Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security and privacy in the age of software controlled surroundings Prashanth Mohan David Culler.

Published byRosa Potter Modified over 9 years ago

Similar presentations

Presentation on theme: "Security and privacy in the age of software controlled surroundings Prashanth Mohan David Culler."— Presentation transcript:

1 Security and privacy in the age of software controlled surroundings Prashanth Mohan David Culler

2 What are your expectations of privacy and security when you are in a shared space?

3 Changing the way we interact

4

5 In a personalized world

6 A living and breathing surrounding

7 No more key chains or key cards

8 Digital Security Physical Security Data Platform (BOSS) Data Visualization Apps Data Sources Control Data Data Learning Apps How can we ensure sandboxed data analysis? How can we restrict mixing of data? How can we understand arbitrary data types? How can we ensure the reliability of control data? How can we improve the integrity of data sources?

9 Enforcing end-to-end user policies Mobad - How can we maximize benefit while analyzing data locally (for privacy)? Rubicon - Can we reuse existing software systems while still obtaining privacy guarantees? Gupt - How can we mine data without divulging the privacy of individuals?

10 Many open privacy questions Can we describe privacy in higher level constructs?? How do we make sense of the wide variety of data sources? Who has access to what data? Is the building a natural boundary for data?

11 Security of building networks

12 Static Analysis Techniques Code Instrumentation Dynamic Analysis using Input Replay

13 Brainstorm: Ensuring security Secure the networks! Understand the state machine of the building – “control transactions” limit bad states How can we apply the principle of least privilege for apps on BOSS? Software security at the firmware layer

14 Thank You Prashanth Mohan https://www.cs.berkeley.edu/~prmohan prmohan@cs.berkeley.edu

15 Backup

16 Topics for discussion When you enter a public building, what are your privacy and security expectations? How expensive should attacks become in order to limit malicious behavior? Is privacy a lost cause? How much of these problems can be solved with appropriate regulation?

17 User data Processed data Research Progress Client DeviceWeb Application Multiple users’ data Learning Models Machine Learning 17 Client Data Privacy: EuroSys13, HotSec12, MobiSys10 Cloud Data Privacy: IEEESP13*, SIGMOD12

18 Functional Blocks Integrity Checking ACL Checking User Authentication Image source: Wikipedia 18 Template Processor Isolated Containers Easy drop-in solution for existing 3-tier programs

19 TLS Proxy Secure Block Device Storage TPM Chip (Remote Attestation) Linux Kernel IPTables Controller ACL Stor e ACL changes Ether Pad Friend Share Application Layer K/V Proxy FS Proxy DeDup Storage Layer End Users 19

20 Differential Privacy Privacy budget Randomized algorithm 20 Any measurable set Neighbors: two datasets differing in exactly one entry Function Sensitivity

21 Web Frontend Data Set Manager 1. Data Set 2. Data Parser 3. Privacy ↵ Budget (ε) Isolated Execution Chambers Computation Manager Untrusted Computation Comp Mgr XML RPC Layer Computation Differentially Private Answer Noise Generator 1. Computation 2. [Bounds Estimator] Auditing

Download ppt "Security and privacy in the age of software controlled surroundings Prashanth Mohan David Culler."

Similar presentations

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.

Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.
Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.

Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Cryptography and Network Security

Cryptography and Network Security
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.

Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.

Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.
Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.

Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
PPD: Platform for Private Data Mohit Tiwari with Krste Asanović, Dawn Song, Petros Maniatis*, Prashanth Mohan, Charalampos Papamanthou, Elaine Shi, Emil.

PPD: Platform for Private Data Mohit Tiwari with Krste Asanović, Dawn Song, Petros Maniatis*, Prashanth Mohan, Charalampos Papamanthou, Elaine Shi, Emil.
1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.

1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.
A PASS Scheme in Clouding Computing - Protecting Data Privacy by Authentication and Secret Sharing Jyh-haw Yeh Dept. of Computer Science Boise State University.

A PASS Scheme in Clouding Computing - Protecting Data Privacy by Authentication and Secret Sharing Jyh-haw Yeh Dept. of Computer Science Boise State University.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
Your Interactive Guide to the Digital World Discovering Computers 2012 Chapter 10 Managing a Database.

Your Interactive Guide to the Digital World Discovering Computers 2012 Chapter 10 Managing a Database.
Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.

Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.

Similar presentations

Ads by Google