Why Do We Need More Research?

Slides:



Advertisements
Similar presentations
Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.
Advertisements

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
1 Securing the Net: Where the Holes Are Steven M. Bellovin AT&T Labs – Research
1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research
PKI To The Masses IPCCC 2004 Dan Massey USC/ISI. 1 March PKI Is Necessary l My PKI related actions since arriving at IPCCC n Used an.
1 Crashing the Net Steven M. Bellovin AT&T Labs Research
Happy Network Administrators  Happy Packets  Happy Users WIRED Position Statement Aman Shaikh AT&T Labs – Research October 16,
Information Security Fundamentals Major Information Security Problems and Solutions Department of Computer Science Southern Illinois University Edwardsville.
Path Construction “It’s Easy!” Mark Davis. Current WP Scope u Applications that make use of public key certificates have to validate certificate paths.
Lecture 17 Page 1 CS 236, Spring 2008 Advanced Topics in Network Security: IP Spoofing and DDoS CS 236 On-Line MS Program Networks and Systems Security.
1 Border Gateway Protocol (BGP) and BGP Security Jeff Gribschaw Sai Thwin ECE 4112 Final Project April 28, 2005.
1 Host versus Network Security Steven M. Bellovin
1 Security and IPv6 Steven M. Bellovin
DNS Security Risks Section 0x02. Joke/Cool thing traceroute traceroute c
TAG Presentation 18th May 2004 Paul Butler
Key management issues in PGP
Secure Programming Dr. X
DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.
Introduction to Algorithms
Advanced Topics in Network Security: IP Spoofing and DDoS CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Outline Basic concepts in computer security
DNS Security Advanced Network Security Peter Reiher August, 2014
IEEE CyberTrust workshop
CNT 4704 Computer Communication Networking (not “analysis”)
Secure Programming Dr. X
CNT 4704 Computer Communication Networking (not “analysis”)
Click to edit Master subtitle style
Presented by Muhammad Abu Saqer
Parts of a Lab Write-up.
TAG Presentation 18th May 2004 Paul Butler
How to Fix a Norton Security Certificate Problem?
Outline Desirable characteristics of ciphers Uses of cryptography
Certificates An increasingly popular form of authentication
New Strategies and Solutions for Helping Teachers Teach
Certificates A ubiquitous form of authentication
CNT 4704 Computer Communication Networking (not “analysis”)
DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.
Tradeoff Analysis of Strategies for System Qualities
The Issue We all depend on the Internet
Chapter 5 Networks Communicating and Sharing Resources
Security, Cryptography, and Magic
All data occupies physical space, even if we don't think of it as such.
Security for the Web Steven M. Bellovin
Preventing Denial of Service Attacks
Chapter 6 Networks Communicating and Sharing Resources
Our Project
Solving Quadratic Equations by Factoring
Solving Quadratic Equations by Factoring
EECE 310 Software Engineering
The meaning of Reliability and Validity in psychological research
Practical Considerations for Securely Deploying Mobility
Solving Quadratic Equations by Factoring
Certificates An increasingly popular form of authentication
Solving Quadratic Equations by Factoring
Solving Quadratic Equations by Factoring
Equations with One Solution, No Solution, and Infinitely Many Solutions 6x + 3 = 5x + 7 6x + 3 = 6x + 7 6x + 3 = 6x + 3.
CS385T Software Engineering Dr.Doaa Sami
Outline Using cryptography in networks IPSec SSL and TLS.
Introduction to Algorithms
Solving Quadratic Equations by Factoring
Solving Quadratic Equations by Factoring
Advanced Topics in Network Security: IP Spoofing and DDoS CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Solving Quadratic Equations by Factoring
Certificates An increasingly popular form of authentication
SAT Solving Quadratic Equations by Factoring
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.
Operational Requirements for Secured BGP
Solving Quadratic Equations by Factoring
Testing Slides adopted from John Jannotti, Brown University
Presentation transcript:

Why Do We Need More Research? Steven M. Bellovin AT&T Labs Research smb@research.att.com http://www.research.att.com/~smb

What are the Real Problems? Lack of appropriate cryptography. Buggy software. Routing attacks. Environmental issues. We don’t have good solutions for any of these.

Cryptography Need more speed, especially for public key algorithms. Scaling Can we use cryptography ubiquitously? If we do, how do we manage our networks? PKI Scale Revocation Confusion

PKI Confusion Almost no one checks certificates. Most people don’t know what they are, or when to trust them. Lots of expired certificates out there. Some heavily-used software doesn’t check things properly. Will people notice the difference between whitehouse.gov and whitehouse.com? Don’t try the latter from your office, folks...

Can We Afford Cryptography? Cryptography breaks compression. Cryptography breaks assorted network management tools. Cryptography breaks cross-layer techniques that may be needed for quality of service. Cryptography breaks NAT boxes. What are the alternatives for all of these?

Buggy Software 85% of all CERT advisories describe problems that cannot be solved with cryptography. 9 of 13 advisories last year were for buffer overflows. 2 of the remainder described problems in crypto modules. If your software is buggy, how can it be secure? We don’t know how to write correct code!

Routing Attacks Routers believe their neighbors. If its neighbors lie, a router can be deceived about the proper route, thus allowing eavesdropping, hijacking, denial of service, etc. Such “attacks” have already happened accidentally. Doing it deliberately isn’t very hard. Proposed solutions don’t seem to scale.

Environmental Problems Running a large network is hard. “The amount of clue is constant, but the Internet is growing.” Operational errors often translate into security problems. We build our systems out of unreliable, untrustworthy COTS components -- but we want systems to be reliable and trustworthy.

Challenges Learn how to use cryptography. Learn how to write correct code. Secure the routing infrastructure. Make systems that are powerful yet simple to use. “If we knew the answer, it wouldn’t be research.”

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.