foundations of secure networked computing participants: chen-nee chuah joan feigenbaum russell...
TRANSCRIPT
Foundations of Secure Networked Computing
Participants:Chen-Nee ChuahJoan Feigenbaum
Russell ImpagliazzoMatti Kaariainen
Karl LevittScott ShenkerSalil Vadhan
Directions
• Problems raised by networks to be solved by ToNC.
More exciting:• Networking problems can lead ToNC to develop new
theoretical frameworks.
• ToNC can provide new paradigms for thinking about networking.
Where do security & reliability fit?
• First: building & running networks– Security-aware network architecture– Preventing, detecting, and recovering from attacks/failures
• Then: secure applications!– Modern crypto allows information to be used without revealing it– Google: Web search, e-mail, remote data storage– Auctions– E-voting– Databases, datamining– Real-time computing/control– Outsourced/grid computation– And much more…
Cryptography
• Crypto not limited to “transforming data”.
• ToC takes a broad view: secure multiparty computation9 protocols for performing any task in face of adversarial behavior
• Security questions not traditionally addressed – What tasks to allow (privacy)– Denial of service– Cascading failures (critical infrastructure)– Malware (worms, viruses)
Why? Conservative tendency
Extending Scope of Cryptography
• Model of adversary/faults: – monolithic vs. non-colluding– Byzantine vs. random vs. selfish
• Notions of “security”– Traditional crypto: black & white– Quantitative measures – tradeoffs between security, privacy,
reliability, utility, resource depletion– System-wide vs. individual guarantees– What are we protecting - data, resources, channel?
• Want formal models, proofs of security– Don’t forget lessons learned (why we are so conservative)
Security Infrastructure/Architecture
What can be built into a “clean-slate” architecture to enable security & reliability? [FIND/GENI]
• Can make difference between impossible & possible.
• Examples: secure logger, crypto “set-up” assumptions, key infrastructure, randomness beacons, micropayments, anonymous channels, …
• Separation of concerns (protecting channel vs. data, mechanism vs. policy, long-term vs. short-term)
Interactions between Protocols
“Stand-alone” security/reliability/performance not necessarily maintained when protocols executed concurrently in complex network environment.
• Crypto community studying concurrent security, “universal composability”. Far from fully understood.
• Overlay networks optimizing resources (Chen-Nee).
• Dependency graph, predict what will happen.
Specifying/monitoring/verifying security & reliability properties
• Need language for expressing desired properties, and automatic tools for verifying (or designing) protocols & configuration
• Both static properties & real-time behavior– What to measure?– Decide what to monitor when designing architecture/protocols
• Bridge between logic/formal methods, probabilistic/learning models, and crypto.
• Troubleshooting & fault isolation
More
• Network Models– Wireless, optical switches, time-varying– How do these affect security, reliability?
• New Threats– Spam, DoS, clutter– Cascading failures (critical infrastructure)– Worms, viruses, intrusion