Presentation is loading. Please wait.

Presentation is loading. Please wait.

Application-screen Masking: A Hybrid Approach Abigail Goldsteen, Ksenya Kveler, Tamar Domany, Igor Gokhman, Boris Rozenberg, Ariel Farkash Information.

Published byEthan Wiggins Modified over 8 years ago

Similar presentations

Presentation on theme: "Application-screen Masking: A Hybrid Approach Abigail Goldsteen, Ksenya Kveler, Tamar Domany, Igor Gokhman, Boris Rozenberg, Ariel Farkash Information."— Presentation transcript:

1 Application-screen Masking: A Hybrid Approach Abigail Goldsteen, Ksenya Kveler, Tamar Domany, Igor Gokhman, Boris Rozenberg, Ariel Farkash Information Privacy and Security, IBM Research – Haifa Presented by Abigail Goldsteen W2SP Workshop, San Jose, May 2014 © 2014 IBM Corporation

2 Agenda Problem Existing approaches Our approach Challenges and limitations Comparison between approaches Summary Questions

3 © 2014 IBM CorporationAgenda Problem Existing approaches Our approach Challenges and limitations Comparison between approaches Summary Questions

4 © 2014 IBM CorporationProblem How to share information while safeguarding the privacy and security of sensitive data Existing applications New users/ use cases Need to prevent users from viewing information they are not authorized to see

5 © 2014 IBM CorporationExample Data Center Outsourced Call Center Germany India Balance : John Smith 35 $127.50 National ID : Name :

6 © 2014 IBM CorporationAgenda Problem Existing approaches Our approach Challenges and limitations Comparison between approaches Summary Questions

7 © 2014 IBM Corporation Existing approaches 1.Redesign application o Can be very complicated and costly o Not always possible due to lack of skills 2.Mask values in database o Difficult to maintain several copies o May “ break ” the application 3.Mask application-screens o Sensitive values are removed/masked after the application has constructed the visual layout of the screen Application server Client Masking

8 © 2014 IBM Corporation Rule types Content-based Based on the text value or its format Can be defined using o Regular expressions o Natural Language Processing (NLP) o Other data classification techniques Example: o A regular expression depicting email addresses Context-based Based on the visual structure of the screen Can be defined using o UI constructs (labeled fields, table columns, drop-down boxes, etc.) o A relationship between two entities on the screen o Absolute locations Example: o Mask all labeled fields in which the label is “Email Address”

9 © 2014 IBM Corporation Existing application-screen masking approaches (1) At the network level: Fast Secure ×Simplistic content-based rules Application server Client Web Proxy HTTP request HTTP response Masked HTTP response HTTP request Masking Masked screen

10 © 2014 IBM Corporation Existing application-screen masking approaches (2) At the presentation level: Context-based rules defined on screen ×Difficulties in handling complex screens ×Severe performance issues Application server Client VNC Server HTTP request HTTP response Masked RFB Remote Framebuffer (RFB) Masking OCR Masked screen Unmasked

11 © 2014 IBM Corporation Existing application-screen masking approaches (3) At the operating system level Context-based rules defined on screen ×Installation on every end-user machine ×Security issues Application server Client HTTP request HTTP response Masked screen Masking

12 © 2014 IBM CorporationAgenda Problem Existing approaches Our approach Challenges and limitations Comparison between approaches Summary Questions

13 © 2014 IBM Corporation Hybrid approach Masking at the network level Fast Secure Easy rule definition at the presentation level Context-based rules defined on screen Content-based rules are also supported

14 © 2014 IBM Corporation Some features All sensitive information is removed from the message and does not reach the browser o Cannot be viewed on screen or in page source Masking server and proxy are placed within the enterprise’s internal network o Sensitive information does not leave the premises Client requests are also intercepted to check if they contain masked data o The request is reconstructed with the original data before sending to the server

15 © 2014 IBM Corporation Masking rules Rules are expressed in Javascript 1. Mozilla Spidermonkey, https://developer.mozilla.org/en-US/docs/SpiderMonkey Each rule is executed on a specific HTTP message o Can be filtered based on URL, server or client IP and username Several possible masking methods o Remove, Replace, Encrypt, etc. o Powerful Can define any type of context-based rule o Flexible Can work on many payload formats (e.g., HTML, XML, JSON, etc.) o Fast Executed using existing, optimized engine 1

