A Socially-Aware Operating System for

Download Report

Transcript A Socially-Aware Operating System for

Daniela Oliveira1 , Dhiraj Murthy1, Henric Johnson2,
S. Felix Wu3, Roozbeh Nia3 and Jeff Rowe3
1Bowdoin
College
2Blekinge Institute of Technology
3University of California at Davis
IEEE Workshop on Semantics, Security and Privacy
September 21, 2011

Introduction

Limitations of Traditional Defense Solutions

The Challenge of Computing with Social Trust

The Socially-Aware OS

Applications, Benefits and Threats

Concluding Remarks



OSNs: rise in popularity;
Malware landscape complex;
Internet: social platform
◦ What can be trusted?
Internet




Based on social trust;
OS, architecture and applications should
become socially-aware;
OSN users assign/have inferred trust values
for friends and objects;
Continuum trusted-untrusted.

Signature, Behavior, Information-flow
models:
◦ Automated, rigid and threat-specific.

Shift to Web-based computer paradigm:
◦ Users accomplish most of their computing need
with browser.

What if we leverage social trust to distinguish
a continuum of trusted/untrusted?
◦ Flexibility
◦ Diversity
◦ Stronger security policies

Signature-based
◦ Defeated by code obfuscation, polymorphism,
metamorphism
◦ Cannot prevent zero-day attacks

Behavior-based
◦ Susceptible to false positives
◦ Depends of relevant training data

Information flow-based
◦ Usually assumes all data from the Internet as
untrusted: too restrictive

Unpredictability

Diversity

Continuum of trust/untrusted values

Human role

In Sociology:
◦ Essential commodity
◦ Functional pre-requisite for society

Tool for making trustworthy decisions
◦ Risk and uncertainty
◦ An added bonus?

Computing with Social Trust
◦ New research area

Operating systems manages:
◦ Processes;
◦ Memory;
◦ File systems;
◦ I/O devices;

Operating systems manages:
◦ Processes;
◦ Memory;
◦ File systems;
◦ I/O devices;
◦ Social trust



People user is connected to: email addresses
Objects: URLs, files, IP addresses, files;
Privacy preserved: only sharable objects
[email protected]
Bowdoin College IP: 139.140.214.196/16
http://sourceforge.net/projects/jedit/files/jedit/4.4.1/jedit4.4.1install.exe/download
20 Years of Linux: http://www.cnn.com/2011/TECH/gaming.gadgets/08/25/linux.20/index.html?hpt=hp_bn7
http://www.cc.gatech.edu/~brendan/Virtuoso_Oakland.pdf
Alice
OSN Server
TR User 1
TR User N
TR User 2
TR Alice
Trust-aware syscall interface
TR User 3
TR: Trust Repository
TR Alice
Network
social_synch()
OS
Alice
OSN Server
TR User 1
TR User N
TR User 2
TR Alice
Trust-aware syscall interface
TR User 3
social_synch()
TR: Trust Repository
TR Alice
Network
OS
Alice
OSN Server
TR User 1
TR User N
TR User 2
TR Alice
Trust-aware syscall interface
TR User 3
TR: Trust Repository
Network
social_synch()
TR Alice
OS

Adaptation of Web of Trust (Richardson et al.’ 03)
tij = amount of trust user i has for her friend user j
tjk = amount of trust user j has for her friend user k
tik = amount of trust user i should have for user k, not directly
connected, function of tij and tjk
NxN matrix, where N is the number of user
ti = row vector of user i trust in other users
tik = how much user i trusts her friend user k
tkj = how much user k trusts her friend user j
(tik . tkj) = amount user i trusts user j via k
∑k (tik . tkj) = how much user i trusts user j via any other node.

Represents trust between any two users
◦ Aggregation function concatenates trusts along
paths
(1) M(0) = T
(2) M(n) = T . M (n-1)
Repeat (2) until M(n) = M(n-1)
M(i) is the value of M in iteration i.
Matrix multiplication definition:
Cij = ∑k (Aik . Bkj)

Personal beliefs:
◦ Asserted by a user to an object in her trust
repository
bi = user i’s personal belief (trust) on a certain object.
b = collection of personal beliefs in a particular object
How much a user believes in any sharable object in the network?

Computes for any user, her belief in any
sharable object
(1) b(0) = b
(2) b(n) = T . b(n-1) or (bi)n = ∑k (tik . (bk)n-1)
Repeat (2) until b(n) = b(n-1)
where:
b(i) is the value of b in iteration i.

Streamline security policies and decisionmaking process:
◦ Restriction of system resources based on trust;
◦ Software installation, URL visit.


Information-flow tracking with refined trust
levels;
Anti-SPAM techniques.

OSN or OS compromised:
◦ Attacker increases trust values for malicious
objects:
 System behave as if trustworthy framework was never
installed;
 High trust values do not mean higher privileges:
 The higher the trust, the closer to default levels without
social trust
◦ Attacker decreases trust values for benign objects:
 DoS attack.

Challenges
◦ Management and reliability of social data/trust:
reliability, ethics issues, no standard API;
◦ The socially-aware kernel: managing multiple
repositories, performance, usability, Sybil attacks,
identity management.
◦ Confidentiality and Security: new vulnerabilities,
privacy leaks, exporting trust information.