Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wednesday, September 6, 2006 3rd International Conference on Trust, Privacy & Security in Digital Business Kraków, Poland, September 4-8, 2006 Panel Discussion:

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Wednesday, September 6, 2006 3rd International Conference on Trust, Privacy & Security in Digital Business Kraków, Poland, September 4-8, 2006 Panel Discussion:"— Presentation transcript:

1 Wednesday, September 6, 2006 3rd International Conference on Trust, Privacy & Security in Digital Business Kraków, Poland, September 4-8, 2006 Panel Discussion: Is Security Without Trust Feasible ? Prof. Leszek Lilien (Chair) Department of Computer Science Western Michigan University Kalamazoo, Michigan, USA

2 Sept.. 6, 2006 Introduction Hypothesis: Feasibility of security without trust is a perception, not a reality Hypothesis: Feasibility of security without trust is a perception, not a reality Why “feasibility of security without trust” might be perceived Why “feasibility of security without trust” might be perceived Reason 1) User’s perspective (rather than computing system perspective) on security-trust relationships in computing Reason 2) Lack of trust documentation/specifications 2

3 Sept.. 6, 2006 Reason 1: User’s Perspective on Security- Trust Relationships in Computing System-level perspective: Security is built upon trust System-level perspective: Security is built upon trust System-level analysis should show that mechanisms providing security in computing systems rely on trust assumptions System-level analysis should show that mechanisms providing security in computing systems rely on trust assumptions User-level relationship: Trust is built upon security User-level relationship: Trust is built upon security Users of computing systems trust only systems that are (among others) secure Users of computing systems trust only systems that are (among others) secure => From users’ perspective, trust without security is not feasible in computing systems BUT From users’ perspective, trust is not perceived as a basis of system security From users’ perspective, trust is not perceived as a basis of system security => security without trust is feasible in computing systems 3

4 Sept.. 6, 2006 Reason 2: Lack of Trust Documentation/Specifications To analyze Reason 2 for perception of feasibility of “security without trust,” a few preliminaries must be discussed To analyze Reason 2 for perception of feasibility of “security without trust,” a few preliminaries must be discussed Trust in closed and open computing systems (or social systems) Trust in closed and open computing systems (or social systems) Closed systems (or subsystems) Closed systems (or subsystems) All components are known a priori All components are known a priori Open systems (or subsystems) Open systems (or subsystems) Components that are “strangers” (not known a priori) can join the system Components that are “strangers” (not known a priori) can join the system 4

5 Sept.. 6, 2006 Trust in closed and open computing systems – cont. Trust in closed and open computing systems – cont. Claim 1a: The proper level of component trustworthiness in closed systems can be assured a priori Claim 1a: The proper level of component trustworthiness in closed systems can be assured a priori Once assured, it can then be assumed by component’s users Once assured, it can then be assumed by component’s users Users are other system components, incl. humans Users are other system components, incl. humans Claim 1b: The proper level of component trustworthiness in open systems must be assured in real time Claim 1b: The proper level of component trustworthiness in open systems must be assured in real time No trust level can be assumed a priori No trust level can be assumed a priori Trust level for a stranger is unknown / uncertain Trust level for a stranger is unknown / uncertain Dynamically determined by each stranger’s partner Dynamically determined by each stranger’s partner 5

6 Sept.. 6, 2006 Claim 2: Trust is pervasive in computing systems (as in social systems) Claim 2: Trust is pervasive in computing systems (as in social systems) Bec. trust relationships always exist between system components Bec. trust relationships always exist between system components As they always exist among people and artifacts in a society As they always exist among people and artifacts in a society Claim 3: Too often trust relationships are not documented Claim 3: Too often trust relationships are not documented 6

7 Sept.. 6, 2006 Types of trust documentation Types of trust documentation 1) Embedded trust documentation - trust specifications encoded within software Software processes these trust specs Software processes these trust specs Process = collect trust data, verify data, calculate trust values, … Process = collect trust data, verify data, calculate trust values, … 2) External trust documentation – written trust specifications not within software No processing of trust specs by software No processing of trust specs by software 3) Missing trust documentation – no trust specifications exist 7

8 Sept.. 6, 2006 Claim 4: Claim 4: Missing trust documentation should be disallowed in any system (whether closed or open) Missing trust documentation should be disallowed in any system (whether closed or open) External trust documentation may be used in closed systems External trust documentation may be used in closed systems System components can rely on assured trust assumptions System components can rely on assured trust assumptions Software not required to process trust specs in the real time Software not required to process trust specs in the real time Embedded trust specifications must be used in open systems Embedded trust specifications must be used in open systems System components can not rely on assured trust assumptions System components can not rely on assured trust assumptions Software required to process embedded trust specs in the real time Software required to process embedded trust specs in the real time 8

