Upload
madeline-carter
View
215
Download
0
Embed Size (px)
Citation preview
DIRC PA6:Security and Privacy in Computer-Based Systems
Peter Ryan
School of Computing Science
University of Newcastle
GRID Security Edinburgh 6 December 2002 P Y A Ryan
DIRC
Dependability Interdisciplinary Research Collaboration.
6 year project, 5 institutions:– Newcastle– Edinburgh– City, London– York– Lancaster
www.dirc.org
GRID Security Edinburgh 6 December 2002 P Y A Ryan
DIRC
Take account of the socio-technical as well as technical factors influencing dependability.
Computer scientists, psychologists, sociologists, ethnographers…
9 Project Activities, 6=Security.5 themes: structure, diversity,
timeliness, responsibility, risk.
GRID Security Edinburgh 6 December 2002 P Y A Ryan
PA6: Security
Security is an essential aspect of dependable, computer-based systems.
Many systems have top-level security requirements (e.g. medical informatics).
Others have to deal with security threats in order to dependably deliver their requirements (e.g. ATC).
Recognition of the vulnerability of critical infrastructures makes this work particularly timely.
GRID Security Edinburgh 6 December 2002 P Y A Ryan
Background
Hitherto, research in information assurance has tended to:– concentrate on technical failures and
counter-measures.– aim for “Absolute” security and assume
prevention mechanisms are enough.– Security policies have mainly been about
(binary) information flows, MLS, MAC etc.
GRID Security Edinburgh 6 December 2002 P Y A Ryan
DIRC/PA6 ApproachRecognise that:
– Most security failures are due to, or at least facilitated by, human failures.
– Security policies require a mix of technical and socio-technical enforcement mechanisms.
– Systems will have vulnerabilities and intrusions will occur. Hence need a mix of prevention, containment, detection and recovery.
– Need to deal with exceptions.– Need richer classes of policies, e.g. privacy.– Need to deal with evolving systems, requirements and
threats.– Need measures of system robustness in the face of
malicious threats.
GRID Security Edinburgh 6 December 2002 P Y A Ryan
Objectives
1. Characterise security and privacy requirements in computer-based systems.
2. Characterise socio-technical threats and vulnerabilities.
3. Explore the theoretical and practical boundary between technical and socio-technical enforcement mechanisms.
4. Develop models, techniques and tools to support design and assessment w.r.t. security requirements and threats. Trade-offs.
5. Investigate the role of structure and diversity.6. Understand the role of intrusion detection and
diagnosis.
GRID Security Edinburgh 6 December 2002 P Y A Ryan
Objective 2Characterise the behaviours and failure modes of
humans interacting with the system:– Users– Security officers– White hats, grey hats, hackers…– Insiders– Designers, implementers etc
Shaping factors (both sides):– Motivation– Competence– Rewards/losses– Complacency– Least effort– Stress– Risk perception
GRID Security Edinburgh 6 December 2002 P Y A Ryan
Case studies
Healthcare recordsE-governmentFinancial sector NATSDynamic coalitionsDistributed scientific computations
(GRID).
GRID Security Edinburgh 6 December 2002 P Y A Ryan
Healthcare case study
Need to address:• Privacy (anonymity)• Integrity• Availability• Accountability
– Conflicting interests of various stakeholders:• Patients• Clinicians• Researchers• Society• Administrators• Insurance• Law-enforcement
GRID Security Edinburgh 6 December 2002 P Y A Ryan
GRID Security
Excellent DIRC case study:Strongly interdisciplinary.“Complex, dynamic, heterogeneous user
base” (B Collins).Also complex:
– Security requirements.– Threat models– Trust relationships
Is RBAC enough?Legal and economic factors.
GRID Security Edinburgh 6 December 2002 P Y A Ryan
GRID Security
GRID is not a single well defined entity.
Many different projects with different requirements, approaches etc.
GRID Security Edinburgh 6 December 2002 P Y A Ryan
Further interdisciplinary aspects
Trust ResponsibilityDelegationLegal aspectsEconomic aspectsExceptionsEvolving systems, requirements and
threats.
GRID Security Edinburgh 6 December 2002 P Y A Ryan
FP6 ESORICS Security NoE
Facilitate and stimulate cooperation and cross-fertilisation between the principal security experts in Europe.
To address the security and privacy challenges facing e-Europe in the 21st century.
To help put Europe at the forefront research in security and privacy.
Address issues raised in, for example, the ISTAG report: security for ambient spaces etc.
GRID Security Edinburgh 6 December 2002 P Y A Ryan
ESORICS
European Symposium On Research In Computer Security.
Premier European conference on security research.
European counterpart to IEEE Security and Privacy.
Gathers together many of the key European experts in security and privacy (and some non-EU).
GRID Security Edinburgh 6 December 2002 P Y A Ryan
Editorial Team
• Peter Ryan, Newcastle UK
• Yves Deswarte, LAAS Fr
• Frederic Cuppens, ONERA Fr
• Dieter Gollmann, MSR UK
• Simon Foley, Cork Ir
• Pierangela Samarati, Milan It
• Elisa Bertino, Milan It
• Bart Preneel, KU Leuven B
• Fabio Martinelli, Milan It
• Jean-Jacques Quisquater, UCL B
• Katsikas Socrates, Aegean Gr
• Steve Schneider, Royal Holloway UK
• Refik Molva, Eurocom Fr
GRID Security Edinburgh 6 December 2002 P Y A Ryan
Structure Foundations of Security and Trust
– Formal methods for security analysis, Security models and policies, Information flow (non-interference), Cryptography
Security Mechanisms
– Access control and authorization, Security protocol design and analysis, Secure Programming (languages, mobile code)
Security Architectures
– Secure architectures, Security of middleware, Secure systems and devices (smartcards)
Communications and Distributed System Security
– Secure Communications (mobile and fixed), Network Security (wireless and wireline), Intrusion Detection (forensics), Secure applications (e-business, e-vote, etc.)
Security Management
– Privacy and Identity Management, Trust (Management), DRM
GRID Security Edinburgh 6 December 2002 P Y A Ryan
Activities
ResearchTravel and exchangesEducation, training.StudentshipsWorkshopsStandardisationDissemination, technology transfer….