1 / 25

A Socially-Aware Operating System for Trustworthy Computing

A Socially-Aware Operating System for Trustworthy Computing. Daniela Oliveira 1 , Dhiraj Murthy 1 , Henric Johnson 2 , S. Felix Wu 3 , Roozbeh Nia 3 and Jeff Rowe 3 1 Bowdoin College 2 Blekinge Institute of Technology 3 University of California at Davis.

anneke
Télécharger la présentation

A Socially-Aware Operating System for Trustworthy Computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Socially-Aware Operating System for Trustworthy Computing Daniela Oliveira1 ,Dhiraj Murthy1,Henric Johnson2, S. Felix Wu3, Roozbeh Nia3 and Jeff Rowe3 1Bowdoin College 2Blekinge Institute of Technology 3University of California at Davis IEEE Workshop on Semantics, Security and Privacy September 21, 2011

  2. Outline • Introduction • Limitations of Traditional Defense Solutions • The Challenge of Computing with Social Trust • The Socially-Aware OS • Applications, Benefits and Threats • Concluding Remarks

  3. OSNs and the Malware Landscape • OSNs: rise in popularity; • Malware landscape complex; • Internet: social platform • What can be trusted? Internet

  4. A Trustworthy Computing Paradigm • Based on social trust; • OS, architecture and applications should become socially-aware; • OSN users assign/have inferred trust values for friends and objects; • Continuum trusted-untrusted.

  5. Distinguishing Benign x Malicious • Signature, Behavior, Information-flow models: • Automated, rigid and threat-specific. • Shift to Web-based computer paradigm: • Users accomplish most of their computing need with browser.

  6. How can we think differently? • What if we leverage social trust to distinguish a continuum of trusted/untrusted? • Flexibility • Diversity • Stronger security policies

  7. Traditional Defense Solutions • Signature-based • Defeated by code obfuscation, polymorphism, metamorphism • Cannot prevent zero-day attacks • Behavior-based • Susceptible to false positives • Depends of relevant training data • Information flow-based • Usually assumes all data from the Internet as untrusted: too restrictive

  8. What is Missing? • Unpredictability • Diversity • Continuum of trust/untrusted values • Human role

  9. Social Trust • In Sociology: • Essential commodity • Functional pre-requisite for society • Tool for making trustworthy decisions • Risk and uncertainty • An added bonus? • Computing with Social Trust • New research area

  10. The Socially- Aware Framework • Operating systems manages: • Processes; • Memory; • File systems; • I/O devices;

  11. The Socially- Aware Framework • Operating systems manages: • Processes; • Memory; • File systems; • I/O devices; • Social trust

  12. The Socially-Aware OS

  13. User Trust Repository • People user is connected to: email addresses • Objects: URLs, files, IP addresses, files; • Privacy preserved: only sharable objects danielaseabra@gmail.com Bowdoin College IP: 139.140.214.196/16 http://sourceforge.net/projects/jedit/files/jedit/4.4.1/jedit4.4.1install.exe/download 20 Years of Linux: http://www.cnn.com/2011/TECH/gaming.gadgets/08/25/linux.20/index.html?hpt=hp_bn7 http://www.cc.gatech.edu/~brendan/Virtuoso_Oakland.pdf

  14. Usage Model Alice OSN Server TR User 1 TR User N TR User 2 TR Alice OS Trust-aware syscall interface TR User 3 social_synch() TR: Trust Repository Network TR Alice

  15. Usage Model Alice OSN Server TR User 1 TR User N TR User 2 TR Alice OS Trust-aware syscall interface TR User 3 social_synch() TR: Trust Repository Network TR Alice

  16. Usage Model Alice OSN Server TR User 1 TR User N TR User 2 TR Alice OS Trust-aware syscall interface TR User 3 social_synch() TR: Trust Repository TR Alice Network

  17. Modeling and Inferring Trust • Adaptation of Web of Trust (Richardson et al.’ 03) tij = amount of trust userihas for her friend user j tjk = amount of trust user j has for her friend user k tik = amount of trust user ishould have for user k, not directly connected, function of tij and tjk

  18. T – Personal Trust Matrix NxN matrix, where N is the number of user ti = row vector of user i trust in other users tik = how much user i trusts her friend user k tkj = how much user k trusts her friend user j (tik.tkj) = amount user i trusts user j via k ∑k(tik.tkj) = how much user i trusts user j via any other node.

  19. M – Merged Trust Matrix • Represents trust between any two users • Aggregation function concatenates trusts along paths M(0) = T M(n) = T . M (n-1) Repeat (2) until M(n) = M(n-1) M(i)is the value of M in iteration i. Matrix multiplication definition: Cij=∑k(Aik.Bkj)

  20. How to Infer Trust for Objects? • Personal beliefs: • Asserted by a user to an object in her trust repository bi = user i’s personal belief (trust) on a certain object. b = collection of personal beliefs in a particular object How much a user believes in any sharable object in the network?

  21. The Merged Beliefs Structure (b) • Computes for any user, her belief in any sharable object b(0) = b b(n) = T . b(n-1) or (bi)n =∑k(tik.(bk)n-1) Repeat (2) until b(n) = b(n-1) where: b(i)is the value of b in iteration i.

  22. Applications and Benefits • Streamline security policies and decision-making process: • Restriction of system resources based on trust; • Software installation, URL visit. • Information-flow tracking with refined trust levels; • Anti-SPAM techniques.

  23. Threats to the Model • OSN or OS compromised: • Attacker increases trust values for malicious objects: • System behave as if trustworthy framework was never installed; • High trust values do not mean higher privileges: • The higher the trust, the closer to default levels without social trust • Attacker decreases trust values for benign objects: • DoS attack.

  24. Concluding Remarks • Challenges • Management and reliability of social data/trust: reliability, ethics issues, no standard API; • The socially-aware kernel: managing multiple repositories, performance, usability, Sybil attacks, identity management. • Confidentiality and Security: new vulnerabilities, privacy leaks, exporting trust information.

  25. Thank you!

More Related