24. Summary Mobile security is a critical issue – mobile devices largely deployed – numerous privacy and security issues – on-device security approaches limits Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 18 / 20

  25. Summary Mobile security is a critical issue – mobile devices largely deployed – numerous privacy and security issues – on-device security approaches limits Cloud + NFV + SDN = efficient mobsec outsourcing – reduction of devices’ resources usage – dynamic security depending on context and risks – transparent deployment from an end-user view Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 18 / 20

  26. Future work Mathematical modeling: – investigate compositions mechanisms – determination of cost (resources), quality and complexity of compositions – tradeoffs between on-device and in-cloud security functions Gaëtan Hurel INRIA NGE, FP7 Flamingo project Outsourcing Mobile Security in the Cloud 19 / 20

Recommend

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing Storage Computation High availability No maintenance Decreased Costs Elasticity &amp; Flexibility Security and Privacy for Cloud

529 views • 36 slides
Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

CS573 Data Privacy and Security Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted data Homomorphic encryption What is Cloud Computing ? Cloud computing Type of computing that relies on sharing

1.29k views • 62 slides
Mobile Applications and Cloud Computing Mobile Applications and Cloud Computing 2015 Leonardo

Mobile Applications and Cloud Computing Mobile Applications and Cloud Computing 2015 Leonardo

Security aspects in Mobile Applications and Cloud Computing Mobile Applications and Cloud Computing 2015 Leonardo Aniello, Ph.D. aniello@dis.uniroma1.it Outline Security aspects in mobile applications Current situation Security

460 views • 30 slides
Verifiable Cloud Outsourcing for Network Func9ons (+

Verifiable Cloud Outsourcing for Network Func9ons (+

Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services) Vyas Sekar vNFO joint with Seyed Fayazbakhsh,

434 views • 28 slides
Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security, a major concern for cloud users. Privacy. Trust. Operating systems

661 views • 38 slides
Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a

Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a

Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a computationally weak client to outsource its computation to an untrusted server. = () Main security concerns: 1. Correctness:

377 views • 4 slides
The Cloud, Mobile and BYOD Security Opportunity with SurePassID Presentation for MSPs and MSSPs

The Cloud, Mobile and BYOD Security Opportunity with SurePassID Presentation for MSPs and MSSPs

The Cloud, Mobile and BYOD Security Opportunity with SurePassID Presentation for MSPs and MSSPs January 2014 SurePassID At A Glance Founded 2009 Headquartered in Orlando, FL 6 sales offices in North America, Europe and Asia

661 views • 17 slides
CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Mobile Security Issues Introduction So many cool mobile apps Access to web, personal information, social media, etc

1.05k views • 55 slides
Security &amp; Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik,

Security &amp; Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik,

Security &amp; Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik, Preeti Aggarwal and Shilpa Bahl Ansal University, Gurgaon- 122011, India 1 mmchaturvedi@ansaluniversity.edu.in Indian Context The potential uptake

1.27k views • 28 slides
Total Workforce Shared Services &amp; Outsourcing Solution Integrated Enterprise Cloud Solutions

Total Workforce Shared Services &amp; Outsourcing Solution Integrated Enterprise Cloud Solutions

Total Workforce Shared Services &amp; Outsourcing Solution Integrated Enterprise Cloud Solutions Powered by NetAIMS@Cloud Presented by: Dr. Saw Lean Joo LJS Technology Sdn Bhd. Access Any Time Any Where.. In the World Introduction To

558 views • 33 slides
Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the

Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the

Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the Cloud? How the Cloud is delivered: Iaas, PaaS and SaaS Cloud security challenges and risk Current Cloud security report Cloud security technology

302 views • 27 slides
Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined) Administrative discussions Stephen McCamant University of Minnesota Multi-Cloud Oblivious Storage Old and new topics in security Cloud threats, old and new

645 views • 8 slides
1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

Agenda Related Polices to Cloud Computing I. Guidelines for Information Security of Cloud II. Computing Cloud Security Certification Scheme in KOREA Cloud Security Certification Program in Korea III. April. 11, 2017 Jungduk (JD) KIM, Ph.