9 Sept.. 6, 2006 >>> optional >> optional <<< Examples of externally documented trust specifications that are acceptable Examples of externally documented trust specifications that are acceptable Implicit stated trust among modules of a computing system from a single software house Implicit stated trust among modules of a computing system from a single software house A closed system A closed system Implicit stated trust among web sites administered by a single company Implicit stated trust among web sites administered by a single company A closed system A closed system 9

10 Sept.. 6, 2006 Effectiveness and costs of trust specifications Effectiveness and costs of trust specifications Embedded trust specifications result in best security but are most expensive Embedded trust specifications result in best security but are most expensive Must be used wherever required Must be used wherever required Required in open systems Required in open systems External trust specifications can provide acceptable security at a lower cost External trust specifications can provide acceptable security at a lower cost Should be used wherever allowed Should be used wherever allowed Allowed in closed systems Allowed in closed systems Missing trust specifications are unacceptable in terms of security Missing trust specifications are unacceptable in terms of security 10

11 Sept.. 6, 2006 Is security without trust feasible in computing systems? „Security without trust” might seem feasible in computing systems „Security without trust” might seem feasible in computing systems Might even seem common Might even seem common However, the reality is that … Claim 5: … Impression of „security without trust” is misleading Claim 5: … Impression of „security without trust” is misleading If no trust relationships are documented in a system, it does not mean that there are none If no trust relationships are documented in a system, it does not mean that there are none 11

12 Sept.. 6, 2006 Conclusions Recall my Hypothesis: Feasibility of security without trust is a perception, not a reality Recall my Hypothesis: Feasibility of security without trust is a perception, not a reality I analyzed 2 reasons why “feasibility of security without trust” might be perceived I analyzed 2 reasons why “feasibility of security without trust” might be perceived Reason 1: User’s perspective (rather than computing system perspective) on security-trust relationships in computing Reason 1: User’s perspective (rather than computing system perspective) on security-trust relationships in computing Reason 2: Lack of trust documentation/specifications Reason 2: Lack of trust documentation/specifications Based on the analysis of Reasons 1 & 2, Based on the analysis of Reasons 1 & 2, my answer to the panel question is: Security without trust is not feasible in computing systems 12

13 Sept.. 6, 2006 Thank you very much for your time and attention!

14 Sept.. 6, 2006 14 This page left blank intentionally.

15 Sept.. 6, 2006 15 This page left blank intentionally.

16 Sept.. 6, 2006 Publications on Oppnets (intensive work on oppnets started in our WiSe Lab in December 2005) 1.Leszek Lilien and Ajay Gupta, ” Opportunistic Networks for Emergency Preparedness and Response” (submitted for publication). 2.Leszek Lilien, Z. Huma Kamal, and Ajay Gupta, "Opportunistic Networks: Research Challenges in Specializing the P2P Paradigm,” Proc. 3rd International Workshop on P2P Data Management, Security and Trust (PDMST’06), Kraków, Poland, September 2006. 3.Leszek Lilien, “Developing Specialized Ad Hoc Networks: The Case of Opportunistic Networks,” Proc. Workshop on Distributed Systems and Networks at the WWIC 2006 Conference,Bern, Switzerland, May 2006 (invited paper, proceedings to appear). 3.Leszek Lilien, “Developing Specialized Ad Hoc Networks: The Case of Opportunistic Networks,” Proc. Workshop on Distributed Systems and Networks at the WWIC 2006 Conference, Bern, Switzerland, May 2006 (invited paper, proceedings to appear). 4.Leszek Lilien, Z. Huma Kamal, Vijay Bhuse and Ajay Gupta, "Opportunistic Networks: The Concept and Research Challenges in Privacy and Security,” Proc. International Workshop on Research Challenges in Security and Privacy for Mobile and Wireless Networks (WSPWN 2006), Miami, Florida, March 2006. 5.B. Bhargava, L. Lilien, A. Rosenthal, and M. Winslett, “Pervasive Trust,” IEEE Intelligent Systems, vol. 19(5), Sep./Oct.2004, pp. 74-77 (first brief mention of the oppnet idea, in the form of malevolent opportunistic sensor networks). 16

17 Sept.. 6, 2006 WiSe Lab Experience in Sensornets – Selected Projects Since January 2003 NOTE: Results directly useful for oppnets are marked with an asterisk (*)  Designing of WiSe Security Protocols: DSPS  Location Tracker Using Motes (*)  RHS: Remote Home Surveillance (*)  Directed Diffusion: Attacks & Countermeasures  Improving the Accuracy of Mote Measurements by Using Neural Networks  SOMS: Smart Occupancy Monitoring System Using Motes (*)  Comparative Study of Network Simulators  Collaborative Image Processing (*)  DENSe: a Development Environment for Networked Sensors  Incorporating Mobile-ware in Distributed Computations / Grids (*)  Extending the ns-2 Simulator to Satellite and WCN Simulations  Smart Antennas for WCNs  Energy Efficient MAC Protocols for IEEE 802.11x  A Wireless Security Testing System (*)  Mobile and Self-Calibrating Irrigation System  Collective Communications for Sensornets (*) 17

Download ppt "Wednesday, September 6, 2006 3rd International Conference on Trust, Privacy & Security in Digital Business Kraków, Poland, September 4-8, 2006 Panel Discussion:"

Similar presentations

INDIANAUNIVERSITYINDIANAUNIVERSITY GENI Global Environment for Network Innovation James Williams Director – International Networking Director – Operational.

