trust - Berkeley Robotics and Intelligent Machines Lab
Download
Report
Transcript trust - Berkeley Robotics and Intelligent Machines Lab
TRUST:Team for Research in
Ubiquitous Secure Technologies
Strategic and Implementation Plan overview
Shankar Sastry (Berkeley),
Anna Gatti (myQube),
Giuliano Tavaroli (Telecom Italia, Pirelli)
Dec 14th , 2005
Telecom Italia Strategy Meeting
TRUST worthy Systems
More than an Information Technology issue
Complicated interdependencies and composition issues
–
–
–
–
TRUST: “holistic” interdisciplinary systems view of security, software
technology, analysis of complex interacting systems, economic,
legal, and public policy issues
Goals:
–
2
Spans security, systems, and social, legal and economic sciences
Cyber security for computer networks
Critical infrastructure protection
Economic policy, privacy
–
–
Composition and computer security for component technologies
Integrate and evaluate on testbeds
Address societal objectives for stakeholders in real systems
Telecom Italia Meeting
December 14th 2005
Coordinated Research Agenda
TRUST center will develop and demonstrate science and
technology in real-life testbeds.
TRUST has long term research objectives but immediate delivery
of royalty free tools and testbeds available today.
NSF seed funding of $ 19 M (39 M) over 5 (10) years
Expected additional support from US Air Force
NSF/US State Department would like to make partnerships with
key international partners
Coordinated research: eleven challenge areas across three key
topics:
–
3
–
–
Security Science
Systems Science
Social Science
Telecom Italia Meeting
December 14th 2005
Security Science (1)
Network Security
–
–
Focused on making the Internet more secure
Challenges
–
Approaches:
4
Denial of service attacks
Spoofed source addresses
Routing security
Structured overlay networks
Better infrastructure
Epidemic protocols
Simulation and Emulation on DETER testbed (key area for
collaboration with Telecom Italia)
Telecom Italia Meeting
December 14th 2005
Security Science (2)
Trusted Platforms
–
–
–
Software Security
–
–
5
Composition
Security and Vulnerability
Minimal Software and Hardware Configurations
–
–
Static Code Verification
Dynamic Analysis
Multi-lingual Security
Software Design
Telecom Italia Meeting
December 14th 2005
DETER:
Cyber Defense Test and Evaluation Research
Network
Created by National Science
Foundation and Department of
Homeland Security for testing of
network (DDOS, BGP, DNS) attacks
and worm defenses in a vendor and
user neutral framework
6
Telecom Italia Meeting
December 14th 2005
DETER Testbed Goals
Established by Department of Homeland Security and
NSF to facilitate scientific experimentation
–
–
–
–
Establish baseline for validation of new approaches
Made available to industry such as BT, Bell South
Provide a safe platform for experimental approaches that
involve breaking network infrastructure
“Real systems, Real code, Real attacks!”
Provide access for wide community of users
–
7
–
Create researcher- and vendor-neutral environment (Juniper,
Cisco, HP, Foundry, IBM, Sun)
Potential to simulate effects of network attack for Telecom Italia
Telecom Italia Meeting
December 14th 2005
Long Term Objectives
8
Create reusable library of test technology for conducting
realistic, rigorous, reproducible, impartial tests
– For assessing attack impact and defense effectiveness
– Test data, test configurations, analysis software, and
experiment automation tools
Provide usage examples and methodological guidance
– Recommendations for selecting (or developing) tests
and interpreting results
– Test cases and results, possibly including benchmarks
Facilitate testing of prototypes during development and
commercial products during evaluation
Telecom Italia Meeting
December 14th 2005
System Science (1)
Complex Interdependency Modeling and Analysis
–
–
The nation’s critical infrastructure is intertwined and
interdependent. Will begin Power systems, Financial
Systems, and SCADA (Supervisory Control and Data
Acquisition) networks
Four-fold approach to reducing vulnerability of
interdependent systems to disruptive failure
9
Modeling Strategies
Analysis Techniques
Design Technologies
Operational Tools
Telecom Italia Meeting
December 14th 2005
System Science (2)
Secure Network Embedded Systems
–
Present unique security concerns
–
Focus areas:
–
Automated design, verification, and validation
Secure, composable, and adaptive software
Emphasis on sensor networking technology as high-impact
application
10
Conventional end-to-end approaches break down
New code must be propagated throughout the network
Berkeley motes, Tiny OS used by hundreds of groups
Motes being used by Pirelli for tire monitoring
Telecom Italia Meeting
December 14th 2005
The Sensor Network Challenge
Monitoring & Managing Spaces and Things
applications
data
mgmt
service
network
system
architecture
Comm.