403 views • 5 slides
Verifiability for Cloud Storage and Computation Melek nen July 5th, 2016 Lorient Joint

Verifiability for Cloud Storage and Computation Melek nen July 5th, 2016 Lorient Joint

Verifiability for Cloud Storage and Computation Melek nen July 5th, 2016 Lorient Joint work with Monir Azraoui, Kaoutar Elkhiyaoui, Refik Molva Cloud Outsourcing Storage and Computation Data storage Data processing [Cloud Security

393 views • 23 slides
What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017 Dan S. Wallach , Rice University tl;dr The computers inside the computer Every chip has one or more CPUs inside; they have exploitable bugs

1.23k views • 87 slides
Embark: Securely Outsourcing Middleboxes to the Cloud Chang Lan, Justine Sherry, Raluca Ada

Embark: Securely Outsourcing Middleboxes to the Cloud Chang Lan, Justine Sherry, Raluca Ada

Embark: Securely Outsourcing Middleboxes to the Cloud Chang Lan, Justine Sherry, Raluca Ada Popa, Sylvia Ratnasamy, Zhi Liu UC Berkeley Tsinghua University 1 Background Middleboxes are prevalent and problematic Number of Middleboxes

572 views • 40 slides
Embark: Securely Outsourcing Middleboxes to the Cloud Chang Lan, Justine Sherry, Raluca Ada

Embark: Securely Outsourcing Middleboxes to the Cloud Chang Lan, Justine Sherry, Raluca Ada

Embark: Securely Outsourcing Middleboxes to the Cloud Chang Lan, Justine Sherry, Raluca Ada Popa, Sylvia Ratnasamy, Zhi Liu UC Berkeley Tsinghua University 1 Background Middleboxes are prevalent and problematic Number of Middleboxes

1.31k views • 44 slides
Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come from? Why Cloud? Cloud for small, medium, enterprise, and government Barriers to adoption Embracing Cloud Social Mobile Cloud

972 views • 45 slides
Doubly Efficient Interactive Proofs Ron Rothblum Outsourcing Computation Weak client outsources

Doubly Efficient Interactive Proofs Ron Rothblum Outsourcing Computation Weak client outsources

Doubly Efficient Interactive Proofs Ron Rothblum Outsourcing Computation Weak client outsources computation to the cloud. = () Outsourcing Computation We do not want to blindly trust the cloud. = () Key

462 views • 21 slides
OFS: An Overlay File System for Cloud-Assisted Mobile Applications Jianchen Shan, Nafize R.

OFS: An Overlay File System for Cloud-Assisted Mobile Applications Jianchen Shan, Nafize R.

OFS: An Overlay File System for Cloud-Assisted Mobile Applications Jianchen Shan, Nafize R. Paiker, Xiaoning Ding, Narain Gehani, Reza Curtmola, Cristian Borcea Mobile apps need cloud assistance Mobile devices have limited resources

559 views • 33 slides
Outsourcing Decisions in Mobile Image Processing Oslo 27.04.2012 Outline 5/2/2012 Team

Outsourcing Decisions in Mobile Image Processing Oslo 27.04.2012 Outline 5/2/2012 Team

Power and Latency Impacts of Outsourcing Decisions in Mobile Image Processing Oslo 27.04.2012 Outline 5/2/2012 Team members Introduction Application description Test Environment Measurements and results Analysis of the

312 views • 27 slides
Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of

Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of

Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of Tsukuba, Japan JST CREST Secure Outsourcing GWAS Secure computation [Cloud] Outline of our solution [data holder] Secure

381 views • 19 slides
Why Phishing is Different on Mobile Aaron Cockerill Gartner Security &amp; Risk Management Summit

Why Phishing is Different on Mobile Aaron Cockerill Gartner Security &amp; Risk Management Summit

Why Phishing is Different on Mobile Aaron Cockerill Gartner Security &amp; Risk Management Summit 2018 1 The world has changed The corporate data center is in the cloud Starbucks is the new corporate Wi-Fi Employees have all gone mobile

733 views • 37 slides
OVERSEE: Outsourcing Verification to Enable Resource Sharing in Edge Environment Reporter:

OVERSEE: Outsourcing Verification to Enable Resource Sharing in Edge Environment Reporter:

OVERSEE: Outsourcing Verification to Enable Resource Sharing in Edge Environment Reporter: Xiaoqing Cai August 2020 From Cloud to Edge Cloud Computing Edge Computing Low Latency Lack of Resources Cloud Computing Edge Computing No More

582 views • 17 slides

More recommend