16 © 2014 IBM Corporation Visual rule authoring Creating Javascript rules for individual HTTP messages is very difficult o Each displayed element (e.g., table) may originate from several different messages May have different formats May come from AJAX requests o Need to use several tools to inspect network traffic, understand the underlying DOM and associate between the displayed element and the messages that created it o Need to write scripts that are syntactically correct and validate that masking is performed correctly Need some tool to facilitate rule authoring process

17 © 2014 IBM Corporation “Selection tool”

18 © 2014 IBM Corporation “Selection tool” close-up Web-based tool, implemented in Javascript A floating panel attached to the original application Intercepts mouse hovering and click events to enable selection

19 © 2014 IBM CorporationAgenda Problem Existing approaches Our approach Challenges and limitations Comparison between approaches Summary Questions

20 © 2014 IBM Corporation Technical challenges (1) Automatically creating scripts from user selections

21 © 2014 IBM Corporation Technical challenges (1) Our solution: We devised an algorithm for detecting the origin of each screen element while the page is loading o Monitors all web page modifications, compares the DOM before and after the modifications and captures the changes that were initiated by HTTP messages o Creates a map between each visual element and the message it came from, including the message’s URL and the location of the element within the message (e.g., Xpath)

22 © 2014 IBM Corporation Technical challenges (2) Interacting with the target application without changing it o Need to catch DOM changes and add listeners for mouse events in the target application o Browsers’ same-origin policy prevents pages/frames from different origins from manipulating each others’ DOMs 2  This prevents the naïve solution of presenting the target application in its own frame within a larger rule-authoring tool page o Possible solutions: Browser add-on Standalone tool Our solution is based on hidden frames and “injecting” the selection tool code into the application messages using the runtime proxy 2. J. Ruderman, “The same origin policy”, http://www.mozilla.org/projects/security/components/same-origin.html  Both require installation on the rule-author’s machine

23 © 2014 IBM CorporationLimitations 1.Cannot mask information that does not flow over the network, i.e., generated on the client-side o Example: an average that is calculated in the browser using Javascript 2.Cannot mask information that flows in binary format o Examples: images, Java applets, Adobe Flash objects, etc. 3.May fail client-side validation o Example: a field that checks for a valid email address o Solution: use format-preserving masking techniques

24 © 2014 IBM CorporationAgenda Problem Existing approaches Our approach Challenges and limitations Comparison between approaches Summary Questions

25 © 2014 IBM Corporation Comparison of approaches (1) Rule strength and granularity o We compare our context-based approach with content-based rules and database masking, based on 4 criteria: Masking granularity – the ability to mask exactly what is needed Logical rule coverage - the ability to describe a rule by its logical content (e.g., mask only patient emails) Visual rule coverage - the ability to mask all or part of the elements in a given area of the screen Visual screen context - the ability to create rules in the context of the presentation layer

26 © 2014 IBM CorporationExamples Masking granularity: o A content-based rule will always mask all phone numbers in the application Cannot mask only patient phone numbers and not physician phone numbers Logical rule coverage: o At the DB layer, any data item can be specified for masking only once, even if it appears on several pages or has several different formats Cannot support cases where a data item in a table appears in two different contexts, one that should be masked and one that shouldn’t Visual rule coverage o Our approach enables masking all items in a given area of the screen, even though there may not be any correlation in the format or database table

27 © 2014 IBM Corporation Comparison of approaches (2) Rule enforcement mechanisms o We compare our network-level enforcement with masking at the database level and the at the presentation-layer (using OCR), based on 3 criteria: Application integrity – effects on the proper functioning of the application Role-based masking – different masking based on user roles Impact of screen complexity – do complex screens make masking more difficult?

