Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mimesis Aegis: A Mimicry Privacy Shield A System's Approach to Data Privacy on Public Cloud Billy Lau, Simon Chung, Chengyu Song, Yeongjin Jang, Wenke.

Similar presentations


Presentation on theme: "Mimesis Aegis: A Mimicry Privacy Shield A System's Approach to Data Privacy on Public Cloud Billy Lau, Simon Chung, Chengyu Song, Yeongjin Jang, Wenke."— Presentation transcript:

1 Mimesis Aegis: A Mimicry Privacy Shield A System's Approach to Data Privacy on Public Cloud Billy Lau, Simon Chung, Chengyu Song, Yeongjin Jang, Wenke Lee, and Alexandra Boldyreva USENIX 14 Presenter: Shasha Wen Some figures are from the author's slides

2 Outline Motivation Related work M-Aegis  System design  implementation Evaluation Limitation Conclusion

3 Motivation Public cloud services(PCS)  Trust server to secure our data  Conflict of interest for data privacy between users and PCS providers  Text communication service  Smart phone

4 Change the status End to end encryption  Hard in practical Good solution  Users' ease-of-use  Developers' effort to maintain support  Feasibility and deployability of solution on a mobile system

5 Design goals 1 2 3 For a solution to be secure, it must be properly isolated from untrusted entities For a solution to be adoptable, it must preserve the user experience For a solution to be sustainable, it must be easy to maintain and scalable

6 Outline Motivation Related work M-Aegis  System design  implementation Evaluation Limitation Conclusion

7 Related work Standalone solutions  Protect data confidentiality  Good isolation from untrusted entities  e.g. Gibberbot, TextSecure, SafeSlinger......  Problem Not preserve user experience 1

8 Related work Browser Plugin/Extension Solutions  e.g. Cryptocat, Scramble, NOYB......  Provides transparent integration  Problem Not applicable to mobile platform App repackaging/Rewriting solution  e.g. Aurasium, Dr. Android......  Problem Breaks app updates Isolation model is unclear 2 2

9 Outline Motivation Related work M-Aegis  System design  Implementation Evaluation Limitation Conclusion

10 Mimesis Aegis Apply end-to-end encryption while preserving user experience  Mimicking GUIs of app of interest  Interacting with app on behalf of user Good isolation model Generalizable across different apps Resilient to app updates 3 2 1

11 Mimesis Aegis

12 M-Aegis System Design-Threat Model In-scope  Untrusted parties Public cloud service providers Client side apps Middle boxes between a PCS and client side app  Trusted components Hardware, OS, keyboard, M-Aegis components, the user Out of scope  availability(denial-of-service)  Attacks against our TCB

13 M-Aegis System Design-Architecture Layer 7.5  User interface automation/accessibility(UIA)  Secure  No developer attention  Users' sense

14 M-Aegis System Design-Architecture Layer 7.5  Interactions without data confidentiality click-through  Interactions with data confidentiality Place opaque GUIs in different color  Interactions with control GUIs Semi-transparent mimic GUIs

15 M-Aegis System Design-Architecture UI Automation Manager(UIAM)  Give M-Aegis the context of the screen TCA, GUI tree, content of the GUI  Provide information to correctly render GUIs Per-Target Client App(TCA) Logic  Handle direct user input  Decides suitable actions Pass or encode Encryption and encoding scheme

16 M-Aegis System Design-Architecture Cryptographic Module  Key manager Per TCA Password based(default) to more sophisticated one  Searchable Encryption Scheme Easily-deployable efficiently-searchable symmetric encryption(EDESE)

17 Searchable Encryption Scheme Normal encryption  “ab”, ”abc” Bellare et al[1]  keywords HMACs of unique keywords Add dummy keywords  Bloom filter(BF) Efficient set-inclusion tests Encodes the positions of on-bits in a BF [1] BELLARE, M., BOLDYREVA, A., AND O’NEILL, A. Determin- istic and efficiently searchable encryption. In CRYPTO (2007), A. Menezes, Ed., vol. 4622 of Lecture Notes in Computer Sci- ence, Springer, pp. 535–552.

18 Searchable Encryption Scheme Bloom filter(BF) From http://en.wikipedia.org/wiki/Bloom_filter Keyword:128bit BF: 2 24 k: 10

19 M-Aegis System Design- User Workflow launch the Gmailinitialize UserL7.5UIAMPer-TCA logic detect Detect statecomposingMimic GUI send Get content; Get the key; encode Mimic GUI Send to app; Click “send” App UI

20 M-Aegis Implementation UIAM based on UIA libraries  Monitor events WINDOW_CONTEST_CHANGED WINDOW_STATE_CHANGED VIEW_SCROLLED  Query for UI node Resource ID ← UI Automator Viewer performAction() Layer 7.5 always-on-top  Creation of various system windows TYPE_SYSTEM_OVERLAY TYPE_SYSTEM_ERROR

21 M-Aegis Implementation Per-TCA Logic  Identify signatures for each TCA state  Event handler  Type of input data  Encrypt data into CJK unicode Cryptographic Schemes  AES-GCM-256  PBKDF2 & SHA-1 as HMAC

22 Outline Motivation Related work M-Aegis  System design  Implementation Evaluation Limitation Conclusion

23 M-Aegis Evaluations-Performance Experimental Setup:  Stock Android phone(LG Nexus 4) Android 4.4.2(Kit Kat, API level 19)  Repeat 10 times and take average Preview Encrypted Email  76 ms to render plaintext on L-7.5  Well with expected response time(50-150ms) Composing and Sending Encrypted Email  With longest email: 953 words, of which 362 are unique 205 ms to encrypt, build the search index, and encode

24 M-Aegis Evaluations-User Study Users: college students  Tasks: previewing, reading, composing, sending and searching  Difference and experience Report from 15 participants  No one notice major difference One: L-7.5 didn't catch up smoothly when scrolled One: L-7.5 lag when reading emails  All would use M-Aegis to protect the privacy of their data

25 Outline Motivation Related work M-Aegis  System design  Implementation Evaluation Limitation Conclusion

26 Limitation Data format  text(Unicode-compatible)  Not support other types(e.g. Image, audio, video) Unavailability of transformation functions Other process steps, like compression Typographical error during search  Rare happen  Encryption schemes that tolerate typographical error search without server modification

27 Outline Motivation Related work M-Aegis  System design  Implementation Evaluation Limitation Conclusion

28 Users can control private data using Mimesis Aegis  Layer 7.5 Strong isolation Preserve original user experience Scalar to more apps and resilient to app updates  Prototype on Android Minimal overhead User study shows acceptable

29 Questions?


Download ppt "Mimesis Aegis: A Mimicry Privacy Shield A System's Approach to Data Privacy on Public Cloud Billy Lau, Simon Chung, Chengyu Song, Yeongjin Jang, Wenke."

Similar presentations


Ads by Google