Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Interdisciplinary Approach to Grid Security P Y A Ryan School of Computing Science University of Newcastle.

Published byJasmine Harnett Modified over 9 years ago

Similar presentations

Presentation on theme: "An Interdisciplinary Approach to Grid Security P Y A Ryan School of Computing Science University of Newcastle."— Presentation transcript:

1 An Interdisciplinary Approach to Grid Security P Y A Ryan School of Computing Science University of Newcastle

2 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan DIRC Dependability Interdisciplinary Research Collaboration. 6 year (1st July, 2000 - 30th June, 2006 ), EPSRC funded collaboration of 5 institutes: –City University, London. –Edinburgh –Lancaster –Newcastle –York

3 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Aims From the DIRC web page: “To address the dependability of computer- based systems. Dependability is a deliberately broad term to encompass many facets including reliability, security and availability. The term "computer-based systems" highlights the involvement of human participants. The interdisciplinary approach includes, for example, sociologists and psychologists as well as computer scientists and statisticians.”

4 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Key messages Security matters for Grid Security is challenging Needs to be addressed early Needs to be addressed in an interdisciplinary fashion Failures will occur. –Prevention is not enough. –=> need to develop effective detection, containment and recovery mechanisms, strategies. –Synergy between dependability/fault tolerance and security communities.

5 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Beyond the glass bead game… Most security vulnerabilities can be traced back to failures to take due account of human factors: –Weak passwords, post-its,… –Social engineering, –Poorly designed, non-intuitive interfaces, –Failures to patch promptly. However, most work hitherto has concentrated on purely technical challenges and issues. Notable exceptions: –Roger Needham –Ross Anderson –Angela Sasse –Doug Tygar –Avi Rubin –Kevin Mitnick ?!

6 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Goals, policies, rules Security goals are high-level requirements. Goals induce constraints (may include obligations, availability…) on the behaviour of components, including the humans. Typically need a mix of technical (crypto, access control,…) as well as legal, social enforcement mechanisms (audits, accountability,…). The conjunction of rules and mechanisms as the “security policy”.

7 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Security policy rules The policy and assumptions should entail the goals. Violation of rules does not necessarily entail a violation of the goals, e.g., use of weak passwords. Hazard states. Tendency to assume that everything can be technically enforced. Modelling and analysis tractable.

8 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Limits of technical enforcement Theoretical limits: –E.g., information flow (confidentiality, integrity) not enforceable. Pillow talk etc.. Envelope of what is technically enforced can be pushed out: –E.g., separation of duty –Least privilege –Forced complexity of passwords… In practice it may not be effective: –Inflexible –Unwieldy –Counterproductive (workarounds, post-its)

9 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Security culture Fully technically enforced security doesn’t seem feasible or desirable. May be counter-cultural, e.g., clinicians, bank managers…. Need to deal with exceptions, adaptation… User involvement in system security is essential. Security cultures-how do organisations instil and maintain a culture of security. –Grid theory. Need to be able to establish cost effective balance and mix of socio-technical mechanisms. Need to better understand, ideally to be able to model the various stakeholders.

10 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Modelling the users Mental models-how do humans construct mental models to interpret the behaviour of security mechanisms –“Why Johnny can’t encrypt” –Rushby style FSM models –Chaum experiments… Shaping factors- what influences peoples attitude and effectiveness: –Stress, fatigue –Risk perception, anticipated regret. –Least effort.

11 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Modelling the adversary Difference with dependability: accidental vs. malicious (intentional). Pure actuarial data not very useful. Traditionally fairly crude models: e.g., Dolev-Yao for security protocols. Really just rough models of capability. No motivation, risk perception, expertise, collusion etc. Can we do better, e.g., constraint approach. Game theory. Psychology of hackers. Hacker community.

12 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Detection and recovery Intrusion/failure detection. Difficulty in distinguishing normal, accidental and malicious. Define failure modes (vulnerabilities). Define recovery modes and strategies. Learning and adaptation.

13 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Boundaries, structure, abstraction… Recurring problem: where to draw the system boundaries, where to set the levels of abstraction. Security properties tend not to behave well under refinement and composition. Creating systems. Recovery systems. Legal redress, liability

14 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Challenges Establish minimal policy requirements (policy templates, meta-policies?) To what extent are security requirements uniform across grid projects? Data vs. compute grids. Similar to security requirements across other domains: military, commercial etc? is RBAC or maybe TBAC enough? Medical applications lead to richer info flow policies. How special is security really? Better understanding (models?) of the role of humans. Boundaries, levels of abstraction.

15 An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Ongoing DIRC work Security cultures-application of grid theory. GOLD: grid-enabled, virtual (dynamic) enterprises for the (UK) Pharmaceutical industry. Dependability/risk analysis of the Chaum voting scheme (DSN). Trials of Chaum-understanding, mental models, public trust etc. More (Grid) case studies welcome. DIRC potentially a useful resource.

Download ppt "An Interdisciplinary Approach to Grid Security P Y A Ryan School of Computing Science University of Newcastle."

Similar presentations

Intelligence Step 5 - Capacity Analysis Capacity Analysis Without capacity, the most innovative and brilliant interventions will not be implemented, wont.

Intelligence Step 5 - Capacity Analysis Capacity Analysis Without capacity, the most innovative and brilliant interventions will not be implemented, wont.
Operating System Security

Operating System Security
Ch:8 Design Concepts S.W Design should have following quality attribute: Functionality Usability Reliability Performance Supportability (extensibility,

Ch:8 Design Concepts S.W Design should have following quality attribute: Functionality Usability Reliability Performance Supportability (extensibility,
Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
Teaching Diversity Through Inclusive Design Case Studies L. Goldberg, E. Jolly, J.P. Mellor, B. Moeller, M. Rothberg, R. Stamper, and M. Wollowski Rose-Hulman.

Teaching Diversity Through Inclusive Design Case Studies L. Goldberg, E. Jolly, J.P. Mellor, B. Moeller, M. Rothberg, R. Stamper, and M. Wollowski Rose-Hulman.
Systems Engineering in a System of Systems Context

Systems Engineering in a System of Systems Context
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
July 1, 2004Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.

April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
System Engineering Instructor: Dr. Jerry Gao. System Engineering Jerry Gao, Ph.D. Jan. 1999 - System Engineering Hierarchy - System Modeling - Information.

System Engineering Instructor: Dr. Jerry Gao. System Engineering Jerry Gao, Ph.D. Jan System Engineering Hierarchy - System Modeling - Information.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 2 Slide 1 Systems engineering 1.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 2 Slide 1 Systems engineering 1.
Author: Andy Reedftp://topsurf.co.uk/reed FdSc IT/Computer Networking & IT(e-commerce) Communications Network Management An Introduction to Security.

Author: Andy Reedftp://topsurf.co.uk/reed FdSc IT/Computer Networking & IT(e-commerce) Communications Network Management An Introduction to Security.
Upstream Prerequisites

Upstream Prerequisites
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Mixed commercialized health systems: the implications for regulation and stewardship HPF Hub Technical Review meeting Krishna Hort : Monday 10 October.

Mixed commercialized health systems: the implications for regulation and stewardship HPF Hub Technical Review meeting Krishna Hort : Monday 10 October.
DIRC PA6: Security and Privacy in Computer-Based Systems Peter Ryan School of Computing Science University of Newcastle

DIRC PA6: Security and Privacy in Computer-Based Systems Peter Ryan School of Computing Science University of Newcastle
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Similar presentations

Ads by Google