Presentation is loading. Please wait.

Presentation is loading. Please wait.

Scalability in a Secure Distributed Proof System Kazuhiro Minami and David Kotz May 9, 2006 Institute for Security Technology Studies Dartmouth College.

Published byCecilia Woods Modified over 8 years ago

Similar presentations

Presentation on theme: "Scalability in a Secure Distributed Proof System Kazuhiro Minami and David Kotz May 9, 2006 Institute for Security Technology Studies Dartmouth College."— Presentation transcript:

1 Scalability in a Secure Distributed Proof System Kazuhiro Minami and David Kotz May 9, 2006 Institute for Security Technology Studies Dartmouth College

2 Institute for Security Technology Studies, Dartmouth College1 Context-sensitive authorization Consider a requester’s context (e.g., location) to make an authorization decision –Support unregistered users –Non-intrusive access to resources Authorization system Request Granting decision (TRUE or FALSE) Context information

3 Institute for Security Technology Studies, Dartmouth College2 Emergency response system First responder Situation monitor server Request Responder assistance Critical incident Access is granted if a requester is located at the scene, and holds the role ``fire fighter.’’ Context-sensitive authorization policy

4 Institute for Security Technology Studies, Dartmouth College3 Logic-based approach Inference engine Authorization Server ?grant(Bob) TRUE Knowledge base Proof Tree Rules Facts

5 Institute for Security Technology Studies, Dartmouth College4 Secure distributed proof system [Minami and Kotz 2005] Host A Host B Host C Sub-Proof Tree Sub-Proof Tree Sub-Proof Tree Authorization Query Logical Query Protect confidential rules and facts in each host Proof decomposition on multiple hosts Each host returns an encrypted result (or subproof)

6 Institute for Security Technology Studies, Dartmouth College5 Performance consideration Handling a query could involve long latency –Cryptographic operations –Transmission of data over a network Can we build a practical system with reasonable performance?

7 Institute for Security Technology Studies, Dartmouth College6 Caching and revocation Speed –Reduce average latency for handling a query Freshness –Keep cached information fresh Fault tolerance –Not give unauthorized access based on stale cached information

8 Institute for Security Technology Studies, Dartmouth College7 Caching mechanism In many pervasive applications, users access a same resource continuously Can avoid issuing subsequent queries with caching Support both positive and negative caching

9 Institute for Security Technology Studies, Dartmouth College8 Positive and negative caching A fact that is proven goes to the positive KB. Positive KB Negative KB Inference engine ?loc(Bob, room12) TRUE loc(Bob,room12) Host A Host B

10 Institute for Security Technology Studies, Dartmouth College9 Positive and negative caching A fact that is not provable is stored in the negative KB. Positive KB Negative KB Inference engine ?loc(Alice, room12) FALSE loc(Bob,room12) Host A Host B loc(Alice,room12)

11 Institute for Security Technology Studies, Dartmouth College10 Capability-based revocation Some facts in a proof are dynamic Multiple hosts can revoke cached information A query result contains a capability (random number) Each host maintains dependencies among local and remote facts

12 Institute for Security Technology Studies, Dartmouth College11 Capability-based revocation H0H0 H3H3 H2H2 H1H1 ?loc(bob, hospital) (TRUE, c 2 ) (TRUE, c 3 ) ?owner(bob, pda11) ?loc(pda11, hospital) (TRUE, c 1 ) Positive KB owner(bob, pda11), c 2 loc(pda11, hospital), c 3 Positive KB loc(bob, hospital), c 1

13 Institute for Security Technology Studies, Dartmouth College12 Capability-based revocation H0H0 H3H3 H2H2 H1H1 c3c3 Positive KB owner(bob, pda11), c 2 loc(pda11, hospital), c 3 Positive KB loc(bob, hospital), c 1 c1c1

14 Institute for Security Technology Studies, Dartmouth College13 Semantics of revocation Positive KB Negative KB Revocation handler loc(Bob,room12), C 1 Host A Host B loc(Alice,room12), C 2 C1C1

15 Institute for Security Technology Studies, Dartmouth College14 Semantics of revocation Positive KB Negative KB Revocation handler Host A Host B loc(Alice,room12), C 2 C2C2

16 Institute for Security Technology Studies, Dartmouth College15 Semantics of revocation Positive KB Negative KB Revocation handler Host A Host B loc(Alice,room12), C 2 We cannot use the same capability c2c2 Adversary

17 Institute for Security Technology Studies, Dartmouth College16 Semantics of revocation Positive KB Negative KB Revocation handler Host A Host B Adversary

18 Institute for Security Technology Studies, Dartmouth College17 Additional measures for revocation Establish a secure channel for sending revocation messages Generate a new capability for switched cached information

19 Institute for Security Technology Studies, Dartmouth College18 Evaluation Is our system scalable to a large number of servers? Does our revocation mechanism keep cached information fresh?

20 Institute for Security Technology Studies, Dartmouth College19 Experiment to measure latency for handling a query Measure latency for handling a query whose proof spans across 27 different hosts in a cluster.