28 © 2014 IBM CorporationExamples Application integrity o At the DB layer, illegal or missing values can result in “breaking” the application o At the network layer, client-side validation or calculations may be compromised Impact of screen complexity o Masking at the presentation layer is directly correlated to screen complexity Overlapping or partially visible windows pose a significant challenge o Network-based masking is somewhat affected by application complexity, e.g., a screen constructed from many different messages Masking is still possible, but rule definition is more complicated

29 © 2014 IBM CorporationAgenda Problem Existing approaches Our approach Challenges and limitations Comparison between approaches Summary Questions

30 © 2014 IBM CorporationSummary We showed a hybrid approach that combines context-based rule creation at the presentation level with enforcement at the network level This enables: o Powerful and flexible rule language o Easy and straight-forward rule authoring process o Minimal performance impact at runtime Masking rules are defined in a simple and intuitive manner while navigating the target application and clicking on sensitive areas Requires minimal changes to the existing environment – no changes to the application or database

31 © 2014 IBM CorporationAgenda Problem Existing approaches Our approach Challenges and limitations Comparison between approaches Summary Questions

32 © 2014 IBM Corporation Questions?

33 Thank you

Download ppt "Application-screen Masking: A Hybrid Approach Abigail Goldsteen, Ksenya Kveler, Tamar Domany, Igor Gokhman, Boris Rozenberg, Ariel Farkash Information."

Similar presentations

Chapter 11 Designing the User Interface

Chapter 11 Designing the User Interface
JavaScript FaaDoOEngineers.com FaaDoOEngineers.com.

JavaScript FaaDoOEngineers.com FaaDoOEngineers.com.
Microsoft Excel 2003 Illustrated Complete Excel Files and Incorporating Web Information Sharing.

Microsoft Excel 2003 Illustrated Complete Excel Files and Incorporating Web Information Sharing.
Chapters 14 & 15 Internet Databases. E-Commerce  Bringing new products, services, or ideas to market, supporting and enhancing business operations 

Chapters 14 & 15 Internet Databases. E-Commerce  Bringing new products, services, or ideas to market, supporting and enhancing business operations 
Languages for Dynamic Web Documents

Languages for Dynamic Web Documents
© 2007 IBM Corporation IBM Emerging Technologies Enabling an Accessible Web 2.0 Becky Gibson Web Accessibility Architect.

© 2007 IBM Corporation IBM Emerging Technologies Enabling an Accessible Web 2.0 Becky Gibson Web Accessibility Architect.
Visual Web Information Extraction With Lixto Robert Baumgartner Sergio Flesca Georg Gottlob.

Visual Web Information Extraction With Lixto Robert Baumgartner Sergio Flesca Georg Gottlob.
Web Page Behavior IS 373—Web Standards Todd Will.

Web Page Behavior IS 373—Web Standards Todd Will.
Dynamic Web Pages Bert Wachsmuth. Review  Internet, IP addresses, ports, client-server, http, smtp  HTML, XHTML, XML  Style Sheets, external, internal,

Dynamic Web Pages Bert Wachsmuth. Review  Internet, IP addresses, ports, client-server, http, smtp  HTML, XHTML, XML  Style Sheets, external, internal,
Performed by:Gidi Getter Svetlana Klinovsky Supervised by:Viktor Kulikov 08/03/2009.

Performed by:Gidi Getter Svetlana Klinovsky Supervised by:Viktor Kulikov 08/03/2009.
Macromedia Dreamweaver 4 Advanced Level Course. Add Rollovers Rollovers or mouseovers are possibly the most popular effects used in designing Web pages.

Macromedia Dreamweaver 4 Advanced Level Course. Add Rollovers Rollovers or mouseovers are possibly the most popular effects used in designing Web pages.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Development of mobile applications using PhoneGap and HTML 5

Development of mobile applications using PhoneGap and HTML 5
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.

COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
Creating a SharePoint App with Microsoft Access Services

Creating a SharePoint App with Microsoft Access Services
Automation using Selenium Authored & Presented by : Chinmay Sathe & Amit Prabhu Cybage Software Pvt. Ltd.

Automation using Selenium Authored & Presented by : Chinmay Sathe & Amit Prabhu Cybage Software Pvt. Ltd.
Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.

Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.
Chapter 9 Web Applications Copyright © 2011 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill.

Chapter 9 Web Applications Copyright © 2011 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill.
1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.

1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.
INTRODUCTION TO WEB DATABASE PROGRAMMING

INTRODUCTION TO WEB DATABASE PROGRAMMING

Similar presentations

Ads by Google