Integrity Through Mediated Interfaces Bob Balzer Information Sciences Institute

Slides:

Advertisements

Similar presentations

© Copyright 2007 Exempler Telecom Test Automation System Exempler - We pride ourselves with providing lightweight robust engineering solutions.

Advertisements

Semantically Grounded Briefings Bob Balzer, Neil Goldman, Marcelo Tallis Teknowledge

Enterprise Content Management Departmental Solutions Enterprisewide Document/Content Management at half the cost of competitive systems ImageSite is:

OAISYS Public Safety Solutions Safeguarding Mission-Critical Communications.

Ubiquitous Computing Definitions Ubiquitous computing is the method of enhancing computer use by making many computers available throughout the physical.

System Center Configuration Manager Push Software By, Teresa Behm.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Nu Project Management Office A web based tool to Manage Projects.

Computer Security: Principles and Practice

Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Source Code Management Or Configuration Management: How I learned to Stop Worrying and Hate My Co-workers Less.

Technical Overview. PLEASE READ (hidden slide) To deliver this presentation effectively, you need to be familiar with Windows Server 2008 R2 management.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Slide 1 of 9 Presenting 24x7 Scheduler The art of computer automation Press PageDown key or click to advance.

MSF Testing Introduction Functional Testing Performance Testing.

Computer Software.

Keeping Data Safe Revision Summer How many ways can data be lost? Start a list… Physical Loss or Corruption of data Accidental or Deliberate Unauthorised.

Enterprise Reporting with Reporting Services SQL Server 2005 Donald Farmer Group Program Manager Microsoft Corporation.

Other Features Index and table of contents Macros and VBA.

TESTING STRATEGY Requires a focus because there are many possible test areas and different types of testing available for each one of those areas. Because.

Ankiro Search for EPiServer CMS by Martin Starch Sørensen Head of Development.

Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.

Workflow and SharePoint Presented by Ben Geers. Overview What is workflow? Windows Workflow Foundation How does workflow apply to SharePoint? WSS v3 vs.

Integrity Through Mediated Interfaces PI Meeting: Feb 22-23, 2000 Bob Balzer Information Sciences Institute Legend: Changes from previous.

CHAPTER FOUR COMPUTER SOFTWARE.

User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.

Enterprise Wrappers OASIS PI Meeting July 24, 2001 Bob Balzer Neil

Windows XP Professional Features ©Richard L. Goldman February 5, 2003.

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

1 3. Computing System Fundamentals 3.1 Language Translators.

 Chapter 14 – Security Engineering 1 Chapter 12 Dependability and Security Specification 1.

Database Design and Management CPTG /23/2015Chapter 12 of 38 Functions of a Database Store data Store data School: student records, class schedules,

Information Builders : SmartMart Seon-Min Rhee Visualization & Simulation Lab Dept. of Computer Science & Engineering Ewha Womans University.

Slide 1 Introduction to APEX. Slide 2 Agenda Introduction to Apex Architecture/Workspace Highlights Roles Example Build Report Examples of Flexibility.

1 Software for the KEK test Malcolm Ellis 13 th April 2005.

CSCE 548 Secure Software Development Security Operations.

Integrity Through Mediated Interfaces PI Meeting Feb. 15, 2001 Bob Balzer, Marcelo Tallis Legend: Turquoise Changes from July99.

Workforce Scheduling Release 5.0 for Windows Implementation Overview OWS Development Team.

The world leader in serving science Overview of Thermo 21 CFR Part 11 tools Overview of software used by multiple business units within the Spectroscopy.

Integrity Through Mediated Interfaces PI Meeting: July 19-21, 2000 Bob Balzer Teknowledge Legend: Turquoise Changes from July 99.

Enterprise Wrappers OASIS PI Meeting August 19, 2002 Bob Balzer Neil Legend: Green Changes from February 02 PI meeting.

Integrity Through Mediated Interfaces PI Meeting July 24, 2001 Bob Balzer, Marcelo Tallis Legend: Turquoise Changes from July99.

Features Of SQL Server 2000: 1. Internet Integration: SQL Server 2000 works with other products to form a stable and secure data store for internet and.

Integrity Through Mediated Interfaces PI Meeting August 19, 2002 Bob Balzer, Marcelo Tallis Legend: Turquoise Changes from.

An Active Security Infrastructure for Grids Stuart Kenny*, Brian Coghlan Trinity College Dublin.

