Spelling suggestions: "subject:"execution byenvironment"" "subject:"execution 3denvironment""
21 |
Trusted Execution Environments for Open vSwitch : A security enabler for the 5G mobile networkElbashir, Khalid January 2017 (has links)
The advent of virtualization introduced the need for virtual switches to interconnect virtual machines deployed in a cloud infrastructure. With Software Defined Networking (SDN), a central controller can configure these virtual switches. Virtual switches execute on commodity operating systems. Open vSwitch is an open source project that is widely used in production cloud environments. If an adversary gains access with full privileges to the operating system hosting the virtual switch, then Open vSwitch becomes vulnerable to a variety of different attacks that could compromise the whole network. The purpose of this thesis project is to improve the security of Open vSwitch implementations in order to ensure that only authenticated switches and controllers can communicate with each other, while maintaining code integrity and confidentiality of keys and certificates. The thesis project proposes a design and shows an implementation that leverages Intel® Safe Guard Extensions (SGX) technology. A new library, TLSonSGX, is implemented. This library replaces the use of the OpenSSL library in Open vSwitch. In addition to implementing standard Transport Level Security (TLS) connectivity, TLSonSGX confines TLS communication in the protected memory enclave and hence protects TLS sensitive components necessary to provide confidentiality and integrity, such as private keys and negotiated symmetric keys. Moreover, TLSonSGX introduces new, secure, and automatic means to generate keys and obtain signed certificates from a central Certificate Authority that validates using Linux Integrity Measurements Architecture (IMA) that the Open vSwitch binaries have not been tampered with before issuing a signed certificate. The generated keys and obtained certificates are stored in the memory enclave and hence never exposed as plaintext outside the enclave. This new mechanism is a replacement for the existing manual and unsecure procedures (as described in Open vSwitch project). A security analysis of the system is provided as well as an examination of performance impact of the use of a trusted execution environment. Results show that generating keys and certificates using TLSonSGX takes less than 0.5 seconds while adding 30% latency overhead for the first packet in a flow compared to using OpenSSL when both are executed on Intel® CoreTM i7-6600U processor clocked at 2.6 GHz. These results show that TLSonSGX can enhance Open vSwitch security and reduce its TLS configuration overhead. / Framkomsten av virtualisering införde behovet av virtuella växlar för att koppla tillsammans virtuella maskiner placerade i molninfrastruktur. Med mjukvarubaserad nätverksteknik (SDN), kan ett centralt styrenhet konfigurera dessa virtuella växlar. Virtuella växlar kör på standardoperativsystem. Open vSwitch är ett open-source projekt som ofta används i molntjänster. Om en motståndare får tillgång med fullständiga privilegier till operativsystemet där Open vSwitch körs, blir Open vSwitch utsatt för olika attacker som kan kompromettera hela nätverket. Syftet med detta examensarbete är att förbättra säkerheten hos Open vSwitch för att garantera att endast autentiserade växlar och styrenheter kan kommunicera med varandra, samtidigt som att upprätthålla kod integritet och konfidentialitet av nycklar och certifikat. Detta examensarbete föreslår en design och visar en implementation som andvändar Intel®s Safe Guard Extensions (SGX) teknologi. Ett nytt bibliotek, TLSonSGX, är implementerat. Detta bibliotek ersätter biblioteket OpenSSL i Open vSwitch. Utöver att det implementerar ett standard “Transport Layer Security” (TLS) anslutning, TLSonSGX begränsar TLS kommunikation i den skyddade minnes enklaven och skyddar därför TLS känsliga komponenter som är nödvändiga för att ge sekretess och integritet, såsom privata nycklar och förhandlade symmetriska nycklar. Dessutom introducerar TLSonSGX nya, säkra och automatiska medel för att generera nycklar och få signerade certifikat från en central certifikatmyndighet som validerar, med hjälp av Linux Integrity Measurements Architecture (IMA), att Open vSwitch-binärerna inte har manipulerats innan de utfärdade ett signerat certifikat. De genererade nycklarna och erhållna certifikat lagras i minnes enklaven och är därför aldrig utsatta utanför enklaven. Denna nya mekanism ersätter de manuella och osäkra procedurerna som beskrivs i Open vSwitch projektet. En säkerhetsanalys av systemet ges såväl som en granskning av prestandaffekten av användningen av en pålitlig exekveringsmiljö. Resultaten visar att använda TLSonSGX för att generera nycklar och certifikat tar mindre än 0,5 sekunder medan det lägger 30% latens overhead för det första paketet i ett flöde jämfört med att använda OpenSSL när båda exekveras på Intel® Core TM processor i7-6600U klockad vid 2,6 GHz. Dessa resultat visar att TLSonSGX kan förbättra Open vSwitch säkerhet och minska TLS konfigurationskostnaden.
