Decentralized authorization and data security in web content delivery * Danfeng Yao (Brown University, USA) Yunhua Koglin (Purdue University, USA) Elisa.

Slides:



Advertisements
Similar presentations
Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.
Advertisements

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Using Multi-Encryption to Provide Secure and Controlled Access to XML Documents Tomasz Müldner, Jodrey School of Computer Science, Acadia University, Wolfville,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Access Control Methodologies
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Authentication & Kerberos
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
IAW 2006 Cascaded Authorization with Anonymous- Signer Aggregate Signatures Danfeng Yao Department of Computer Science Brown University Joint work with.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
Chapter 5 Database Application Security Models
Web services security I
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Scalable Security and Accounting Services for Content-based Publish/Subscribe Systems Himanshu Khurana NCSA, University of Illinois.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
1 Role-Based Cascaded Delegation: A Decentralized Delegation Model for Roles Roberto Tamassia Danfeng Yao William H. Winsborough Brown University Brown.
Database Application Security Models Database Application Security Models 1.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Cryptography, Authentication and Digital Signatures
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
PRIVACY PRESERVING SOCIAL NETWORKING THROUGH DECENTRALIZATION AUTHORS: L.A. CUTILLO, REFIK MOLVA, THORSTEN STRUFE INSTRUCTOR DR. MOHAMMAD ASHIQUR RAHMAN.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Network Security Lecture 23 Presented by: Dr. Munam Ali Shah.
Cryptography and Network Security Chapter 14 Authentication Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed and extended by.
Attribute Certificate By Ganesh Godavari. Talk About An Internet Attribute Certificate for Authorization -- RFC 3281.
sec1 IEEE MEDIA INDEPENDENT HANDOVER DCN: sec Title: TGa_Proposal_Antonio_Izquierdo (Protecting the Information Service.
Strong Security for Distributed File Systems Group A3 Ka Hou Wong Jahanzeb Faizan Jonathan Sippel.
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings.
Copyright 1999 S.D. Personick. All Rights Reserved. Telecommunications Networking II Lecture 41b Cryptography and Its Applications.
Matej Bel University Cascaded signatures Ladislav Huraj Department of Computer Science Faculty of Natural Sciences Matthias Bel University Banska Bystrica.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Network Security Lecture 27 Presented by: Dr. Munam Ali Shah.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Data Integrity Proofs in Cloud Storage Author: Sravan Kumar R and Ashutosh Saxena. Source: The Third International Conference on Communication Systems.
Ensuring Sufficient Entropy in RSA Modulus Generation Wendy Mu Henry Corrigan-Gibbs Dan Boneh.
Cryptography and Network Security Chapter 14
User Authentication  fundamental security building block basis of access control & user accountability  is the process of verifying an identity claimed.
Network Security Celia Li Computer Science and Engineering York University.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
Cryptography and Network Security
Authentication Applications
Module 8: Securing Network Traffic by Using IPSec and Certificates
Module 8: Securing Network Traffic by Using IPSec and Certificates
PKI (Public Key Infrastructure)
Presentation transcript:

Decentralized authorization and data security in web content delivery * Danfeng Yao (Brown University, USA) Yunhua Koglin (Purdue University, USA) Elisa Bertino (Purdue University, USA) Roberto Tamassia (Brown University, USA) SAC, March, 2007, Seoul, Korea * Supported by U.S. NSF CCF– , IIS– , , CERIAS

2 Content Owner Web Surfer Web intermediaries (proxies) in content delivery network Original content Modified Content Content Delivery Network (CDN)

3 Motivations in CDN Contents are delivered by a third-party, not directly by content owners Contents are delivered by a third-party, not directly by content owners e.g., Akamai.com’s servers deliver contents for CNN.com e.g., Akamai.com’s servers deliver contents for CNN.com Delivered contents are usually modified or transformed by proxies Delivered contents are usually modified or transformed by proxies e.g., Modify sizes and resolutions of multimedia files e.g., Modify sizes and resolutions of multimedia files e.g., Customize dynamic web pages based on client preferences e.g., Customize dynamic web pages based on client preferences Data transformations may involve multiple proxies Data transformations may involve multiple proxies

4 An example of 2-step data transformations Transcode High MediumLow Customize banner

5 Problem definition Our goal: to ensure the integrity of data transformations in content delivery networks The key problem: How to ensure that data transformations are properly authorized? Our approach: role-based proxy management Inspired by Role-based access control [Sandhu et al 1996]

6 Overview of our role-based authorization approach Entities: content owner, proxy, client, role authority Entities: content owner, proxy, client, role authority Role authority is trusted and assigns roles to proxies Role authority is trusted and assigns roles to proxies Role authority can be the content owner or others Role authority can be the content owner or others A trustworthy proxy is authorized to perform allowed operations A trustworthy proxy is authorized to perform allowed operations Transcoder proxy is authorized to transcode data only Transcoder proxy is authorized to transcode data only The proof of role assignment is the role certificate issued by role authority The proof of role assignment is the role certificate issued by role authority Only contents transformed by authorized proxies are accepted Only contents transformed by authorized proxies are accepted Role Cert