INDIANAUNIVERSITYINDIANAUNIVERSITY GENI Global Environment for Network Innovation James Williams Director – International Networking Director – Operational.
Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.
GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.

GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.
May 22, 2006 © Leszek T. Lilien 2006 Opportunistic Networks: Specialized Ad Hoc Networks for Emergency Response Applications Leszek Lilien WiSe Lab (Wireless.

May 22, 2006 © Leszek T. Lilien 2006 Opportunistic Networks: Specialized Ad Hoc Networks for Emergency Response Applications Leszek Lilien WiSe Lab (Wireless.
ELG 5121: Multimedia Communications Course Instructor: Prof. Dr. A. El Saddik Project Presentation: Fall 2010 Md. Mahmud Hasan (Group No. 12)

ELG 5121: Multimedia Communications Course Instructor: Prof. Dr. A. El Saddik Project Presentation: Fall 2010 Md. Mahmud Hasan (Group No. 12)
###-### title - PI - area WiSe (Wireless Sensornets) Laboratory WESTERN MICHIGAN UNIVERSITY WiSe Lab, Western Michigan University, Kalamazoo, MI 49008.

###-### title - PI - area WiSe (Wireless Sensornets) Laboratory WESTERN MICHIGAN UNIVERSITY WiSe Lab, Western Michigan University, Kalamazoo, MI
Software Engineering Techniques for the Development of System of Systems Seminar of “Component Base Software Engineering” course By : Marzieh Khalouzadeh.

Software Engineering Techniques for the Development of System of Systems Seminar of “Component Base Software Engineering” course By : Marzieh Khalouzadeh.
1 Software Testing and Quality Assurance Lecture 33 – Software Quality Assurance.

1 Software Testing and Quality Assurance Lecture 33 – Software Quality Assurance.
Evaluation of Ad hoc Routing Protocols under a Peer-to-Peer Application Authors: Leonardo Barbosa Isabela Siqueira Antonio A. Loureiro Federal University.

Evaluation of Ad hoc Routing Protocols under a Peer-to-Peer Application Authors: Leonardo Barbosa Isabela Siqueira Antonio A. Loureiro Federal University.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine

CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine
###-### title - PI - area WiSe (Wireless Sensornet) Laboratory WESTERN MICHIGAN UNIVERSITY WiSe Lab, Western Michigan University, Kalamazoo, MI 49008 www.cs.wmich.edu/wsn.

###-### title - PI - area WiSe (Wireless Sensornet) Laboratory WESTERN MICHIGAN UNIVERSITY WiSe Lab, Western Michigan University, Kalamazoo, MI
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Security Models for Trusting Network Appliances From : IEEE ( 2002 ) Author : Colin English, Paddy Nixon Sotirios Terzis, Andrew McGettrick Helen Lowe.

Security Models for Trusting Network Appliances From : IEEE ( 2002 ) Author : Colin English, Paddy Nixon Sotirios Terzis, Andrew McGettrick Helen Lowe.
2/9/2006 Opportunistic Networks: The Concept and Research Challenges Leszek Lilien, Zille Huma Kamal and Ajay Gupta In cooperation with: Vijay Bhuse and.

2/9/2006 Opportunistic Networks: The Concept and Research Challenges Leszek Lilien, Zille Huma Kamal and Ajay Gupta In cooperation with: Vijay Bhuse and.
Smart Space & Oxygen CIS 640 Project By Usa Sammpun 12.16.02.

Smart Space & Oxygen CIS 640 Project By Usa Sammpun
CS 6910 – Pervasive Computing Section 0.B: Opportunistic Networks: Specialized Ad Hoc Networks for Emergency Response Applications Dr. Leszek Lilien WiSe.

CS 6910 – Pervasive Computing Section 0.B: Opportunistic Networks: Specialized Ad Hoc Networks for Emergency Response Applications Dr. Leszek Lilien WiSe.
Fair Coalitions for Power- Aware Routing ARO Review April 2004 Carl A. Gunter University of Pennsylvania Joint with Ratul Guha and Saswati Sarkar.

Fair Coalitions for Power- Aware Routing ARO Review April 2004 Carl A. Gunter University of Pennsylvania Joint with Ratul Guha and Saswati Sarkar.
EHealth Challenges and Opportunities E-health: Multi-disciplinary of E (ICT) and Healthcare, or applied ICT in healthcare (Design oriented), or healthcare.

EHealth Challenges and Opportunities E-health: Multi-disciplinary of E (ICT) and Healthcare, or applied ICT in healthcare (Design oriented), or healthcare.

Similar presentations

Ads by Google