Alessandro Bruni is hosting the OWASP Local Meetup at IT-Universitetet. To participate, sign up here September 28th.
Speaker: Bernardo David (Tokyo Institute of Technology)
Title: Cryptographic Protocols for Privacy Preserving Computation and Blockchain Application
Abstract: The 1980s saw the introduction of the first cryptographic protocols for performing digital financial transactions and computing programs on private data. However, these applications have only recently been deployed in real world scenarios with the advent of highly efficient multiparty computation protocols and blockchain based cryptocurrencies. In this talk, we give an overview of recent advances in techniques for performing privacy preserving computation and building next generation cryptocurrencies, while exploring the interplay between them. We will briefly describe recent advances in commitment and oblivious transfer schemes, which have enabled more efficient privacy preserving computation. Next, we discuss the Ouroboros family of highly scalable Proof-of-Stake based blockchains, which rely on secure computation for randomness generation. Combining both lines of work, we present applications such as efficient privacy preserving smart contracts and decentralised online card games with financial rewards. Finally, we discuss future directions towards building novel applications and improving the efficiency of current protocols.
Speaker: Alejandro Russo (Chalmers)
Title: Faceted Secure Multi Execution
Abstract: To enforce non-interference, both Secure Multi-Execution (SME) and Multiple Facets (MF) rely on the introduction of multi-executions. The attractiveness of these techniques is that they are precise: secure programs running under SME or MF do not change their behavior. Although MF was intended as an optimization for SME, it does provide a weaker security guarantee for termination leaks. This paper presents Faceted Secure Multi Execution (FSME), a novel synthesis of MF and SME that combines the stronger security guarantees of SME with the optimizations of MF. The development of FSME required a unification of the ideas underlying MF and SME into a new multi-execution framework (MEF), which can be parameterized to provide MF, SME, or our new approach FSME, thus enabling an apples-to-apples comparison and benchmarking of all three approaches. Unlike the original work on MF and SME, MEF supports arbitrary (and possibly infinite) lattices necessary for decentralized labeling models—a feature needed in order to make possible the writing of applications where each principal can impose confidentiality and integrity requirements on data. We provide some micro-benchmarks for evaluating MEF and write a file hosting service, called ProtectedBox, whose functionality can be securely extended via third-party plugins. This talk is based on a joint work with T. Schmitz, M. Algehed, and C. Flanagan and it will be presented in CCS this year.
Speaker: Ludwig Seitz, RISE SICS
Title: (I)IoT Security
Abstract: This talk explores the use of IoT in industrial scenarios and the security challenges involved. It gives and an overview of the standards landscape for IoT security and how these standards could be used in practice.
Dr. Ludwig Seitz is a Senior Researcher at the Security Lab at RISE SICS. His main competences are IoT security and access control. Ludwig has long-term experience in standardization work, having contributed to the OASIS standard XACML v3.0 and to several ongoing standardization proposals at the IETF.
Speaker: Andrzej Wąsowski, ITU
Title: Reasoning about anonymity and leakage using Bayesian inference
Abstract: Differential privacy is a state of the art method for measuring protection of subjects against re-identification in data. Unfortunately, its reliance on a very indirect mathematical definition is deeply problematic: nobody really understands what are the guarantees of the differential privacy in practice. Probability is a commonly understood measure of risk. Can we use the probability of re-identification to measure anonymity?I will report on early results of early work aiming to answer these questions. I will show small examples of (borderline trivial) analytics programs, and results of transforming them to probabilistic programs with Bayesian semantics. Interestingly, the transformation from a (functional) analytics program to a probabilistic Bayesian program is appealingly beautiful: you just switch the monad in which the computation is performed. Consequently it seems easy to automate. This will allow me to ask some (still trivial) questions about risk of data leakage using Bayesian inference algorithms.
Speaker: Willard Rafnsson, ITU
Title: Secure Multi-Execution: Fine-grained, Declassification-aware, and Transparent
Abstract: Recently, much progress has been made on achieving information-flow security via secure multi-execution. Secure multi-execution (SME) is an elegant way to enforce security by executing a given program multiple times, once for each security level, while carefully dispatching inputs and ensuring that an execution at a given level is responsible for producing outputs for information sinks at that level. Secure multiexecution guarantees noninterference, in the sense of no dependencies from secret inputs to public outputs, and transparency, in the sense that if a program is secure then its secure multiexecution does not destroy its original behavior.
This paper pushes the boundary of what can be achieved with secure multi-execution. First, we lift the assumption from the original secure multi-execution work on the totality of the input environment (that there is always assumed to be input) and on the cooperative scheduling. Second, we generalize secure multi-execution to distinguish between security levels of presence and content of messages. Third, we introduce a declassification model for secure multi-execution that allows expressing what information can be released. Fourth, we establish a full transparency result showing how secure multiexecution can preserve the original order of messages in secure programs. We demonstrate that full transparency is a key enabler for discovering attacks with secure multi-execution.
Speaker: David Simonsen, Dencypt
Title: Cyber security, too large to fail - too large to handle?
Abstract: It is easier than ever to attack in cyberspace - both at the technical, psychological, organisational and societal level. The traits that make us ‘human' seem to be our greatest vulnerabilities: trust, curiosity, empathy, narcissism etc. The challenge is to maintain a democratic system in which freedom of thought, speech and privacy is maintained as the drivers of continuous development of society. The talk will discuss the following: - living with the infrastructure for surveillance, principles for security in a transparent environment - common psychology and the general breakdown of security practices, principles for usability - the building block of digital trust: cryptography, how and when? - suggested large scale organisational strategies to tackle information security
David Simonsen has >15 years of experience with building digital infrastructures, both in the public sector (role based access management infrastructure at national and international scale, head of WAYF - Where Are You From and eduroam.org) and the private sector (applied cryptography, CEO of Dencrypt A/S).