|
22 |
HNS: uma solução para suporte à execução distribuída considerando aspectos da pervasividadeBonatto, Daniel Torres January 2006 (has links)
Submitted by Silvana Teresinha Dornelles Studzinski (sstudzinski) on 2016-04-29T13:58:24Z
No. of bitstreams: 1
Daniel Torres Bonatto_.pdf: 3486011 bytes, checksum: e32338e4597614de8de1a25e68695054 (MD5) / Made available in DSpace on 2016-04-29T13:58:24Z (GMT). No. of bitstreams: 1
Daniel Torres Bonatto_.pdf: 3486011 bytes, checksum: e32338e4597614de8de1a25e68695054 (MD5)
Previous issue date: 2006 / HP - Hewlett-Packard Brasil Ltda / Nos últimos anos, tem-se observado a crescente evolução dos dispositivos portáteis,
bem como de diversas novas tecnologias de comunicação sem fio. Esse avanço tecnológico propicia o surgimento de um cenário ideal para o desenvolvimento de ambientes que suportam a criação de aplicações pervasivas. Porém, um ambiente altamente dinâmico como este demanda a utilização de abstrações mais poderosas do que as existentes. O Holoparadigma propõe uma nova abstração, criada pensando em aplicações distribuídas executando em ambientes móveis. Nesta dissertação é apresentada a proposta para uma arquitetura de suporte a aplicações pervasivas para o Holoparadigma. Esta proposta estende as funcionalidades da HoloVM e define novos serviços para atender às demandas da computação pervasiva. Dentre estes serviços é definido um como sendo essencial para a arquitetura, que é o suporte à distribuição, composto por um servidor de nomes e uma camada para possibilitar a execução distribuída e transparente de programas. Para o modelo do servidor de nomes é definida uma estratégia de distribuição escalável e tolerante a falhas, conforme os princípios da computação pervasiva. Além disso, são mostrados resultados de experimentos realizados com este suporte. / Over the last few years, we have observed the growing evolution of portable devices,
such as new technologies for wireless communication. This technological advance makes possible the emergence of an ideal scenery for developing environments supporting the creation of pervasive applications. However, such a highly dynamic environment demands the use of more powerful abstractions than those available today. Holoparadigm proposes a new form of abstraction, created aiming distributed applications running on mobile environments. In the present dissertation, we propose an architecture for Holoparadigmdesigned to support pervasive applications. This proposal extends the functionalities of HoloVM and defines new services to respond to the demand of pervasive computing. Among those services, one is defined as essential to the architecture, the support for distribution, which is composed by a name server and a layer for supporting distributed and transparent execution of programs. For the name server, a scalable and fault tolerant distribution strategy is defined, following the principles of pervasive computing. Furthermore, we show the results of experiments performed using this support.
