Ebrahim Tarameshloo, Philip W.L.Fong, Payman Mohassel University of Calgary Calgary, Alberta, Canada {etarames, pwlfong, On Protection.

Slides:



Advertisements
Similar presentations
NRL Security Architecture: A Web Services-Based Solution
Advertisements

Operating System Security
Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.
Using Multi-Encryption to Provide Secure and Controlled Access to XML Documents Tomasz Müldner, Jodrey School of Computer Science, Acadia University, Wolfville,
High Performance Computing Course Notes Grid Computing.
Access Control Methodologies
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Using XACML Policies to Express OAuth Scope Hal Lockhart Oracle June 27, 2013.
Trusted Hardware: Can it be Trustworthy? Design Automation Conference 5 June 2007 Karl Levitt National Science Foundation Cynthia E. Irvine Naval Postgraduate.
Privacy in Social Networks CSCE 201. Reading Dwyer, Hiltz, Passerini, Trust and privacy concern within social networking sites: A comparison of Facebook.
Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
DISTRIBUTED CONSISTENCY MANAGEMENT IN A SINGLE ADDRESS SPACE DISTRIBUTED OPERATING SYSTEM Sombrero.
Using Digital Credentials On The World-Wide Web M. Winslett.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
1 Clark Wilson Implementation Shilpa Venkataramana.
ICS (072)Database Systems Background Review 1 Database Systems Background Review Dr. Muhammad Shafique.
Control of Personal Information in a Networked World Rebecca Wright Boaz Barak Jim Aspnes Avi Wigderson Sanjeev Arora David Goodman Joan Feigenbaum ToNC.
1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.
Course Instructor: Aisha Azeem
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Audumbar Chormale Advisor: Dr. Anupam Joshi M.S. Thesis Defense
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
TOWARDS IDENTITY ANONYMIZATION ON GRAPHS. INTRODUCTION.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
XACML Gyanasekaran Radhakrishnan. Raviteja Kadiyam.
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
Cong Wang1, Qian Wang1, Kui Ren1 and Wenjing Lou2
Database Design - Lecture 1
Selective and Authentic Third-Party distribution of XML Documents - Yashaswini Harsha Kumar - Netaji Mandava (Oct 16 th 2006)
Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.
Monitoring Architecture for Lawful Interception in VoIP Networks Second International Conference on Internet Monitoring and Protection (ICIMP 2007), IEEE.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
TRUST NEGOTIATION IN ONLINE BUSINESS TRANSACTIONS BY CHANDRAKANTH REDDY.
Designing Active Directory for Security
1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.
The Data Grid: Towards an Architecture for the Distributed Management and Analysis of Large Scientific Dataset Caitlin Minteer & Kelly Clynes.
Introduction to: 1.  Goal[DEN83]:  Provide frequency, average, other statistics of persons  Challenge:  Preserving privacy[DEN83]  Interaction between.
An Algebra for Composing Access Control Policies (2002) Author: PIERO BONATTI, SABRINA DE CAPITANI DI, PIERANGELA SAMARATI Presenter: Siqing Du Date:
1 Dept of Information and Communication Technology Creating Objects in Flexible Authorization Framework ¹ Dep. of Information and Communication Technology,
Secure Sensor Data/Information Management and Mining Bhavani Thuraisingham The University of Texas at Dallas October 2005.
1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.
Georgios Kontaxis‡, Michalis Polychronakis‡, Angelos D. Keromytis‡, and Evangelos P.Markatos* ‡Columbia University and *FORTH-ICS USENIX-SEC (August, 2012)
WP3: Provenance and Access Policies Giorgos Flouris (FORTH) - Irini Fundulaki (CWI & FORTH) -
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks gLite Authorization Service: Technical Overview.
Legion - A Grid OS. Object Model Everything is object Core objects - processing resource– host object - stable storage - vault object - definition of.
Topic Distributed DBMS Database Management Systems Fall 2012 Presented by: Osama Ben Omran.
Securing Angular Apps Brian Noyes
1/14/ :59 PM1/14/ :59 PM1/14/ :59 PM Research overview Koen Victor, 12/2007.
Multiparty Access Control for Online Social Networks : Model and Mechanisms.
Introduction to Active Directory
Functioning as a Business Associate Under HIPAA William F. Tulloch Director, PCBA March 9, 2004.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Data Models. 2 The Importance of Data Models Data models –Relatively simple representations, usually graphical, of complex real-world data structures.
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
Chapter 29: Program Security Dr. Wayne Summers Department of Computer Science Columbus State University
Artificial Intelligence Logical Agents Chapter 7.
Database Principles: Fundamentals of Design, Implementation, and Management Chapter 1 The Database Approach.
Lesson 14: Configuring File and Folder Access MOAC : Configuring Windows 8.1.
Dr. Ir. Yeffry Handoko Putra
Lan Zhou, Vijay Varadharajan, and Michael Hitchens
Kent Seamons Brigham Young University Marianne Winslett, Ting Yu
Database Management System (DBMS)
Information Security CS 526
Knowledge Inference for Optimizing Secure Multi-party Computation
Chapter 2: Operating-System Structures
Information Security CS 526
Information Security CS 526
Chapter 2: Operating-System Structures
Presentation transcript:

