Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Execution of Computations in Untrusted Hosts S. H. K. Narayanan 1, M.T. Kandemir 1, R.R. Brooks 2 and I. Kolcu 3 1 Embedded Mobile Computing Center.

Published byCandice Crawford Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure Execution of Computations in Untrusted Hosts S. H. K. Narayanan 1, M.T. Kandemir 1, R.R. Brooks 2 and I. Kolcu 3 1 Embedded Mobile Computing Center."— Presentation transcript:

1 Secure Execution of Computations in Untrusted Hosts S. H. K. Narayanan 1, M.T. Kandemir 1, R.R. Brooks 2 and I. Kolcu 3 1 Embedded Mobile Computing Center (EMC 2 ) The Pennsylvania State University. 2 Department of Electrical and Computer Engineering, Clemson University. 3 The University of Manchester 11th International Conference on Reliable Software Technologies, Porto, Portugal, 5 - 9 June, 2006

2 2 Outline Mobile Code Security Concerns with Mobile Code Some Related Work High Level Views Mathematical Details Example Experiments

3 3 What is Mobile Code? Code belonging to a client that is executed on a remote host. Not just relegated to a mobile platform. Applicable where data is not movable but code is.  Due to large volume or concerns for privacy. Mobile code Results Mobile code is being widely used for a variety of applications Server / Remote Host Client

4 4 Some Security Concerns ! Threat : To the host from malicious code/ malicious client Solution : Run the code in a Sandbox. Client Server / Remote Host Mobile code Results

5 5 Some Security Concerns ! Threat : To the code/results from intermediate attacks. Solution : Encryption and authentication techniques. Client Server / Remote Host Mobile code Results

6 6 Some Security Concerns ! Threat : Will the right code be executed at all? Solution : Make the remote host include a proof of correct execution. Client Server / Remote Host Mobile code Results ?

7 7 Some Security Concerns ! Threat : One server changing the intermediate result generated by another? Solution : Encryption Techniques. Client Server / Remote Host Mobile code Final Results Partial Results

8 8 Some Security Concerns ! Threat : To the privacy of the code! This is particularly important when the algorithm used is a proprietary one. Solution : Client Server / Remote Host Mobile code Results This paper presents a method to protect the semantics of the mobile code that is to be executed at a remote host. Thus, a client’s intellectual capital is preserved.

9 9 Some Related Work in Code Privacy Code Obfuscation  Collberg et al. 1997, Hohl 1997, Jansen et al.  Makes the code hard to read Function hiding scheme  Sander and Tschudin  Encrypting transformation applied to the function. Encrypted functions  Loureiro et al.  Host runs code encrypted with error codes  Requires tamper proof hardware support

10 10 Scalar Codes - High level view Client Server Original Code Transformed Code Data Transformed Results Original Results Results Semantic transformation of the code prevents an untrusted server from gleaning the code’s meaning

11 11 Transformation – Scalar Codes a := d + e + f ; b := g -2e ; c := 3f + 4d; Obtain Computation matrix, C. Rows correspond to statements Columns correspond to variables By multiplying C and I, the output vector O is obtained. Using a different C means that different code is executed. d e f g 123123 123123 Changing the semantics is now just an matrix transformation on C

12 12 Transformation – Scalar Codes Client uses a transformation matrix T to transform C into C’. C’ is sent to the untrusted server. The server then executes C’ to produce O’ and sends it to the client. Client uses an inverse transformation matrix M to obtain O. O is the same vector that would have been obtained had C been executed locally at the client.

13 13 Selection of T and M T and M should be the inverse of each other. Dimensionalities  If C is an m * n matrix, then M is m * k and T is k * m.  This means that we can introduce extra statements into C’ that did not exist in C.

14 14 Array Codes - High level view Input Arrays (I) Client Server O’ Inverse Semantic Transformation (O’= M O’’) Inverse Redirection O O’’ O’’= C’’ I C’ Loop Transformation C’’ Semantic Transformation ( C’’=T C’ ) and Redirection C

15 15 Transformation –Array Codes Array based codes give more opportunities for transformation  Loop Transformation on the loop bounds Does not change the semantics, simply the order in which the elements are accessed. C  C’ 1234 5678 9101112 13141516 15810 11269 141237 1615134

16 16 Transformation –Array Codes  Semantic Transformation on the body Does not change the loop bounds Client uses a transformation vector T to transform C’ into C’’. AjAj BkBk + DiDi = BkBk AjAj - DiDi =

17 17 Transformation –Array Codes  Redirection Data transformation that changes the locations to which the assignments are performed. The references in Array D, Li+o, are transformed using a data transformation {S,s}. 12 34 12 3 12 344 12 34 12 3 1 42 ==== +-+- ==== +-+- Array DArray A Array B Array ZArray A Array B The untrusted server now executes a code that is semantically different, accesses data in a different pattern and whose stores take place to different locations.

18 18 Transformation –Array Codes The untrusted server executes O’’ = C’’ * I. Client uses the inverse semantic transformation matrix M to transform O’’ into O’. Inverse redirection using an inverse data transformation, {Y,y}, is then performed.

19 19 Multiple Hosts- High level view O1’O1’ O2’O2’ Op’Op’ O1’O1’ O2’O2’ Op’Op’ C C1C1 CpCp C2C2 Code Partitioning O1O1 O2O2 O3O3 Data Merging C1’C1’ Cp’Cp’ C2’C2’ Cp’Cp’ C2’C2’ C1’C1’ IpIp I2I2 I1I1

20 20 Example – Scalar Code (1/4) Snippet of code from Mediabench benchmark. How would the code run locally on the client? dx0 = x0 – x1 – x12 dy0 = y0 – y1 – y12 dx1 = x12 – x2 + x3 dy1 = y12 – y2 – y3 Code Computation Matrix Input Vector Computed Output Vector

21 21 Example – Scalar Code (2/4) Calculating C’ using the transformation matrix T. Transformation matrixComputation matrix Computation matrix of the code sent to the untrusted server

22 22 Example – Scalar Code (3/4) C’ is run on the untrusted host to obtain the output vector O’ and returned to the client. The client calculates the inverse transformation matrix.