|
23 |
Carrier Grade Adaptation for an IP-based Multimodal Application Server: Moving the SoftBridge into SLEESun, Tao January 2004 (has links)
<p>Providing carrier grade characteristics for Internet Protocol (IP) communication applications is a significant problem for IP application providers in order to offer integrated services that span IP  / and telecommunication networks. This thesis addresses the provision of life-cycle management, which is only one carrier grade characteristic, for a SoftBridge application, which is an example of IP communication applications. A SoftBridge provides semi-synchronous multi-modal IP-based communication. The work related to IP-Telecommunication integrated services and the SoftBridge is analyzed with respect to life-cycle management in a literature review. It is suggested to use an Application Server in a Next Generation Network (NGN) to provide life-cyclemanagement functionality for IP-Telecommunication applications. In this thesis, the Application Server is represented by a JAIN Service Logic Execution Environment(JSLEE), in which  / a SoftBridge application can be deployed, activated, deactivated, uninstalled and upgraded online.Two methodologies are applied in this research: exploratory prototyping, which evolves the development of a SoftBridge application, and empirical comparison, which is concerned with the empirical evaluation of a SoftBridge application in terms of carriergrade capabilities. A SoftBridge application called SIMBA  / provides a Deaf Telephony service similar to aprevious Deaf Telephony SoftBridge, However, SIMBA&rsquo / s SoftBridge design and implementation are unique to this thesis. In order to test the life-cycle  / management ability of SIMBA, an empirical evaluation is carried out including the experiments oflife-cycle management and call-processing performance. The final experimental results of the evaluation show that a JSLEE is able to provide life-cycle management for SIMBA without causing a significant decrease in performance. In conclusion, the life-cycle management can be provided  / or a SoftBridge application by using an Application Server such as a JSLEE. Futhermore, the results indicate that  / approach of using Application Server (JSLEE) integration should be  / sufficiently general to provide life cycle management, and indeed other carrier grade capabilities, for other IP communication applications. This allows IP communication applications to be  /   /   / integrated into an NGN.</p>
|
24 |
Carrier Grade Adaptation for an IP-based Multimodal Application Server: Moving the SoftBridge into SLEESun, Tao January 2004 (has links)
<p>Providing carrier grade characteristics for Internet Protocol (IP) communication applications is a significant problem for IP application providers in order to offer integrated services that span IP  / and telecommunication networks. This thesis addresses the provision of life-cycle management, which is only one carrier grade characteristic, for a SoftBridge application, which is an example of IP communication applications. A SoftBridge provides semi-synchronous multi-modal IP-based communication. The work related to IP-Telecommunication integrated services and the SoftBridge is analyzed with respect to life-cycle management in a literature review. It is suggested to use an Application Server in a Next Generation Network (NGN) to provide life-cyclemanagement functionality for IP-Telecommunication applications. In this thesis, the Application Server is represented by a JAIN Service Logic Execution Environment(JSLEE), in which  / a SoftBridge application can be deployed, activated, deactivated, uninstalled and upgraded online.Two methodologies are applied in this research: exploratory prototyping, which evolves the development of a SoftBridge application, and empirical comparison, which is concerned with the empirical evaluation of a SoftBridge application in terms of carriergrade capabilities. A SoftBridge application called SIMBA  / provides a Deaf Telephony service similar to aprevious Deaf Telephony SoftBridge, However, SIMBA&rsquo / s SoftBridge design and implementation are unique to this thesis. In order to test the life-cycle  / management ability of SIMBA, an empirical evaluation is carried out including the experiments oflife-cycle management and call-processing performance. The final experimental results of the evaluation show that a JSLEE is able to provide life-cycle management for SIMBA without causing a significant decrease in performance. In conclusion, the life-cycle management can be provided  / or a SoftBridge application by using an Application Server such as a JSLEE. Futhermore, the results indicate that  / approach of using Application Server (JSLEE) integration should be  / sufficiently general to provide life cycle management, and indeed other carrier grade capabilities, for other IP communication applications. This allows IP communication applications to be  /   /   / integrated into an NGN.</p>
|
25 |
Carrier grade adaptation for an IP-based multimodal application server: moving the softbridge into SLEESun, Tao January 2004 (has links)
Magister Scientiae - MSc / Providing carrier grade characteristics for Internet Protocol (IP) communication applications is a significant problem for IP application providers in order to offer integrated services that span IP and telecommunication networks. This thesis addresses the provision of life-cycle management, which is only one carrier grade characteristic, for a SoftBridge application, which is an example of IP communication applications. A SoftBridge provides semi-synchronous multi-modal IP-based communication. The work related to IP-Telecommunication integrated services and the SoftBridge is analyzed with respect to life-cycle management in a literature review. It is suggested to use an Application Server in a Next Generation Network (NGN) to provide life-cyclemanagement functionality for IP-Telecommunication applications. In this thesis, the Application Server is represented by a JAIN Service Logic Execution Environment(JSLEE), in which a SoftBridge application can be deployed, activated, deactivated, uninstalled and upgraded online.Two methodologies are applied in this research: exploratory prototyping, which evolves the development of a SoftBridge application, and empirical comparison, which is concerned with the empirical evaluation of a SoftBridge application in terms of carriergrade capabilities. A SoftBridge application called SIMBA provides a Deaf Telephony service