7 Illustration of role-based proxy management Content Owner Web Surfer Original content 2. Required role sequence specified by content owner Modified Content 3. Data is delivered by proxies with specified roles 1. Proxies are assigned roles by a role authority (Different color represents different proxy roles)

8 Advantages of role-based proxy management Easy to manage in a decentralized environment Easy to manage in a decentralized environment The role abstraction is scalable, useful when the number of proxies is high The role abstraction is scalable, useful when the number of proxies is high Routing of contents is based on roles, rather than individual identities of proxies (will explain later) Routing of contents is based on roles, rather than individual identities of proxies (will explain later) Improves flexibility and fault-tolerance Improves flexibility and fault-tolerance Multiple proxies are assigned to the same role and provide backups to each other Multiple proxies are assigned to the same role and provide backups to each other Proxies with required roles

9 Major operations in our model 1. Role certificate generation and distribution by role authority 2. Control information generation by content owner specifying the sequence of roles required for data transformation 1. E.g., control information 3. Routing of contents to required proxies 1. Performed among proxies in a decentralized fashion 4. Protocols for the verification of integrity by each proxy and client Web surfer Content owner Proxies with required roles Control info.

10 Main challenge in applying role management to CDN The key problem: How to route contents to required proxies without a centralized map of CDN? The challenge: proxies do not have the global knowledge of CDN (e.g., who has what roles) Our approach: use a role-number based routing to locate required proxies

11 Role number for proxies Each role is given a role number Each role is given a role number e.g., transcoding role is numbered 2310 e.g., transcoding role is numbered 2310 The lookup table of a proxy is indexed by role numbers, and stores pointers to neighboring proxies with indexed role numbers The lookup table of a proxy is indexed by role numbers, and stores pointers to neighboring proxies with indexed role numbers 3*** 3*** 23** 23** 233* 233* *** 2*** 22** 22** 232* 232* *** 1*** 21** 21** 231* 231* *** 0*** 20** 20** 230* 230* Role number lookup table for 2310 (* representing any digit; an arrow represents the address of a proxy with the corresponding role number) Inspired by distributed hash-tables [Zhao et al 2004]

12 Another example: lookup table for *** 3*** 13** 13** 103* 103* *** 2*** 12** 12** 102* 102* *** 1*** 11** 11** 101* 101* *** 0*** 10** 10** 100* 100*1020 Role number lookup table for 1021 (* representing any digit; an arrow represents the address of a proxy with the corresponding role number)

13 Role-number based routing (from role-number 2310 to role-number 1021) *** 102* ** 1. Prefix-based routing, correcting role-number digit-by-digit 2. Similar to overlay networks (Distributed Hash Table) 3. Suffix-based routing will work too 4. Further improvement is described in the paper Proxies only need to keep the local routing information in lookup tables, not the global CDN map

14 Security protocol for performing transformation and verification 1. A proxy with the required role is requested to perform a transformation on a requested content 1. The proxy verifies the previous transformation is valid 2. The proxy performs transformation and signs the hash of the transformed segment 3. The proxy appends its role certificate to the segment 4. The proxy consults the lookup table and passes the segment to the next proxy required by control information 2. The client verifies the final transformed content against control information and proxies’ role credentials

15 Security of iDelivery Assumption: Certified proxies are trusted Assumption: Certified proxies are trusted Integrity: Delivered content that is modified by unauthorized entities should not be accepted Integrity: Delivered content that is modified by unauthorized entities should not be accepted Confidentiality: The delivered contents cannot be viewed by unauthorized entities Confidentiality: The delivered contents cannot be viewed by unauthorized entities Theorem The iDeliver protocol ensures data integrity and confidentiality Theorem The iDeliver protocol ensures data integrity and confidentiality The proof of iDelivery’s security is based on standard digital signature and encryption schemes (public-key encryption and symmetric encryption) The proof of iDelivery’s security is based on standard digital signature and encryption schemes (public-key encryption and symmetric encryption)

16 Complexity of iDelivery OperationsHashEnc/DecSign/Verify Role Authority O(N)O(N)O(N) Content server* O(m)O(1)O(1) A proxy* O(1)O(1)O(1) client*O(1)O(1)O(1) N is the total number of proxies. m is the number of roles required for processing the content. * This refers to the operations for one content request.

17 Summary Developed a general framework for data integrity in content delivery networks Developed a general framework for data integrity in content delivery networks Developed a role-based proxy management approach for the decentralized authorization in CDN Developed a role-based proxy management approach for the decentralized authorization in CDN Role-based proxy management improves the flexibility and fault-tolerance of content delivery Role-based proxy management improves the flexibility and fault-tolerance of content delivery Our paper describes our iDelivery protocol in details Our paper describes our iDelivery protocol in details We also support caching (see paper for details) We also support caching (see paper for details)