Ebrahim Tarameshloo, Philip W.L.Fong, Payman Mohassel University of Calgary Calgary, Alberta, Canada {etarames, pwlfong, On Protection in Federated Social Computing Systems 1 March 2014

Federated Social Computing Systems Example: Her access policy: (Share with my vs. (Share with Privacy challenges Access control policy of the originating SCS may not be honored by the destination SCS 2 On Protection in Federated Social Computing Systems

Outline 3 Privacy in Federated Social Computing Systems Formal model Privacy via Private Function Evaluation (PFE) Privacy via safe function evaluation On Protection in Federated Social Computing Systems

Outline 4 Privacy in Federated Social Computing Systems Formal model Privacy via Private Function Evaluation (PFE) Privacy via safe function evaluation On Protection in Federated Social Computing Systems

Closer Look at Protection Challenges Policy fidelity Ambiguity in terms of what policy to be used for protecting shared contents Mechanism fidelity Challenge of tracking the protection model of the origin site by the destination site State fidelity The user information may not be available for policy enforcement at the destination SCS 5 On Protection in Federated Social Computing Systems

Assumptions User identity The manual identity mapping process is consistent and applied whenever needed Authorization service Secure queriable PDPs (Policy Decision Points) for each SCSs of the confederation 6 On Protection in Federated Social Computing Systems

Feature Overview of Our Protection Model 7 1.Protection of Shared Resources Native access: (Not the focus of this work) Shared access: (The goal of our work) On Protection in Federated Social Computing Systems

Feature Overview of Our Protection Model 8 2.Shared Access Policies Policies for controlling shared accesses defined by resource owner Addresses Policy Fidelity On Protection in Federated Social Computing Systems

Feature Overview of Our Protection Model 9 3.Distributed Evaluation of Situated Queries Shared access policy in the form of situated queries Example: Distributed evaluation ensures Mechanism and State Fidelity On Protection in Federated Social Computing Systems

Feature Overview of Our Protection Model 10 4.Policy Composition More flexible protection model Made up of boolean combinations of situated queries Example: ∨ ∧  On Protection in Federated Social Computing Systems

Outline 11 Privacy in Federated Social Computing Systems Formal model Privacy via Private Function Evaluation (PFE) Privacy via safe function evaluation On Protection in Federated Social Computing Systems

Formal Model of Federated SCSs 12 Confederation Schema Specifies the constant entities in federation Privacy Configuration Specifies current privacy settings of the confederation Protection State Tracks the current protection state of member SCSs Tracks the whereabouts of shared resources On Protection in Federated Social Computing Systems

Policy Language 13 Distinctive features Atomic queries can be interpreted at specific SCS Composite policies by composition of atomic queries Syntax Semantics Resource owner and requester must satisfy policy formula in a given protection state On Protection in Federated Social Computing Systems

Outline 14 Privacy in Federated Social Computing Systems Formal model Privacy via Private Function Evaluation (PFE) Privacy via safe function evaluation On Protection in Federated Social Computing Systems

Privacy via Secure Multiparty Computation 15 Distributed evaluation of shared access policies Privacy effect: Disclosure of SCSs protection states Example: ∧ Evaluation may disclose user location claims in Foursquare to Facebook Privacy goal Preserving the privacy of SCSs’ protection states during the evaluation of shared access policies Possible approach Secure Multiparty Computation (SMC) On Protection in Federated Social Computing Systems

SMC and Output Privacy 16 SMC allows a group of parties to collectively compute a function of their inputs, while at the same time keeping these inputs private SMC does not guaranty output privacy Example: SMC does not try to determine which function is “safe” to compute On Protection in Federated Social Computing Systems

SMC and Output Privacy 17 Privacy challenge in our scheme: Example: Evaluation of at Instagram may leak users’ location and friendship Possible approaches Hide policy formulas from federated SCSs Evaluate only safe public policy formulas On Protection in Federated Social Computing Systems