similar to aprevious Deaf Telephony SoftBridge, However, SIMBA’s SoftBridge design and implementation are unique to this thesis. In order to test the life-cycle management ability of SIMBA, an empirical evaluation is carried out including the experiments oflife-cycle management and call-processing performance. The final experimental results of the evaluation show that a JSLEE is able to provide life-cycle management for SIMBA without causing a significant decrease in performance. In conclusion, the life-cycle management can be provided or a SoftBridge application by using an Application Server such as a JSLEE. Futhermore, the results indicate that approach of using Application Server (JSLEE) integration should be sufficiently general to provide life cycle management, and indeed other carrier grade capabilities, for other IP communication applications. This allows IP communication applications to be integrated into an NGN.Providing carrier grade characteristics for Internet Protocol (IP) communication applications is a significant problem for IP application providers in order to offer integrated services that span IP and telecommunication networks. This thesis addresses the provision of life-cycle management, which is only one carrier grade characteristic, for a SoftBridge application, which is an example of IP communication applications. A SoftBridge provides semi-synchronous multi-modal IP-based communication. The work related to IP-Telecommunication integrated services and the SoftBridge is analyzed with respect to life-cycle management in a literature review. It is suggested to use an Application Server in a Next Generation Network (NGN) to provide life-cyclemanagement functionality for IP-Telecommunication applications. In this thesis, the Application Server is represented by a JAIN Service Logic Execution Environment(JSLEE), in which a SoftBridge application can be deployed, activated, deactivated, uninstalled and upgraded online.Two methodologies are applied in this research: exploratory prototyping, which evolves the development of a SoftBridge application, and empirical comparison, which is concerned with the empirical evaluation of a SoftBridge application in terms of carriergrade capabilities. A SoftBridge application called SIMBA provides a Deaf Telephony service similar to aprevious Deaf Telephony SoftBridge, However, SIMBA’s SoftBridge design and implementation are unique to this thesis. In order to test the life-cycle management ability of SIMBA, an empirical evaluation is carried out including the experiments oflife-cycle management and call-processing performance. The final experimental results of the evaluation show that a JSLEE is able to provide life-cycle management for SIMBA without causing a significant decrease in performance. In conclusion, the life-cycle management can be provided or a SoftBridge application by using an Application Server such as a JSLEE. Futhermore, the results indicate that approach of using Application Server (JSLEE) integration should be sufficiently general to provide life cycle management, and indeed other carrier grade capabilities, for other IP communication applications. This allows IP communication applications to be integrated into an NGN. / South Africa
|
26 |
Automated creation and provisioning of value-added telecommunication servicesEichelmann, Thomas January 2015 (has links)
The subject of this research is to find a continuous solution, which allows the description, the creation, the provisioning, and the execution of value-added telecommunication services. This work proposes a framework for an easy and timesaving creation and provisioning of value-added telecommunication services in Next Generation Networks. As research method, feasibility, comparative methods are used in this study. Criteria and requirements for service description, service creation, service execution, and service provisioning, are defined and existing technologies are compared with each other and evaluated regarding these criteria and requirements. Extensions to the selected technologies are proposed and possibilities to combine these technologies are researched. From the results of the previous steps, a framework is defined which offers a continuous solution for the description, creation, provisioning and execution of value-added services. In order to test the proof of concept, this framework is prototypically implemented. For a qualitative analysis of the research targets and the proof of concept, an example service is created and executed within the framework prototype. Furthermore, in order to examine the validity of the quantitative aims and objectives of this research work, a second example service is created, and its characteristics are measured and analysed. The result of this research is a novel continuous approach for the creation of value-added telecommunication services. This research introduces new possibilities for the service description, service creation, service provisioning, and service execution through an extension of the common telecommunication real-time execution environment JAIN SLEE. Value-added services are described by using the business process execution language BPEL. This language facilitates a simple and fast service design. The service can automatically be composed from pre-defined and pre-deployed components.
|
27 |
Hardening High-Assurance Security Systems with Trusted ComputingOzga, Wojciech 12 August 2022 (has links)
We are living in the time of the digital revolution in which the world we know changes beyond recognition every decade. The positive aspect is that these changes also drive the progress in quality and availability of digital assets crucial for our societies. To name a few examples, these are broadly available communication channels allowing quick exchange of knowledge over long distances, systems controlling automatic share and distribution of renewable energy in international power grid networks, easily accessible applications for early disease detection enabling self-examination without burdening the health service, or governmental systems assisting citizens to settle official matters without leaving their homes. Unfortunately, however, digitalization also opens opportunities for malicious actors to threaten our societies if they gain control over these assets after successfully exploiting vulnerabilities in the complex computing systems building them. Protecting these systems, which are called high-assurance security systems, is therefore of utmost importance.
