Annual Conference of ITA ACITA 2010 Secure Sharing in Distributed Information Management Applications: Problems and Directions Piotr Mardziel, Adam Bender,

Slides:



Advertisements
Similar presentations
Operating System Security
Advertisements

Poster Title Goes Here & Must Match Your Submitted Abstract Title Authors’ Names Go Here (must match those on the submitted abstract) Affiliations go here.
Introduction to Security in Computing Computer and Network Security Semester 1, 2011 Lecture #01.
Critical Data Management Indiana University HR Summit April 24, 2014.
 Introduction  Fundamentals  Capability Security  Challenges in Secure Capability Systems  Revoking Capabilities  Conclusion.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Control of Personal Information in a Networked World Rebecca Wright Boaz Barak Jim Aspnes Avi Wigderson Sanjeev Arora David Goodman Joan Feigenbaum ToNC.
ECE 123/124 Capstone Design Project Design Group MembersClientInstructorYear Department of Electrical & Computer Engineering Font Sizes and Types.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
Social Networking and On-Line Communities: Classification and Research Trends Maria Ioannidou, Eugenia Raptotasiou, Ioannis Anagnostopoulos.
Highlight this text & type in your poster title (44pt recommended) Highlight this text and replace with the authors. You can select to make the text smaller.
Truck & Bus World Forum posters will be displayed for one full day of the conference. The template is already in A0 format (0.841.
Printing Procedure To print, please make sure there is a check mark in the “Scale to Fit Paper” check box in the Print Layout menu. Points to Note The.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
The Protection of Information in Computer Systems Part I. Basic Principles of Information Protection Jerome Saltzer & Michael Schroeder Presented by Bert.
Cryptography, Authentication and Digital Signatures
Information Systems Security Operational Control for Information Security.
Digital Citizenship Created By: Kelli Stinson June 2011.
Secure sharing in distributed information management applications: problems and directions Piotr Mardziel, Adam Bender, Michael Hicks, Dave Levin, Mudhakar.
PHYSICAL ITSECURITY scope. 1.What is password security?. 2.Why can't I tell anyone my password? 3.What about writing my password down 4.Social engineering.
ECE Computer Engineering Design Project 2014 Department of Electrical & Computer Engineering Font Sizes and Types For paragraph text pt text.
8/30/2010CS 686 Definition of Security/Privacy EJ Jung CS 686 Special Topics in CS Privacy and Security.
The RCMP Tech Crime Unit & Information Systems Security Presented to: ISSA January 26, 2005.
PROBABILISTIC PROGRAMMING FOR SECURITY Michael Hicks Piotr (Peter) Mardziel University of Maryland, College Park Stephen Magill Galois Michael Hicks UMD.
Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.
Chap1: Is there a Security Problem in Computing?.
Highlight this text & type in your poster title (44pt recommended) Highlight this text and replace with the authors. You can select to make the text smaller.
Template for a 42”x46” poster presentation: Title font should be at least 80pt Subtitle font should be at least 50pt, Author 1, Author 2, Author 3 College.
This poster has been designed to act as a customisable template. You do not have to use this template but it might be a useful starting point. The poster.
IT Security CS5493(74293). IT Security Q: Why do you need security? A: To protect assets.
KNOWLEDGE-ORIENTED MULTIPARTY COMPUTATION Piotr (Peter) Mardziel, Michael Hicks, Jonathan Katz, Mudhakar Srivatsa (IBM TJ Watson)
Elements of an ICT networks COMMUNICATION DEVICES: 1.Network interface card 2.Hub 3.Switch 4.Router STANDARDS AND PROCEDURES: 1.Enable devices to communicate.
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
Database Security Threats. Database An essential corporate resource Data is a valuable resource Must be strictly controlled, managed and secured May have.
Important Information for financial professionals By using this communication you agree to the following: This communication is provided to you by Principal.
Your title here: Maybe add some pictures and/or school logo on the left authors and affiliation (First names of authors increase interaction potential)
Poster Title Must Have a Subject and a Verb
Author’s Name/s Goes Here
Title of paper for IPIC 2017 Conference
Information Security, Theory and Practice.
Template for a 42”x46” poster presentation:
<Project Title>
Poster Title Goes Here & Must Match Your Submitted Abstract Title
Security Shmuel Wimer prepared and instructed by
Microsoft Office Introduction
<Project Title>
Your title here: Maybe add some pictures and/or school logo on the left authors and affiliation (First names of authors increase interaction potential)
<Project Title>
Highlight this text & type in your poster title (44pt recommended)
<Project Title>
Will you capture their attention?
Title of paper for IPIC 2018 Conference
Database Security &Threats
Enter Poster Title Here
Poster Title Goes Here & Must Match Your Submitted Abstract Title
Title of paper for IPIC 2019 Conference
Author’s Name/s Goes Here
Your title here: Maybe add some pictures and/or school logo on the left authors and affiliation (First names of authors increase interaction potential)
<Project Title>
Title must use font size 16.
Author’s Name/s Goes Here
Your title here: Maybe add some pictures and/or school logo on the left authors and affiliation (First names of authors increase interaction potential)
Poster Title Must Have a Subject and a Verb
Insert your university logo.
Title E-Poster Guidelines Authors Institution Institutional logo
Title of paper for IPIC 2020 Conference
Presentation transcript:

Annual Conference of ITA ACITA 2010 Secure Sharing in Distributed Information Management Applications: Problems and Directions Piotr Mardziel, Adam Bender, Michael Hicks, Dave Levin, Mudhakar Srivatsa*, Jonathan Katz Please use this section of the poster as you see fit. You may wish to consider the following: Make it eye catching – images and colours work well Make sure that any images you use are high enough quality to scale up to the A1 size printed version Ensure the title and authors (in the header, above) match those on the camera-ready version of the paper Not too much text – your poster should have some level of detail, but don’t copy whole sections of the paper in as large blocks of text. Remember your poster will be large (A1) so small fonts will appear tiny in relation to the large size. Headings need to be large (e.g. font size 88) Normal text for bullet points and image titles in the middle (e.g. font size 48) A suggested lower limit on font size is 32. We will convert all received PPT files to PDF to ensure no issues with printing. The PDF version of the poster will be included in the conference proceedings Don’t forget to delete this text from your poster!!! Online social networks Find employment, gain business connections, social capital, improved interaction experience Identity theft Information hub / Collaborative reviewing Improve reputation, gain valuable insights Negative backlash Military Share: potential targets, suspicious activity, technical problems, vulnerabilities Potential for misuse, unauthorized leaks, compromised assets Sharing vs. Not Sharing Sharing (enough) is useful Sharing (too much) can be harmful Not sharing (enough) can be harmful Economic (dis)Incentives Encourage productive sharing Exchange shared data for external value Discourage illicit information release Penalize policy faults via transfer of external value Monetary value Data valuation Measurement (of leaks) Payment schemes One-time payment upon data transfer One-time payment upon data leakage Recurring payment to maintain data use Measurement Principle of Least Sharing Provide mechanism for access to (only) what is needed to achieve utility Simultaneously protect privacy Compute F(x,y) where x, y are private to server and client respectively, reveal neither x nor y Privacy-preserving computation Computational splitting Split F into segments to be performed by the individual parties or fail (cannot split) Secure multiparty computation Recovery of secret inputs computationally infeasible Very inefficient Quantified information flow How much “information” does a query provide? How much do multiple queries provide? Relative entropy Track belief (or view) an attacker might have about private information Belief as a probability distribution over secret data Privacy measure: how accurate is this view? What to do if privacy measure will be violated? Reject query, redact, add noise Relative entropy between belief and truth 1 bit reduction in entropy = doubling of guessing ability Policy: “entropy >= 10 bits” = attacker has 1 in 1024 chance of guessing secret Personal Information broker Keep track of queries and resulting belief changes Reject queries violating information flow restrictions University of Maryland, College Park * IBM Research, TJ Watson How can we encourage sharing and make it secure?