|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Architectures for Practical Client-Side Security
If you have a question about this talk, please contact Wei Ming Khoo.
Few of the security architectures proposed for the past four decades (e.g., fine-grain domains of protection, security kernels, virtual machines) have made a significant difference on client-side security. In this presentation, I examine some of the reasons for this and some of the lessons learned to date. Focus on client-side security is warranted primarily because it is substantially more difficult to achieve than server security in practice, since clients interact with human users directly and have to support their security needs. I argue that system and application partitioning to meet user security needs is now feasible [2,3,5], and that special focus must be placed on how to design and implement trustworthy communication between users and their partitions and between partitions themselves.
Trustworthy communication goes beyond secure channels, firewalls, guards and filters. The extent to which one partition accepts input from or outputs to another depends on the trust established with the input provider and output receiver. It also depends on input-rate throttling and output propagation control, which often require establishing some degree of control over remote communication end points. I illustrate some of the fundamental challenges of trustworthy communication at the user level, and introduce the notion of optimistic trust with its technical requirements for deterrence for non-compliant input providers and output receivers. Useful insights for trustworthy communication are derived from the behavioral economics, biology  and social  aspects of trust.
 E. Fehr, “On the Economics and Biology of Trust,” Journal of the European Economic Association, April – May 2009, pp. 235-266.
 B. Lampson, ``Usable Security: How to Get it,” Comm. of the ACM , vol. 52, no. 11, Nov. 2009.
 J. McCune, Y. Li, N. Qu, Z. Zhou, A. Datta, V. Gligor, and A. Perrig, ``TrustVisor: Efficient TCB Reduction and Attestation,” Proc. of IEEE Symp. on Security and Privacy, Oakland, CA, May 2010.
 F. Stajano and P. Wilson, “Understanding Scam Victims: Seven Principles for Systems Security,” University of Cambridge Computing Laboratory, UCAM -CL-TR-754, Aug. 2009.
 A. Vasudevan, B. Parno, N. Qu, V. Gligor and A. Perrig, ``Lockdown: A Safe and Practical Environment for Security Applications,” Technical Report, CMU -CyLab-09-011, July 14, 2009.
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsCUED Control Group Seminars The Cultures of Climate Change Cambridge Centre for Analysis talks
Other talksThe Theory of Optimum Financial Areas: Retooling the Debate on the Governance of Global Finance Transport Scotland Random walk on the random graph Beta oxidation in signalling and development. What plants can teach us about yeast and animals Multilevel sequential Monte Carlo Samplers. What can history tell us about current health inequalities?