Approach1: PFE-based Architectures 18 Hide the from the SCSs involved Advantage: no restriction on what the formula can be Core challenge: hiding policy while running the SMC protocol Private Function Evaluation (PFE) Three PFE-based architectures Origin arch. (Origin tracks policy) User arch. (User tracks policy) TP arch. (Third party tracks all policies) On Protection in Federated Social Computing Systems

Origin Arch. (Origin SCS Tracks Policy) 19 PFE Authorization Decision Origin SCS Current SCS Ask to initiate PFE Each SCS tracks shared access policy of its own resources On Protection in Federated Social Computing Systems

User Arch. (User Tracks Policy) 20 PFE Authorization Decision Origin SCS Current SCS Ask to initiate PFE Each user stores shared access policies on a user owned storage On Protection in Federated Social Computing Systems

TP Arch. (Third Party Tracks Policy) 21 PFE Authorization Decision Origin SCS Current SCS Ask to initiate PFE TP Centralized policy storage service by a trusted third party (TP) On Protection in Federated Social Computing Systems

Challenge of Policy Administration On Protection in Federated Social Computing Systems 22 Every user must define a shared access policy for every resource Tedious for users Default policies for various categories of resources

Assessment of three architectures 23 Privacy Origin arch. Authorization decision should be hidden from origin SCS if it contributes an input to the policy formula User arch. There should not be any collusion between storage service and any SCS Example: Google+ and Google Drive TP arch. Should remain trusted Knowledge of query vocabulary Origin arch. Every SCSs must understand the full query vocabulary of all other SCSs in confederation User arch. Same as Origin arch. TP arch. Only TP must understand the full query vocabulary Fault tolerance Origin arch. Failing of one SCS affects all policy lookup of all resources originating from that SCS User arch. Failing of user storage will affect only the shared resources of that user TP arch. Single point of failure. Will affect entire confederation. Policy administration Every user must define a shared access policy for every resource Tedious for users Default policies for various categories of resources Example: On Protection in Federated Social Computing Systems

Outline 24 Privacy in Federated Social Computing Systems Formal model Privacy via Private Function Evaluation (PFE) Privacy via safe function evaluation On Protection in Federated Social Computing Systems

Approach2: Privacy via Safe Functions 25 All shared access policies are allowed to be public Example: default policies Evaluate only “safe” policies by confederation Privacy goal: No inference of inputs from output values An SCS can refrain from providing input if a policy is detected to be unsafe “Safe” function definition based on Sutherland’s definition of information flow via the notion of deducibility On Protection in Federated Social Computing Systems

Input NonDeducibility On Protection in Federated Social Computing Systems 26 x1x1 x2x2 …xixi …x n-1 xnxn f 11… … 1 …11 01……10 10……11 11… 0 …00 00… 0 … If the policy Google+ False  Requester is a family member What if the policy Linkedin Example:

Application and Complexity of IND 27 SCSs test whether policy function is I’th input nondeducible I is the set of contributed input by an SCS Deciding input nondeducibility To implement the static analysis Complement of IND is in Encode IND instance to Quantified Boolean Formula (QBF) Use a QBF solver to test the satisfiability On Protection in Federated Social Computing Systems

IND Functions 28 Rarity of input nondeducible functions Limited composibility Useful IND functions Threshold function Threshold returns 1 if at least m of the n inputs are 1 Replacement for conjunction Conditional function Replacement for disjunction On Protection in Federated Social Computing Systems

Policy Idioms 29 It is unwise to leave it to the user to formulate “safe” policies Users can be provided with templates of “safe” policies Safe policy templates Threshold policy Conditional policy On Protection in Federated Social Computing Systems

Related Work 30 [1] Ko, Moo Nam, Gorrell P. Cheek, Mohamed Shehab, and Ravi Sandhu. "Social-networks connect services." Computer 43, no. 8 (2010): [2] Shehab, Mohamed, Moo Nam Ko, and Hakim Touati. "Enabling cross-site interactions in social networks." Social Network Analysis and Mining 3.1 (2013): [3] Squicciarini, Anna Cinzia, Giuseppe Petracca, and Elisa Bertino. "Adaptive data protection in distributed systems." Proceedings of the third ACM conference on Data and application security and privacy. ACM, On Protection in Federated Social Computing Systems

Calgary On Protection in Federated Social Computing Systems 31

ICT Bldg. at the University of Calgary On Protection in Federated Social Computing Systems 32

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.