1 / 10

Security Challenges in Distributed Computing

Security Challenges in Distributed Computing. NSF Workshop on Grand Challenges in Distributed Computing 30 September 2005. Personnel. Jeff Chase Miguel Castro David Kotz Andrew Myers Satya Ion Stoica. Research directions.

Anita
Download Presentation

Security Challenges in Distributed Computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Challenges in Distributed Computing • NSF Workshop on • Grand Challenges in Distributed Computing • 30 September 2005

  2. Personnel • Jeff Chase • Miguel Castro • David Kotz • Andrew Myers • Satya • Ion Stoica

  3. Research directions • Goal: networked computing infrastructure that protects the security and privacy of its users, supports future uses Making networks secure Making software secure Making services secure Making participants accountable Making it usable Making the environment secure

  4. Making networks secure • Imposing security from below • Rearchitect to mediate access to naming and routing services (e.g., invisible clients) • Network-level suppression of flash worms • Auditing/logging support • New services for security • Host-level worm detection and containment • Automatically find and deactivate botnets

  5. Making software secure • Static verification of distributed systems software (security, privacy, availability, consistency, ...) • New platform/API for secure software construction in a post-host world • target: pervasive/embedded systems • map high-level properties to implementation

  6. Making services secure • How to make trustworthy large interconnected information systems? • medical, government, financial, ... • Need richer, enforceable security and privacy policies • legal code = program code • convey requirements across federated systems for cross-domain information sharing

  7. Accountability and Incentives • Idea: Bad guys hurt themselves • Make participants accountable • need: strong identity (decentralized PKI) • scalably record, abstract history (but protect privacy) • Give incentives for good behavior • strategy-resistant systems (may not require strong identity)

  8. Making it usable • A cross-cutting concern: users can’t/shouldn’t do careful reasoning • Need wizards for policy interpretation and visualization • Help with making decisions about what to trust

  9. Securing the environment • Can you trust the stuff you use? • use public computers to access sensitive data? • use trusted computer in public networks? • get a trusted path to service? • Need methods for assessing trustworthiness of environment • attestation • measurement

  10. Killer apps: Why security is cool • Federated medical information systems • Save lives through information sharing! • Digital governance: all-digital organizations • Controlled information sharing across organizations • Electronic/Internet voting

More Related