For decades, humanity has struggled to find methods to protect high-assurance security systems. The advancements in the computing systems security domain led to the popularization of hardware-assisted security techniques, nowadays available in commodity computers, that opened perspectives for building more sophisticated defense mechanisms at lower costs. However, none of these techniques is a silver bullet. Each one targets particular use cases, suffers from limitations, and is vulnerable to specific attacks. I argue that some of these techniques are synergistic and help overcome limitations and mitigate specific attacks when used together. My reasoning is supported by regulations that legally bind high-assurance security systems' owners to provide strong security guarantees. These requirements can be fulfilled with the help of diverse technologies that have been standardized in the last years.
In this thesis, I introduce new techniques for hardening high-assurance security systems that execute in remote execution environments, such as public and hybrid clouds. I implemented these techniques as part of a framework that provides technical assurance that high-assurance security systems execute in a specific data center, on top of a trustworthy operating system, in a virtual machine controlled by a trustworthy hypervisor or in strong isolation from other software. I demonstrated the practicality of my approach by leveraging the framework to harden real-world applications, such as machine learning applications in the eHealth domain. The evaluation shows that the framework is practical. It induces low performance overhead (<6%), supports software updates, requires no changes to the legacy application's source code, and can be tailored to individual trust boundaries with the help of security policies.
The framework consists of a decentralized monitoring system that offers better scalability than traditional centralized monitoring systems. Each monitored machine runs a piece of code that verifies that the machine's integrity and geolocation conform to the given security policy. This piece of code, which serves as a trusted anchor on that machine, executes inside the trusted execution environment, i.e., Intel SGX, to protect itself from the untrusted host, and uses trusted computing techniques, such as trusted platform module, secure boot, and integrity measurement architecture, to attest to the load-time and runtime integrity of the surrounding operating system running on a bare metal machine or inside a virtual machine. The trusted anchor implements my novel, formally proven protocol, enabling detection of the TPM cuckoo attack.
The framework also implements a key distribution protocol that, depending on the individual security requirements, shares cryptographic keys only with high-assurance security systems executing in the predefined security settings, i.e., inside the trusted execution environments or inside the integrity-enforced operating system. Such an approach is particularly appealing in the context of machine learning systems where some algorithms, like the machine learning model training, require temporal access to large computing power. These algorithms can execute inside a dedicated, trusted data center at higher performance because they are not limited by security features required in the shared execution environment. The evaluation of the framework showed that training of a machine learning model using real-world datasets achieved 0.96x native performance execution on the GPU and a speedup of up to 1560x compared to the state-of-the-art SGX-based system.
Finally, I tackled the problem of software updates, which makes the operating system's integrity monitoring unreliable due to false positives, i.e., software updates move the updated system to an unknown (untrusted) state that is reported as an integrity violation. I solved this problem by introducing a proxy to a software repository that sanitizes software packages so that they can be safely installed. The sanitization consists of predicting and certifying the future (after the specific updates are installed) operating system's state. The evaluation of this approach showed that it supports 99.76% of the packages available in Alpine Linux main and community repositories.
The framework proposed in this thesis is a step forward in verifying and enforcing that high-assurance security systems execute in an environment compliant with regulations. I anticipate that the framework might be further integrated with industry-standard security information and event management tools as well as other security monitoring mechanisms to provide a comprehensive solution hardening high-assurance security systems.