"Forskningens Døgn 2018" will be held at the IT-Universitetet on April 19th, 2018. For more information click on the logo.
DemTech launches research project on comparative forensics of the AVS WinVote voting machine. For more information, check the project's homepage.
Speaker: Irina Shklovski, Department of BusinessIT, IT University of Copenhagen
Title: The Problems of IoT: Security, Ethics and other troubles
Abstract: IoT devices promise efficiency and seamless integration of technology into even the most mundane daily practices. What is often overlooked is that these mundane practices are also incredibly intimate and the risk of exposure from poor technological implementations increases exponentially. The behavior of IoT devices can reflect not only the technical prowess but also the moral reasoning of their creators. As data-intensive sensor-based technologies enter the most intimate of spaces, how are we to ensure that these devices act ethically? The concept of ‘ethics’ can be aligned with security, with community development, with financial decisions or design concerns. Often, the idea of ethics is discussed with respect to privacy and compliance with the EU General Data Protection Regulation (EU GDPR). What are the potential reasons for the common concerns with IoT products and services? My argument is that ethical reasoning as well as discussions of security and privacy compliance must happen at the point of design and development decisions rather than at the end of the development process, but often does not. I will discuss the kinds of values that many designers and developers are currently debating in the IoT community and consider some longer term solutions.
Speaker: Kristoffer Kjærgaard Christensen, Department of Political Science, University of Copenhagen
Title: Corporate Zones of Cyber Security
Abstract: This talk discusses the controversies between private companies and the state over the scope and nature of cyber-security governance. Owing to the complex, dynamic, and pervasive nature of information and communication technology (ICT) and a plethora of different actors, cyber-security governance is characterised by a fundamental uncertainty that increasingly challenges the role of the state as the spatial and political fulcrum of security governance. In this talk, I therefore engage with the negotiation of this uncertainty in the controversies between private companies and the state in relation to three of the most salient issues in current debates about cyber-security governance: public- private partnerships on cyber security, the geopolitics of cloud computing, and corporate transparency practices. To this end, I introduce a “topological sensibility” to security governance to attend to how corporate spaces of cyber-security governance challenge and contest the political authority of the state and evade neat territorial delineation. A topological sensibility attunes us to the multiple, overlapping spaces of cyber-security governance that are at play in the controversies between private companies and the state, as well as to how digital technologies co-shape these spaces and the conditions of possibility for politics.
Together the empirical cases show that the relations between companies and the state are fraught with contradictions and paradoxes, and that we cannot and should not conflate all things “cyber”. However, in the light of the cases, it is also clear that private companies are central political actors on par with states in contemporary security governance, even if they do no refer to a state public. They contribute to the continuous negotiation of spaces of security governance and political authority, which cannot be neatly confined to neither the nation-state nor globalisation. Here the salience of the fact that most digital technologies are privately owned, operated, and developed can hardly be overstated. These technologies enable new spaces of politics and different forms of counter-conduct vis-à-vis the state, but also become important sites of political battle themselves. We need to attend to these corporate spaces and their political dynamics, since they may paradoxically harness both the political and democratic challenges and potential for contemporary security governance. These issues are not likely to disappear or become any less salient in the foreseeable future. Quite the contrary. Hence they call for critical, persistent, and targeted efforts by multiple civil-society actors to hold companies to account for both the challenges and the potential.
Speaker: Frederik Madsen, Department of Computer Science, IT University of Copenhagen
Title: Collaboration among Adversaries: Distributed Workflow Execution on a Blockchain
Abstract: We study distributed declarative workflow execution in an adversarial setting. In this setting, parties to an agreed-upon workflow do not trust each other to follow that workflow, or suspect the other party might misrepresent proceedings at a later time. We demonstrate how distributed declara- tive workflow execution can be implemented as smart con- tracts, guaranteeing (I) enforcement of workflow semantics, and (II) an incontrovertible record of workflow execution his- tory. Crucially, we achieve both properties without relying on a trusted third party.
The implementation is based on the Ethereum blockchain, inheriting the security properties (I) and (II) from the guarantees given by that chain. A recurring challenge for both the implementation and the analysis is the cost of opera- tions on Ethereum: This cost must be minimised for honest parties, and an adversary must be prevented from inflicting extra cost on others.
Speaker: Søren Debois, IT University of Copenhagen
Title: On Purpose and by Necessity: Compliance under the GDPR
Joint work with Thomas Hildebrandt (ITU -> KU) & David Basin (ETH)
Abstract: The European General Data Protection Regulation (GDPR) gives primacy to purpose: Data may be collected and stored only when (i) end-users have consented, often explicitly, to the purposes for which that data is collected, and (ii) the collected data is actually necessary for achieving these purposes. This development in data protection regulations begets the question: how do we audit a computer system’s adherence to a purpose?
We propose an approach that identifies a purpose with a business process, and show how formal models of interprocess communication can be used to audit or even derive privacy policies. Based on this insight, we propose a methodology for auditing GDPR compliance. Moreover, we show how given a simple interprocess dataflow model, aspects of GDPR compliance can be determined algorithmically.
We are proud to announce that Assistant Professor Willard Rafnussen is joining the Center in May. Willard works in language based security, in particular information flow security.