2003 uw-msr-cmu software security summer institute jim larusmicrosoft research jeannette...
TRANSCRIPT
![Page 1: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/1.jpg)
2003 UW-MSR-CMU
Software SecuritySummer Institute
Jim Larus Microsoft ResearchJeannette Wing Carnegie MellonJohn Zahorjan Univ. WashingtonScott Dakins Univ. Washington
http://research.microsoft.com/projects/SWSecInstitute/
![Page 2: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/2.jpg)
2Summer Institute Jeannette M. Wing
History of Summer Institutes
• Jointly organized by Microsoft Research and University of Washington Computer Science Department
• Goal– To bring leading researchers to the beautiful Pacific Northwest in
the summertime to collaborate on key topics in computer science.
• Institutes – 1997 - Data Mining– 1998 - Intelligent Systems– 1999
• Invisible Computing• Technologies to Improve Software Development
– 2000 - Sharing Software Tool Infrastructure– 2001 - Specifying and Checking Properties of Software– 2003 – Software Security
• Funded by Microsoft Research• This year Carnegie Mellon joins, in both organizing and
funding it (Center for Computer and Communications Security C3S).
![Page 3: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/3.jpg)
3Summer Institute Jeannette M. Wing
Logistics
• Room, travel, reimbursement, excursion, meals, shirts, folders– Dakins
• Technical program– Wing, Larus, Zahorjan
• Meals– Sunday reception and dinner: Stevenson Ballroom “A”– All other meals: Main Dining Room
• Net connections• Meetings
– Hood Meeting Room– Slides to Jim.
• Five Minute Madness (Monday night)– Slides, if you want, to me.– Transparencies available before and during event
![Page 4: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/4.jpg)
4Summer Institute Jeannette M. Wing
Introductions
• Software Security Institute– motivation, overview, and goals
• To each other
![Page 5: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/5.jpg)
5Summer Institute Jeannette M. Wing
Why Are We All Here?
• Security is important.• Security is hard.
• Software keeps growing in size and complexity.• Software users keep growing in number and
diversity.How can we build more secure software systems?
• Technical challenges.
• Professional responsibility to society.
![Page 6: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/6.jpg)
6Summer Institute Jeannette M. Wing
The Security Elephant
• Layers– Cryptography– Protocols (authentication, communication, …)– Computer security (O/S, devices, file system, …)– Network security (distributed systems, firewalls,
intrusion detection, …)– Administrators, users, and attackers
• Properties (buzzwords)– Confidentiality, integrity, availability, privacy,
anonymity, secrecy, trustworthy, high-assurance, …
![Page 7: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/7.jpg)
7Summer Institute Jeannette M. Wing
The Software Elephant
• Layers, artifacts– Code, programs– Low-level design, specifications & unit tests– High-level design (architecture), specifications & system
tests– Applications, documentation– Users
• Properties– Correctness, performance, predictability, ease-of-use, …– Modularity/composability, simplicity/complexity, …
![Page 8: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/8.jpg)
8Summer Institute Jeannette M. Wing
Past and Present
• Some Old Ideas– Orange Book
• Military-style classifications• Formal models of security• Complete (top-to-bottom, inside-out) verification
– Security perimeter• Securing a single machine
• Today’s spectrum
Management
Crypto can’t solve everything
Can’t leave it all to the sysadmins
Theory
and
![Page 9: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/9.jpg)
9Summer Institute Jeannette M. Wing
Trends Covered Here
• Human-computer interfaces (Mon. morn)– Biometrics, usable security, ubiquitous security
• Program analysis techniques (Mon. aft)– Overcoming programming language flaws– Detecting specific security flaws (e.g., buffer overrun)– Checking specific security properties (e.g., information flow)
• Distributed systems techniques (Tues. morn and eve)– Replication, secret-sharing, naming, network protocols, worms
• Measuring and managing security (Tues. aft)– Field reports from CERT, MS Secure Windows Initiative
• Computer architecture trends (Wed morn)– NGSCB (Palladium), bit-level integrity, code obfuscation
• Software engineering practices (Wed aft)– Open source, software architecture, privacy architecture
• New mathematical models– randomization
![Page 10: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/10.jpg)
10Summer Institute Jeannette M. Wing
Trends (Not Explicitly Covered Here)
• E-commerce• E-voting• Spam• Privacy, a la TIA• Digital rights management• Communications, e.g., wireless, broadband
• New mathematical models– Game theory– Econometrics
`
![Page 11: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/11.jpg)
11Summer Institute Jeannette M. Wing
Questions for You
• What is the piece of the security puzzle that you are solving?