|
28 |
Confidential Federated Learning with Homomorphic Encryption / Konfidentiellt federat lärande med homomorf krypteringWang, Zekun January 2023 (has links)
Federated Learning (FL), one variant of Machine Learning (ML) technology, has emerged as a prevalent method for multiple parties to collaboratively train ML models in a distributed manner with the help of a central server normally supplied by a Cloud Service Provider (CSP). Nevertheless, many existing vulnerabilities pose a threat to the advantages of FL and cause potential risks to data security and privacy, such as data leakage, misuse of the central server, or the threat of eavesdroppers illicitly seeking sensitive information. Promisingly advanced cryptography technologies such as Homomorphic Encryption (HE) and Confidential Computing (CC) can be utilized to enhance the security and privacy of FL. However, the development of a framework that seamlessly combines these technologies together to provide confidential FL while retaining efficiency remains an ongoing challenge. In this degree project, we develop a lightweight and user-friendly FL framework called Heflp, which integrates HE and CC to ensure data confidentiality and integrity throughout the entire FL lifecycle. Heflp supports four HE schemes to fit diverse user requirements, comprising three pre-existing schemes and one optimized scheme that we design, named Flashev2, which achieves the highest time and spatial efficiency across most scenarios. The time and memory overheads of all four HE schemes are also evaluated and a comparison between the pros and cons of each other is summarized. To validate the effectiveness, Heflp is tested on the MNIST dataset and the Threat Intelligence dataset provided by CanaryBit, and the results demonstrate that it successfully preserves data privacy without compromising model accuracy. / Federated Learning (FL), en variant av Maskininlärning (ML)-teknologi, har framträtt som en dominerande metod för flera parter att samarbeta om att distribuerat träna ML-modeller med hjälp av en central server som vanligtvis tillhandahålls av en molntjänstleverantör (CSP). Trots detta utgör många befintliga sårbarheter ett hot mot FL:s fördelar och medför potentiella risker för datasäkerhet och integritet, såsom läckage av data, missbruk av den centrala servern eller risken för avlyssnare som olagligt söker känslig information. Lovande avancerade kryptoteknologier som Homomorf Kryptering (HE) och Konfidentiell Beräkning (CC) kan användas för att förbättra säkerheten och integriteten för FL. Utvecklingen av en ramverk som sömlöst kombinerar dessa teknologier för att erbjuda konfidentiellt FL med bibehållen effektivitet är dock fortfarande en pågående utmaning. I detta examensarbete utvecklar vi en lättviktig och användarvänlig FL-ramverk som kallas Heflp, som integrerar HE och CC för att säkerställa datakonfidentialitet och integritet under hela FLlivscykeln. Heflp stöder fyra HE-scheman för att passa olika användarbehov, bestående av tre befintliga scheman och ett optimerat schema som vi designar, kallat Flashev2, som uppnår högsta tids- och rumeffektivitet i de flesta scenarier. Tids- och minneskostnaderna för alla fyra HE-scheman utvärderas också, och en jämförelse mellan fördelar och nackdelar sammanfattas. För att validera effektiviteten testas Heflp på MNIST-datasetet och Threat Intelligence-datasetet som tillhandahålls av CanaryBit, och resultaten visar att det framgångsrikt bevarar datasekretessen utan att äventyra modellens noggrannhet.
|
29 |
Evaluating Privacy Technologies in Blockchains for Financial Systems / Utvärdering av integritetsskyddsteknik i blockkedjor för finansiella systemSatheesha, Spoorthi January 2021 (has links)
The requirements of privacy have become a necessity in modern-day internet-based applications. This applies from traditional client-server applications to blockchain-based applications. Blockchains being a new domain for application development, the priority towards privacy beyond pseudo anonymity has been lacking. With financial applications built on blockchains entering mainstream adoption, and these applications handling sensitive data of users, it is useful to be able to understand how privacy technologies can help in ensuring that the user’s data privacy is maintained. This project addresses this by taking a simple financial transaction use case and applying various privacy technologies like Data Encryption, Zero-Knowledge Proofs, Trusted Execution Environments. Workflow and Component architecture is proposed for solutions based on these technologies and they are compared to identify which is a feasible solution for the use case. Trusted Execution Environments was concluded to be the best match for the requirements of the use case and Secret Network which is a blockchain built on this privacy technology was evaluated against determined privacy metrics and benchmarks were run to check the performance changes due to using the technology. Based on this analysis, Secret Network was found to be a good solution to handle the provided use case and flexible enough to handle more complex requirements. / Kraven på integritet har blivit en nödvändighet i dagens internetbaserade tillämpningar. Detta gäller från traditionella klient-server-tillämpningar till blockkedjebaserade tillämpningar. Eftersom blockkedjor är ett nytt område för utveckling av tillämpningar har man inte prioriterat integritet utöver pseudoanonymitet. I och med att finansiella tillämpningar som byggs på blockkedjor börjar bli allmänt accepterade, och att dessa tillämpningar hanterar känsliga uppgifter om användarna, är det bra att kunna förstå hur integritetsskyddstekniker kan bidra till att se till att användarnas integritet bevaras. Detta projekt tar itu med detta genom att ta ett enkelt användningsfall för finansiella transaktioner och tillämpa olika integritetsskyddstekniker som datakryptering, bevis för nollkunskap och betrodda utförandemiljöer. Arbetsflöden och komponentarkitektur föreslås för lösningar som bygger på dessa tekniker och de jämförs för att identifiera vilken lösning som är genomförbar för användningsfallet. Trusted Execution Environments konstaterades vara den bästa lösningen för kraven i användningsfallet och Secret Network, som är en blockkedja byggd på denna teknik för skydd av privatlivet, utvärderades mot fastställda integritetsmått och benchmarks kördes för att kontrollera prestandaförändringarna till följd av användningen av tekniken. På grundval av denna analys konstaterades Secret Network vara en bra lösning för att hantera det aktuella användningsfallet och tillräckligt flexibel för att hantera mer komplexa krav.
