Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lightweight Consistency Enforcement Schemes for Distributed Proofs with Hidden Subtrees Adam J. Lee, Kazuhiro Minami, and Marianne Winslett University.

Published byWinfred Park Modified over 8 years ago

Similar presentations

Presentation on theme: "Lightweight Consistency Enforcement Schemes for Distributed Proofs with Hidden Subtrees Adam J. Lee, Kazuhiro Minami, and Marianne Winslett University."— Presentation transcript:

1 Lightweight Consistency Enforcement Schemes for Distributed Proofs with Hidden Subtrees Adam J. Lee, Kazuhiro Minami, and Marianne Winslett University of Illinois at Urbana-Champaign June 21, 2007 http://dais.cs.uiuc.edu/dais/security

2 1 Knowledge base Knowledge base Knowledge base Knowledge base P0P0 P1P1 P2P2 P3P3 Distributed proof system  Construct a proof in a peer-to-peer way  Each peer maintains local security policies

3 2 P0P0 P1P1 P2P2 P3P3 Distributed proof system  Construct a proof in a peer-to-peer way  Each peer maintains local security policies

4 3 Security policies Security policies Security policies Security policies P0P0 P1P1 P2P2 P3P3 Distributed proof system  Construct a proof in a peer-to-peer way  Each peer maintains local security policies domain Adomain B domain d domain C

5 4 P0P0 P1P1 ?grant(alice, database) true √ Querier P2P2 P3P3 ?location(alice, hospital) ?role(alice,doctor) true Location server Role server Distributed proof system  Construct a proof in a peer-to-peer way  Each peer maintains local security policies

6 5 Policy Directed Proof Construction Integrity trust Confidentiality trust

7 6 Policy Directed Proof Construction Confidentiality trust

8 7 Projector Room 2124 Temporal Consistency Issue in Distributed Proving Show medical records if only Alice is in the room and the door is locked. Access control policy

9 8 Consistency Issue in Distributed Proving P0P0 P1P1 P2P2 ?occupancy_one(2124, alice) P3P3 Location server Door sensor ?grant(alice, projector) Alice Bob Door (open) Time: T 1 true Room 2124 Alice

10 9 Consistency Issue in Distributed Proving P0P0 P1P1 P2P2 ?occupancy_one(2124, alice) P3P3 Location server Door sensor ?grant(alice, projector) AliceBob Door (locked) Time: T 2 true Room 2124

11 10 Consistency Issue in Distributed Proving P0P0 P1P1 P2P2 ?occupancy_one(2124, alice) P3P3 ?locked(2124) Location server Door sensor ?grant(alice, projector) Bob Time: T 3 true Alice Door (locked) √ Medical records

12 11 Incremental evaluation of fact validity may not be enough Only Aice in room 2124 Door locked √ T1T1 T2T2 √ T3T3

13 12 View Consistency Problem  How to enforce temporal consistency based on the local view of a querier?  Challenges: The validity of a statement fluctuates dynamically No clock synchronization across different hosts Possible hidden subproof from a querier

14 13  View V is a set of fact states  Fact state s is a tuple that contains fact id time interval Interval type: {Concrete, Fuzzy} Concrete: fact f is valid all the times t in the interval Fuzzy: fact f is valid at some (possibly unknown) time in the interval View and fact state

15 14 Three Levels of View Consistency Incremental consistency Query consistency Interval consistency View V Restrictiveness

16 15  Each fact provider returns a pair (f, d) where d is the duration of fact’s validity Enforcement Algorithm for Query Consistency QuerierFact provider

17 16  Each fact provider returns a pair (f, d) where d is the duration of fact’s validity Enforcement Algorithm for Query Consistency QuerierFact provider

18 17  The algorithm of query consistency could miss lots of valid proofs if proof construction takes long  May want to keep track of authorization continuously Motivation towards Interval Consistency Enforcement

19 18  The algorithm of query consistency could miss lots of valid proofs if proof construction takes long  May want to keep track of authorization continuously Motivation towards Interval Consistency Enforcement first responder

20 19 Approach for Interval Consistency QuerierFact provider Query True Verify True Fuzzy interval Fuzzy interval Concrete interval  Recheck the validity of a constructed proof

21 20 Goals for Interval Consistency Enforcement  Recheck the validity of a proof efficiently  Preserve security policies of each peers Querier Proof 1. construct2. verify Querier Sub-proof Leaf node entities

22 21 Leaf Node Exposure Strategy  Recheck fact validity directly with leaf node entities √

23 22 Leaf Indirection Strategy  To preserve the privacy of leaf node entities, recheck fact validity by way of a trusted indirection entity

24 23 Evaluation  Measure overhead latency for enforcing interval consistency  System consists of 12,500 lines of Java code Java Cryptographic Extension framework to implement RSA and TDES operations  25 node cluster with 100Mbit Ethernet

25 24 Latency for Handling Queries Number of nodes in a proof tree Latency (ms) Leaf indirection Leaf exposure Proof construction 10 - 15% overhead

26 25 Latency for Handling Queries Number of nodes in a proof tree Latency (ms) Leaf indirection Leaf exposure Proof construction 25 - 30% overhead

27 26 Related Work  View consistency in automatic trust negotiation [Lee06]  Antigone Context Framework [McDaniel03]  Transaction management in distributed systems  Consistent snapshots [Chandy85]

28 27 Summary  Formal definitions of view consistency in distributed proving  Safe and efficient enforcement algorithm  Modest overhead of our enforcement scheme for interval consistency

29 28 Technical report: http://dais.cs.uiuc.edu/dais/security/tmcspubs.php Questions?