• How does your solution interact with someone else’s?
• How can you combine your solutions?
• As a practitioner, what design principles do you follow to make your system more secure?
• As a researcher, how does your method/language/tool help developers build more secure software systems?
• What are your principal unmet technical challenges?
![Page 12: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/12.jpg)
12Summer Institute Jeannette M. Wing
Some Personal Musings
1. Reliability and Security
2. Components and Compositionality
?0 buffer overruns more reliable code more secure
system a. certainly not b. and if by how much “more secure” really?
M1 and M2 M1 + M2 s
a. For what might hold? For what +?
b. For what scale Mi? Function, class, set of …, system of sets of …?
c. How can we check if holds?
d. How can we construct Mi and define + to guarantee holds?
e. Suppose we let s to be different?
=s
=s
=s =
=s
?
=s
![Page 13: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/13.jpg)
13Summer Institute Jeannette M. Wing
Some Personal Musings
3. Security by Design
a. How can we evaluate one design over another wrt security? b. Are there design rules to follow? Metrics to help
evaluation?
4. Security and Privacy
a. What’s the technical distinction?
security = prevents unauthorized access to data
privacy = prevents unauthorized use of data
b. Threat models for privacy
![Page 14: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/14.jpg)
14Summer Institute Jeannette M. Wing
Institute Overview, by the Numbers
• 41 participants– 16 industry (11 research labs, 5 other)– 22 academia– 3 government or independent
• 6 invited talks• 21 other talks• 5 challenge problems + 1 silly brain teaser• 3 town hall discussions• 1 Five Minute Madness• 1 work-and-play excursion• + …some free time!
![Page 15: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/15.jpg)
15Summer Institute Jeannette M. Wing
Institute Goals• Educate• Investigate
– What is the state of the art in building secure software systems?
• How big is the gap between research and practice?– What are the key open problems?
• E.g., what would make good Ph.D. thesis topics for today’s graduate students interested in security?
• Foster Interaction– Town hall discussions– Discussions during and after each presentation– Half-hour breaks, meals– Tuesday afternoon excursion
• Document– Presentations: abstracts and slides by speakers– Challenge problems, solutions– Papers contributed by you• Have Fun!
![Page 16: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/16.jpg)
16Summer Institute Jeannette M. Wing
Institute Participants
• Dirk Balfanz (PARC) • Steve Bellovin (AT&T) • Brian Bershad (UW) • Christian Collberg (Univ. of Arizona) • Crispin Cowan (Immunix) • John DeTreville (Microsoft) • Carl Ellison (Intel) • Matt Franklin (UC Davis) • Li Gong (Sun) • Steven Gribble (UW) • Matthias Jacob (Princeton) • Somesh Jha (Univ. of Wisconsin) • Dick Kemmerer (UC Santa Barbara) • Angelos Keromytis (Columbia Univ.) • Darko Kirovski (Microsoft) • Larry Koved (IBM) • Jim Larus (Microsoft) • Butler Lampson (Microsoft) • Steve Lipner (Microsoft) • Tom Longstaff (SEI/CERT) • Udi Manber (Amazon)
• John Manferdelli (Microsoft) • Gary McGraw (Cigital) • Catherine Meadows (NRL) • Andrew Myers (Cornell Univ.) • Adrian Perrig (CMU) • Jon Pincus (Microsoft) • Radha Poovendran (UW) • Niels Provos (Univ. of Michigan) • Mike Reiter (CMU) • Jim Roskind (formerly of
AOL/Netscape) • Stefan Savage (UC San Diego) • Fred Schneider (Cornell Univ.) • Dan Simon (Microsoft) • Dawn Song (CMU) • Doug Tygar (UC Berkeley) • David Wagner (UC Berkeley) • Dan S. Wallach (Rice Univ.) • Chenxi Wang (CMU) • Jeannette Wing (CMU) • John Zahorjan (UW)
![Page 17: 2003 UW-MSR-CMU Software Security Summer Institute Jim LarusMicrosoft Research Jeannette WingCarnegie Mellon John ZahorjanUniv. Washington Scott DakinsUniv](https://reader036.vdocuments.us/reader036/viewer/2022082512/55141ef5550346ec488b5725/html5/thumbnails/17.jpg)
17Summer Institute Jeannette M. Wing
Introductions
• Name• Affiliation: institution, title• One short sentence