|
30 |
Hardware-Aided Privacy Protection and Cyber Defense for IoTZhang, Ruide 08 June 2020 (has links)
With recent advances in electronics and communication technologies, our daily lives are immersed in an environment of Internet-connected smart things. Despite the great convenience brought by the development of these technologies, privacy concerns and security issues are two topics that deserve more attention. On one hand, as smart things continue to grow in their abilities to sense the physical world and capabilities to send information out through the Internet, they have the potential to be used for surveillance of any individuals secretly. Nevertheless, people tend to adopt wearable devices without fully understanding what private information can be inferred and leaked through sensor data. On the other hand, security issues become even more serious and lethal with the world embracing the Internet of Things (IoT). Failures in computing systems are common, however, a failure now in IoT may harm people's lives. As demonstrated in both academic research and industrial practice, a software vulnerability hidden in a smart vehicle may lead to a remote attack that subverts a driver's control of the vehicle.
Our approach to the aforementioned challenges starts by understanding privacy leakage in the IoT era and follows with adding defense layers to the IoT system with attackers gaining increasing capabilities. The first question we ask ourselves is "what new privacy concerns do IoT bring". We focus on discovering information leakage beyond people's common sense from even seemingly benign signals. We explore how much private information we can extract by designing information extraction systems. Through our research, we argue for stricter access control on newly coming sensors. After noticing the importance of data collected by IoT, we trace where sensitive data goes. In the IoT era, edge nodes are used to process sensitive data. However, a capable attacker may compromise edge nodes. Our second research focuses on applying trusted hardware to build trust in large-scale networks under this circumstance. The application of trusted hardware protects sensitive data from compromised edge nodes. Nonetheless, if an attacker becomes more powerful and embeds malicious logic into code for trusted hardware during the development phase, he still can secretly steal private data. In our third research, we design a static analyzer for detecting malicious logic hidden inside code for trusted hardware. Other than the privacy concern of data collected, another important aspect of IoT is that it affects the physical world. Our last piece of research work enables a user to verify the continuous execution state of an unmanned vehicle. This way, people can trust the integrity of the past and present state of the unmanned vehicle. / Doctor of Philosophy / The past few years have witnessed a rising in computing and networking technologies. Such advances enable the new paradigm, IoT, which brings great convenience to people's life. Large technology companies like Google, Apple, Amazon are creating smart devices such as smartwatch, smart home, drones, etc. Compared to the traditional internet, IoT can provide services beyond digital information by interacting with the physical world by its sensors and actuators. While the deployment of IoT brings value in various aspects of our society, the lucrative reward from cyber-crimes also increases in the upcoming IoT era. Two unique privacy and security concerns are emerging for IoT. On one hand, IoT brings a large volume of new sensors that are deployed ubiquitously and collect data 24/7. User's privacy is a big concern in this circumstance because collected sensor data may be used to infer a user's private activities. On the other hand, cyber-attacks now harm not only cyberspace but also the physical world. A failure in IoT devices could result in loss of human life. For example, a remotely hacked vehicle could shut down its engine on the highway regardless of the driver's operation. Our approach to emerging privacy and security concerns consists of two directions. The first direction targets at privacy protection. We first look at the privacy impact of upcoming ubiquitous sensing and argue for stricter access control on smart devices. Then, we follow the data flow of private data and propose solutions to protect private data from the networking and cloud computing infrastructure. The other direction aims at protecting the physical world. We propose an innovative method to verify the cyber state of IoT devices.
|
Page generated in 0.0869 seconds