30 29 Backup

31 30 Peer-to-Peer Proof Construction Query Subproof Peer Query Subproof  Each peer consists of an inference engine and a knowledge base  Each peer constructs a part of a whole proof

32 31 Distributed Proof Construction Algorithm by Minami and Kotz  Use Datalog as a logical language  Express trust among principals in terms of integrity and confidentiality Querier Handler Correctness of an answer (integrity) Secrecy of facts (confidentiality)

33 32 Remote Query between Two principals Host A Host B grant(P, projector)  location(P, room112) ?location (Bob, room112) Integrity Policies trust(location(P,L)) = {Host_B} TRUE request User Bob Confidentiality Policies acl(location(P,L)) = {Host_A} F 1  owner(bob, pda15) F 2  deviceAt(pda15, room112) R  location(P,L)  owner(P,D)  deviceAt(D,L) R F1F1 F2F2 Proof tree

34 33 Enforcement of Confidentiality Policies

35 34 Hidden Leaf Nodes Transparent from Hidden leaf nodes  Leaf nodes transparent from the original querier  Example:

36 35 Requery Strategy  Construct the same proof twice  Need caching at intermediate nodes  Involves high communication overhead Cache

37 36  Each fact provider returns a pair (f, d) where d is the duration of fact’s validity Enforcement Algorithm for Query Consistency QuerierFact provider Query Proof where  is the maximum clock drift f’s validity duration

Download ppt "Lightweight Consistency Enforcement Schemes for Distributed Proofs with Hidden Subtrees Adam J. Lee, Kazuhiro Minami, and Marianne Winslett University."

Similar presentations

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
Implementing Reflective Access Control in SQL Lars E. Olson 1, Carl A. Gunter 1, William R. Cook 2, and Marianne Winslett 1 1 University of Illinois at.

Implementing Reflective Access Control in SQL Lars E. Olson 1, Carl A. Gunter 1, William R. Cook 2, and Marianne Winslett 1 1 University of Illinois at.
Secure Context-sensitive Authorization Kazuhiro Minami and David Kotz Dartmouth College.

Secure Context-sensitive Authorization Kazuhiro Minami and David Kotz Dartmouth College.
Lakshmi Narayana Gupta Kollepara 10/26/2009 CSC-8320.

Lakshmi Narayana Gupta Kollepara 10/26/2009 CSC-8320.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Safety in Discretionary Access Control for Logic-based Publish-subscribe Systems Kazuhiro Minami, Nikita Borisov, and Carl A. Gunter University of Illinois.

Safety in Discretionary Access Control for Logic-based Publish-subscribe Systems Kazuhiro Minami, Nikita Borisov, and Carl A. Gunter University of Illinois.
8.2 Discretionary Access Control Models Weiling Li.

8.2 Discretionary Access Control Models Weiling Li.
An Associative Broadcast Based Coordination Model for Distributed Processes James C. Browne Kevin Kane Hongxia Tian Department of Computer Sciences The.

An Associative Broadcast Based Coordination Model for Distributed Processes James C. Browne Kevin Kane Hongxia Tian Department of Computer Sciences The.
Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford), and Helen Nissenbaum (NYU) TRUST Winter.

Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford), and Helen Nissenbaum (NYU) TRUST Winter.
An Overview of Peer-to-Peer Networking CPSC 441 (with thanks to Sami Rollins, UCSB)

An Overview of Peer-to-Peer Networking CPSC 441 (with thanks to Sami Rollins, UCSB)
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
Proof System HY-566. Proof layer Next layer of SW is logic and proof layers. – allow the user to state any logical principles, – computer can to infer.

Proof System HY-566. Proof layer Next layer of SW is logic and proof layers. – allow the user to state any logical principles, – computer can to infer.
The Traust Authorization Service A. Lee, M. Winslett, J. Basney, and V. Welch University of Illinois at Urbana-Champaign www.iti.uiuc.edu Goal: A scalable.

The Traust Authorization Service A. Lee, M. Winslett, J. Basney, and V. Welch University of Illinois at Urbana-Champaign Goal: A scalable.
15 1 Chapter 15 Database Administration Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.

15 1 Chapter 15 Database Administration Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.
DSAC (Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases.

DSAC (Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases.

Similar presentations

Ads by Google