In this work, we lift two technical assumptions that stand out among the details of Vassena et al.’s translation. First, the security property for which the equivalence is formally established is termination-insensitive noninterference. Second, both coarse and fine-grained languages are statically typed in a standard (security unaware) way. We derive a novel 2-labeled fine-grained dynamic IFC system, for which we have not found a semantics-preserving approach that is idiomatically coarse-grained. We conjecture that 2-labeled (and generally n-labeled) fine grained monitors unveil an expressiveness gap between the fine-grained and the coarse-grained approaches to dynamic IFC.
Modern commodity computing platforms such as smartphones (e.g., Android and iOS) and smart home systems (e.g., SmartThings and NEST) provide programmable interfaces for third-party integration, enabling popular third-party functionality that is often manifested in applications, or apps. Thus, for the last decade, designing systems to analyze mobile apps for vulnerabilities or unwanted behavior has been a major research focus within the security community. Leveraging the lessons and techniques learned from mobile app analysis, researchers have developed similar systems to evaluate the security, safety, and privacy of smart homes by inspecting IoT apps developed for platforms such as SmartThings. However, emerging characteristics of smart home ecosystems indicate the need to move away from the approach of IoT app analysis, as IoT apps may not be representative of the home automation in real homes, and moreover, be unavailable for analysis or instrumentation in the near future.
How can we write secure programs in a pervasively effectful language? In a “pure” language, such as Haskell, effects performed by a program are recorded explicitly in its type. Thus, a function of type Int - Int is just that: a function that receives an integer and returns an integer. It does not perform side effects such as writing to or reading from a channel. In an impure language, such as ML, however, a function of type Int - Int may read, write, or even order a burrito. It’s impossible to assert that a function is secure from its type alone, since it may be performing invisible side effects that may leak a secret.
Finding suitable ways to handle personal data in conformance with the law is challenging. For existing systems the challenge is to be able to show evidence that they are already complying with the GDPR, or otherwise to work towards compliance by modifying their systems and procedures, or alternatively reprogramming their systems in order to pass the eventual controls. In this short non-technical talk I will give my personal opinion on issues related to the ambition of achieving Privacy by Construction.
This talk will present the design of CoVault, a work-in-progress system for securely storing and querying data under a very strong threat model that doesn’t place trust in any one entity or authority, and includes the complete compromise of all CPUs of a specific manufacturer, as well as many common side channel attacks.
Having spent almost 30 years in the field, Ivan intends to provide his insights — opinions informed by experience — about the information security discipline and its young history: Where we are, how did we get here, and what we could look for in the future of our field.
Billions of passwords are leaked due to data breaches in the last few years and are available online. As users frequently reuse passwords, attacks using these leaked passwords are the most imminent threat to account security nowadays.
Trigger-Action Platforms (TAPs) connect disparate online services and enable users to create automation rules in diverse domains such as smart homes and business productivity. Unfortunately, the current TAP design is flawed from a privacy perspective, since it has unfettered access to sensitive user data.
Modular programming is a key concept in software development where the program consists of code modules that are designed and implemented independently. This approach accelerates the development process and enhances scalability of the final product. Modules, however, are often written by third parties, aggravating security concerns such as stealing confidential information, tampering with sensitive data, and executing malicious code.
The GDPR promotes the principle of Privacy by Design and Default, acknowledging that the individual’s privacy is best protected if privacy law is complemented by privacy enhancing technologies (PETs). While technically advanced PETs have been researched and developed in the last four decades, challenges remain for making PETs and their configurations usable. In particular, PETs are often based on “crypto-magic” operations that are counterintuitive and for which no real-world analogies can be easily found.