Status of Globus activities Massimo Sgaravatto INFN Padova for the INFN Globus group

Enterprise Wrappers OASIS PI Meeting March 12, 2002 Bob Balzer Neil Goldman Mahindra

HNC COMPUTING - Network Concepts 1 Network Concepts Network Concepts Network Operating Systems Network Operating Systems.

Chapter 5 Managing Multi-user Databases 1. Multi-User Issues Database Administration Concurrency Control Database Security Database Recovery Page 307.

Integrating with and Extending Visual Studio. Objectives.

©2011 Quest Software, Inc. All rights reserved. Quick, Scalable Restore of Granular Objects Recovery Manager for Active Directory.

© 2014 IBM Corp. TSM Data Protection for Virtual Environments: Hyper-V Suite.

Welcome to Xandros Desktop Version 2.0. What is Xandros? The New Standard – Xandros is the award winning new standard for Desktop Operating System software.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.

Architecture Review 10/11/2004

Modernize ConfigMgr OSD with Community Tools

Maintaining software solutions

Critical Design Review Version 5.7.1

Managing Multi-user Databases

Securely run and grow your business with Microsoft 365 Business

Which is right for your business, Office 365 or Microsoft 365?

Which is right for your business, Office 365 or Microsoft 365?

Backup and restoration of data, redundancy

Bethesda Cybersecurity Club

Critical Design Review Version 5.7.1

PLANNING A SECURE BASELINE INSTALLATION

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

Integrity Through Mediated Interfaces Bob Balzer Information Sciences Institute

Technical Objectives Wrap Data with Integrity Marks –Insure its Integrity –Record its processing history –Reconstruct it from this history if it is corrupted by program bugs by malicious attacks Demo these capabilities on major COTS product –Microsoft Office Suite

This Slide Intentionally Blank Existing Practice Integrity Stove-Piped on Tool-by-Tool Basis End-to-End Integrity Not Supported Persistent Data only Safeguarded by OS Corruption Detection is Ad-Hoc Corruption Repair –Based on Backups –Not Integrated with Detection

Wrap Program –Detect access of integrity marked data & decode it M M M M MediationCocoon Environment = Operating System External Programs Program Change Monitor –Monitor User Interface to detect change actions Translate GUI actions into application specific modifications Technical Approach –Detect update of integrity marked data Re-encode & re-integrity mark the updated data Repair any subsequent Corruption from History Build on existing research infrastructure

Program M M M MediationCocoon M Security Manager Mediation Installer Secure Mediation NT Security & Integration Enhancements Safe Execution Environments Safe Web Browsing Safe Agent Execution Safe Download/Macro Execution File System Extensions Encryption Archive Virtual File System Copy-On-Modify Ppt Design Editor EMACS in Eudora Web Annotator Balzer USC INFORMATION SCIENCES INSTITUTE Diagram Animation Monitoring C++ Development Web Ad Buster COTS Integration

Copy On Modify Demo

Safe Web Browser Demo

Domain Specific Design Editor Demo

Major Risks and Planned Mitigation Ability to detect application-level modifications Application Openness Spectrum: –Event-Generators:Capture as transaction history –Scripting API:Examine state to infer action –Black-Box:Mediate GUI to infer action => Generic Mediators + Tool Specific mapping Ability to protect transaction history => Hide the location of the transaction history Virtual File System wrapper System-level Randomization Techniques Tool-Specific Modification Trackers Expensive => Automate common portions => Provide rule-based scripting language

Task Schedule Dec99:Tool-Level Integrity Manager –Monitor & Authorize Tool access & updates Jun00:Operation-Level Integrity Manager –Monitor, Authorize, & Record Modifications Dec00:Integrity Management for MS-Office Jun01:Corruption Repair Jun02:Automated Modification Tracking

Expected Major Achievements for Integrity Marked Documents: –End-To-End Data Integrity (through multiple tools/sessions) –Modifications Monitored, Authorized, & Recorded Authorization Control of Users, Tools, and Operations All Changes Attributed and Time Stamped –Assured Detection of Corruption –Ability to Restore Corrupted Data Ability to operate with COTS products MS-Office Documents Integrity Marked

Measures of Success Widespread Deployment of Integrity Manager for MS-Office Extensibility of Integrity Manager to other COTS products Ease of creating Modification Trackers Resistence to Malicious Attacks –Corruption Avoidance –Corruption Detection –Corruption Repair => Red-Team Experiment

Key Outstanding Issues None Yet

Transition of Technology Piggyback our Technology on a widely used Target Product (MS Office) –Integrity Manager automatically invoked as needed Make technology available for COTS products Work with Vendors to encourage publication of modification events

Needed PM Assitance None Yet