23 23 Example – Scalar Code (4/4) The client applies the inverse transformation matrix to obtain the same results that would have been obtained had the code been run locally

24 24 Experiments Experiments were conducted to analyze the performance overhead involved. Benchmarks  C++ programs between 1,072 and 3,582 lines TRACK_SEL 2.0 SMART_PLANNER CLUSTER Setup  The default program was transferred from one workstation to another, executed and the results sent back and the time for the entire process was measured.  Similarly for the transformed program the total time was measured but the measured time included the time taken for transformation.

25 25 Experiments The overhead is the ratio: BenchmarkOverhead TRACK_SEL 2.04.21% SMART_PLANNER3.88% CLUSTER3.93%

26 26 Conclusions This paper presents a method to protect certain classes of mobile applications from untrusted hosts. Reverse engineering is prevented through transformation of the source code. Measured performance overhead due to loop restructuring and data transformation were low.

27 Thank you! This work is supported in part by NSF Career Award #0093082 and by a grant from the GSRC. Embedded and Mobile Computing Center: www.cse.psu.edu/~mdlwww.cse.psu.edu/~mdl My webpage : www.cse.psu.edu/~snarayanwww.cse.psu.edu/~snarayan

Download ppt "Secure Execution of Computations in Untrusted Hosts S. H. K. Narayanan 1, M.T. Kandemir 1, R.R. Brooks 2 and I. Kolcu 3 1 Embedded Mobile Computing Center."

Similar presentations

A proposed Trusted-Flow system architecture with aspect-oriented implementation Paolo Falcarin, Mario Baldi Riccardo Scandariato, Maurizio Morisio (Politecnico.

A proposed Trusted-Flow system architecture with aspect-oriented implementation Paolo Falcarin, Mario Baldi Riccardo Scandariato, Maurizio Morisio (Politecnico.
1 The Project of this year Mariano Ceccato FBK - Fondazione Bruno Kessler

1 The Project of this year Mariano Ceccato FBK - Fondazione Bruno Kessler
A Fast Data Protection Technique for Mobile Agents to Avoid Attacks in Malicious Hosts Jesús Arturo Pérez Díaz Darío Álvarez Gutiérrez Department of Informatics.

A Fast Data Protection Technique for Mobile Agents to Avoid Attacks in Malicious Hosts Jesús Arturo Pérez Díaz Darío Álvarez Gutiérrez Department of Informatics.
Operating System Security

Operating System Security
Optimizing Compilers for Modern Architectures Allen and Kennedy, Chapter 13 Compiling Array Assignments.

Optimizing Compilers for Modern Architectures Allen and Kennedy, Chapter 13 Compiling Array Assignments.
Addressing the Trust Asymmetry Problem In Grid Computing with Encrypted Computation Peter A. Dinda Prescience Lab Department of Computer Science Northwestern.

Addressing the Trust Asymmetry Problem In Grid Computing with Encrypted Computation Peter A. Dinda Prescience Lab Department of Computer Science Northwestern.
Chapter 4 Systems of Linear Equations; Matrices

Chapter 4 Systems of Linear Equations; Matrices
Chapter 4 Systems of Linear Equations; Matrices

Chapter 4 Systems of Linear Equations; Matrices
Henry C. H. Chen and Patrick P. C. Lee

Henry C. H. Chen and Patrick P. C. Lee
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.
The Mobile Code Paradigm and Its Security Issues Anthony Chan and Michael Lyu September 27, 1999.

The Mobile Code Paradigm and Its Security Issues Anthony Chan and Michael Lyu September 27, 1999.
Sparse Computations: Better, Faster, Cheaper! Padma Raghavan Department of Computer Science and Engineering, The Pennsylvania State University

Sparse Computations: Better, Faster, Cheaper! Padma Raghavan Department of Computer Science and Engineering, The Pennsylvania State University
Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.

Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.
II. Linear Block Codes. © Tallal Elshabrawy 2 Last Lecture H Matrix and Calculation of d min Error Detection Capability Error Correction Capability Error.

II. Linear Block Codes. © Tallal Elshabrawy 2 Last Lecture H Matrix and Calculation of d min Error Detection Capability Error Correction Capability Error.
8.2 Discretionary Access Control Models Weiling Li.

8.2 Discretionary Access Control Models Weiling Li.
A High Performance Application Representation for Reconfigurable Systems Wenrui GongGang WangRyan Kastner Department of Electrical and Computer Engineering.

A High Performance Application Representation for Reconfigurable Systems Wenrui GongGang WangRyan Kastner Department of Electrical and Computer Engineering.
ELEC 7250 Term Project Presentation Khushboo Sheth Department of Electrical and Computer Engineering Auburn University, Auburn, AL.

ELEC 7250 Term Project Presentation Khushboo Sheth Department of Electrical and Computer Engineering Auburn University, Auburn, AL.
Privacy-Preserving Cross-Domain Network Reachability Quantification

Privacy-Preserving Cross-Domain Network Reachability Quantification
Improving the Efficiency of Memory Partitioning by Address Clustering Alberto MaciiEnrico MaciiMassimo Poncino Proceedings of the Design,Automation and.

Improving the Efficiency of Memory Partitioning by Address Clustering Alberto MaciiEnrico MaciiMassimo Poncino Proceedings of the Design,Automation and.

Similar presentations

Ads by Google