21 Institute for Security Technology Studies, Dartmouth College20 Comparison of latency for handling a query Latency (ms) Number of nodes in a proof tree 05 10 15 20 25 30 35 40 45 50 3000 2500 2000 1500 1000 500 0 No caching with RSA No caching with TDES Cold caching Warm caching Local processing With RSA public-key encryption

22 Institute for Security Technology Studies, Dartmouth College21 Comparison of latency for handling a query Latency (ms) Number of nodes in a proof tree 05 10 15 20 25 30 35 40 45 50 3000 2500 2000 1500 1000 500 0 No caching with RSA No caching with TDES Cold caching Warm caching Local processing With TDES encryption

23 Institute for Security Technology Studies, Dartmouth College22 Comparison of latency for handling a query Latency (ms) Number of nodes in a proof tree 05 10 15 20 25 30 35 40 45 50 3000 2500 2000 1500 1000 500 0 No caching with RSA No caching with TDES Cold caching Warm caching Local processing Exclude latency for initial queries

24 Institute for Security Technology Studies, Dartmouth College23 Comparison of latency for handling a query Latency (ms) Number of nodes in a proof tree 05 10 15 20 25 30 35 40 45 50 3000 2500 2000 1500 1000 500 0 No caching with RSA No caching with TDES Cold caching Warm caching Local processing All the policies and facts in a single host

25 Institute for Security Technology Studies, Dartmouth College24 Latency for revoking cached information Cluster Test driver query host 0 host 1 host n... Event Generator Event Revocation messages Notification Measure round-trip latency of a revocation message

26 Institute for Security Technology Studies, Dartmouth College25 Latency for revoking cached information Depth of a proof tree and #hosts Latency (ms)

27 Institute for Security Technology Studies, Dartmouth College26 Summary Novel caching and revocation mechanisms for a secure distributed proof system Positive and negative caching that minimize the number of remote queries Recursive revocation in a distributed environment The amortized performance of our system scales to dozens of servers

28 Institute for Security Technology Studies, Dartmouth College27 Thank you! Fore related papers http://www.cs.dartmouth.edu/~minami For other projects in our group http://cmc.cs.dartmouth.edu

29 Institute for Security Technology Studies, Dartmouth College28 Extra slides

30 Institute for Security Technology Studies, Dartmouth College29 Semantics of negative revocation A revoked negative fact moves to the positive KB Cannot reuse the same capability A revocation message must contain a new capability encrypted with a secret key.

31 Institute for Security Technology Studies, Dartmouth College30 Implementation 12,000+ lines of code in Java –based on XProlog (3,800 lines of code) Java Cryptographic Extension (JCE) –RSA public-key operations key length: 1024 bits public exponent: 65537 MD5 for signing –TDES symmetric-key operations Outer-CBC in EDE mode key length: 192 bits (3 keys)

32 Institute for Security Technology Studies, Dartmouth College31 Crypto. parameters RSA public-key operations –key length: 1024 bits –public exponent: 65537 –EME-PKCS1-v1_5 padding method –MD5 for signing TDES operations –key length: 192 bits (3 keys) –Outer-CBC in EDE mode

33 Institute for Security Technology Studies, Dartmouth College32 Experiment of measuring latency for handling a query 27-node (2.8GHz Intel XEONs) cluster with Gigabit Ethernet Java Runtime version1.5.0 on RedHat Linux 9 host Policy Generator KB #nodes in a proof rules & facts

34 Institute for Security Technology Studies, Dartmouth College33 Experiment of measuring latency for handling a query Test driver query host Event Generator KB proof Events 20 events per second for each fact 10 sets of 10 different queries

35 Institute for Security Technology Studies, Dartmouth College34 Measurements for revoking cached information Cluster Test driver query host 0 host 1 host n... Event Generator Event Revocation messages Notification Measure round-trip latency of a revocation message

36 Institute for Security Technology Studies, Dartmouth College35 Related Work Context-sensitive authorization systems [ Al-Muhtadi03, Bacon02, Covington01, Hulsebosch05, Kapadia04, Males03 ] –Centralized architecture Distributed logic system [Ranganathan03] –No caching Caching in a distributed logic system [Bauer05,Katsire03] –No revocation mechanism

Download ppt "Scalability in a Secure Distributed Proof System Kazuhiro Minami and David Kotz May 9, 2006 Institute for Security Technology Studies Dartmouth College."

Similar presentations

An Alternative to Short Lived Certificates By Vipul Goyal Department of Computer Science & Engineering Institute of Technology Banaras Hindu University.

An Alternative to Short Lived Certificates By Vipul Goyal Department of Computer Science & Engineering Institute of Technology Banaras Hindu University.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Secure Context-sensitive Authorization Kazuhiro Minami and David Kotz Dartmouth College.

Secure Context-sensitive Authorization Kazuhiro Minami and David Kotz Dartmouth College.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 5 Network Security Protocols in Practice Part I

Chapter 5 Network Security Protocols in Practice Part I
Scalable Flow-Based Networking with DIFANE 1 Minlan Yu Princeton University Joint work with Mike Freedman, Jennifer Rexford and Jia Wang.

Scalable Flow-Based Networking with DIFANE 1 Minlan Yu Princeton University Joint work with Mike Freedman, Jennifer Rexford and Jia Wang.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.

Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
1 CS 577 “TinySec: A Link Layer Security Architecture for Wireless Sensor Networks” Chris Karlof, Naveen Sastry, David Wagner UC Berkeley Summary presented.

1 CS 577 “TinySec: A Link Layer Security Architecture for Wireless Sensor Networks” Chris Karlof, Naveen Sastry, David Wagner UC Berkeley Summary presented.
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.

Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
Copyright © 2003-2004 B. C. Neuman, - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Fall 2003 1 Security Systems Lecture notes Dr.

Copyright © B. C. Neuman, - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Fall Security Systems Lecture notes Dr.
EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Improving Data Access in P2P Systems Karl Aberer and Magdalena Punceva Swiss Federal Institute of Technology Manfred Hauswirth and Roman Schmidt Technical.

Improving Data Access in P2P Systems Karl Aberer and Magdalena Punceva Swiss Federal Institute of Technology Manfred Hauswirth and Roman Schmidt Technical.

Similar presentations

Ads by Google