11
MEMS
sensing
Store
Proc
uRobots
actuate
Power
technology
Miniature, low-power connections to the physical world
Telecom Italia Meeting
December 14th 2005
Instrumenting the world
Fire Response
Vineyards
Great Duck Island
Building Comfort,
Smart Alarms
Redwoods
Elder Care
Factories
12
Wind Response
Of Golden Gate Bridge Telecom Italia Meeting
Soil monitoring
December 14th 2005
NEST Final Experiment: Demo
13
Telecom Italia Meeting
December 14th 2005
Social Science Security vs. Privacy
Digital Forensics and Privacy
–
–
Privacy cuts across the trust/security issues that are the
focus of TRUST
Common interfaces are needed for specifying privacy
requirements
–
–
Allows privacy properties to transfer as information crosses
compositional boundaries
Emphasis on strong audit, selective revelation of information,
and rule-processing technologies
Research will develop framework for privacy-preserving data
mining, identify theft, and privacy-aware sensor networking.
14
Telecom Italia Meeting
December 14th 2005
Sample Application: Use of IT for health in
the home
Embedded, intelligent sensors as event monitors:
–
–
–
Provide private monitoring and alerting
Can also enable telemedicine functions
Can be used as
–
–
Smart sensors can/will be easy to install and operate
Will be modular and upgradeable:
15
A personal system: electronic patient records belong to the user!
Or integrated with a health care provider system
Learning and/or assimilation technologies that will customize the
devices to individuals.
Telecom Italia Meeting
December 14th 2005
Health Care Security and Privacy Testbed
RS232-Bluetooth
“Cable Replacers”
Device being
deployed
EECS Network
(http)
Sensors
Laptops for
emulation of
other sensors
E.g. Bluetooth
Sender
Fall Detector
Mobile Gateway
Hospital
Terminal, WLAN
Mobile Phone
Internet
Integrated
Camera
RS-232
E.g. Bluetooth
Sender
Berkeley
Mote
RS-232
E.g. Bluetooth
Sender
Berkeley
Motes
Emulate
sensor
Home Health
System
E.g. Bluetooth
Sender
16
Communicator
– Nokia 9500
Camera phone –
Nokia 6670
Emulate
Gateway
Berkeley
Mote
Zigbee
or USB
Telos Motes
Telecom Italia Meeting
December 14th 2005
Social Science: Usability
Human Computer Interfaces and Security
–
–
Security problems may arise through the mis-configuration of
complex systems
Generally, humans lack many computational abilities that are
conducive to securing networks and systems
Research Emphases
–
–
–
Strengthening standard passwords
Using biometric information
Using image recognition
17
Telecom Italia Meeting
December 14th 2005
Some Concluding Remarks
18
TRUST is an excellent point of leverage for Telecom Italia to
develop cyber security and trust solutions for wired/wireless
infrastructures, emerging critical infrastructures. Long term
investment by US Federal Agencies.
Initial points of collaboration could be in Network Defense,
secure wireless networked embedded systems, trusted privacy,
authentication and anti-phishing solutions
TRUST software and solutions are available as royalty-free to
partners
TRUST offers technologists, economists, social scientists and
public policy researchers and teachers.
Telecom Italia can influence strategic directions and testbed
development.
Telecom Italia Meeting
December 14th 2005