Dynamically Enforcing Knowledge-based Security Policies

Knowledge-based security policies are those which specify a threshold on an adversary’s knowledge about secret data. The data owner initially estimates what an adversary might know about his secret, and with each interaction, defined in terms of a query made by the adversary over his secret data, he updates his estimate. If a query response could lead the adversary’s knowledge to exceed a given threshold, the query is denied.

In this talk I will discuss how we implement query analysis and belief tracking via abstract interpretation using a novel probabilistic polyhedral domain, whose design permits trading off precision with performance while ensuring estimates of a querier’s knowledge are sound. I will present examples of our technique that might apply to personal data. I will also show how our technique can be generalized to reason about knowledge increase in secure multiparty computation (SMC), which is a protocol that allows a set of mutually distrusting parties to compute a function f of their private inputs while revealing nothing about their inputs beyond what is implied by the result. Our technique permits reasoning about what can be inferred by each participant from the result. Finally, I will sketch how we are working to apply our technique to securing sensor data streams.

This is joint work with Piotr Mardziel (Maryland), Jonathan Katz (Maryland), Stephen Magill (formerly at Maryland), and Mudhakar Srivatsa (IBM). For more details see our papers at CSF’11 and PLAS’12:

http://www.cs.umd.edu/~mwh/papers/mardziel11belief.html
http://www.cs.umd.edu/~mwh/papers/mardziel12smc.html

Date:
Speakers:
Michael Hicks
Affiliation:
University of Maryland
    • Portrait of Jeff Running

      Jeff Running