security and the smarter planet

29
© 2009 IBM Corporation Security and the Smarter Planet Dr. Matthias Kaiserswerth Director, IBM Research - Zurich Text 1

Upload: ibm-research-zurich

Post on 20-May-2015

1.037 views

Category:

Technology


4 download

DESCRIPTION

Presentation given by Matthias Kaiserswerth, Director, IBM Research - Zurich Laboratory, in Dresden, German, 8 October 2009. Overview of selected current projects at IBM Research - Zurich on IT security

TRANSCRIPT

Page 1: Security and the Smarter Planet

© 2009 IBM Corporation

Security and the Smarter Planet

Dr. Matthias KaiserswerthDirector, IBM Research - Zurich

Text

1

Page 2: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

AGENDA

• Introduction to IBM Research

• What is a smarter planet?

• Innovations for a smarter planet

• Identity Mixer

• Zone Trusted Information Channel

• Fighting Crime with Analytics2

Page 3: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

AGENDA

• Introduction to IBM Research

• What is a smarter planet?

• Innovations for a smarter planet

• Identity Mixer

• Zone Trusted Information Channel

• Fighting Crime with Analytics3

Page 4: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

The sun never sets on IBM Research

Almaden (CA)Established in 1952

Austin (TX)Established in 1995

Watson (NY)Founded in New York in 1945

ZurichEstablished in 1956

HaifaEstablished in 1972

ChinaEstablished in 1995

IndiaEstablished in 1998

TokyoEstablished in 1982

4

Page 5: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

The sun never sets on IBM Research

• Largest private research organization worldwide

• More than 3,000 scientists and engineers at 8 labs in 6 countries

• IBM spent $6B on R&D in 2008

• Patent leader for 16 years straight

• 5 Nobel Prize Laureates

Almaden (CA)Established in 1952

Austin (TX)Established in 1995

Watson (NY)Founded in New York in 1945

ZurichEstablished in 1956

HaifaEstablished in 1972

ChinaEstablished in 1995

IndiaEstablished in 1998

TokyoEstablished in 1982

5

Page 6: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Source: IFI Patent Intelligence

2008 US Patent Leaders

16 Consecutive Years of Patent Leadership Worldwide

Microsoft Intel HP

4500

0

Num

ber o

f Pat

ents

IBM

20301776

1424

>2x

Oracle EMC Apple Accenture Google

>20x

205 192 186 68 58

4186

70%Software

andServices

6

Page 7: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Open Collaboration To Expand and/or Leverage New Regions, Partners and Research Areas

7

Page 8: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

IBM Research - Zurich Today- 350 Persons including

employees, pre-docs and post-docs and visiting scientists

- 30 different nationalities

- 90 Collaborative projects with universities, industrial partners and governments

- New Nanotech Center to open in 2011

© 2009 IBM Corporation8

Page 9: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Our Major Accomplishments

© 2009 IBM Corporation9

Page 10: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

AGENDA

• Introduction to IBM Research

• What is a smarter planet?

• Innovations for a smarter planet

• Identity Mixer

• Zone Trusted Information Channel

• Fighting Crime with Analytics10

Page 11: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - ZurichIBM Research - Zurich

Global Technology Outlook Genetic Map

Dynamic e-

Business

InternetDatace

nter

TechnologyNano-TechnologyTechnology,

Systems, and Software

Technologyand Systems

Technologyand Systems

TechnologyTechnologyTechnology Technology

Post 9/11

SW Quality/Securit

y Real World Aware

Characte

ristics of On-

Demand

Event-Driven World

ModularSystems

Optimize to

Survive

Data and

Analytics

Stochastic

Analysis and

Optimization

Continual

OptimizationIntellige

nt Informa

tionMetada

taVirtual Identity

People Proxies

Pervasive

CiC Web

PlatformIntellige

nt Infrastru

ctureUtilities Autono

mic

SW Layers Next

Gen Web

On-Deman

d Framework

Architecture

of Busines

s

Innovation in

ServicesEnterpri

se SW

Services 2.0Web 2.0 Digital

Communities

SW Dependability

Legislation and Data

Systems

Design

Optimized SystemsStorage

2000 2001 2002 2003 2004 2005 2006 2007 2008

Managing

Business

Integrity

Pervasive

Embedded

Software

Pervasive

Connectivity

Speak to ITEnterpri

se Mobile

Intellect

ual

Property11

Page 12: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Our world is becoming

Our world is becoming

Virtually all things, processes and waysof working are becoming

Smarter Planet

INSTRUMENTED

INTERCONNECTED

INTELLIGENT

12

Page 13: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Smarter Planet

Smarter planet: Thinking and acting in new ways to make our systems more efficient, productive and responsive, but this doesn’t come without risk.

Our world is becoming

Our world is becoming

Virtually all things, processes and waysof working are becoming

INSTRUMENTED

INTERCONNECTED

INTELLIGENT

13

Page 14: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

50%INCREASE IN THE NUMBER OF MALICIOUS WEB SITES IN 2008

99% OF ALL FINANCIAL ONLINE FRAUD TARGETS THE USA AND EUROPE

IBM Internet Security Systems X-Force® 2008 Trend & Risk Report, http://www.spamlaws.com/spam-stats.html

14.5BMESSAGES A DAY ARE CONSIDERED SPAM

With growth and connectivity, comes increased risk

14

Page 15: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

AGENDA

• Introduction to IBM Research

• What is a smarter planet?

• Innovations for a smarter planet

• Identity Mixer

• Zone Trusted Information Channel

• Fighting Crime with Analytics15

Page 16: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Identity MixerThe flexible RSA problem: Given an RSA modulus n and a number z ∈ Zn find an e ≥ 2and a u ∈ Zn suchue≡z (modn)Strong RSA assumption: solving the flexible RSA problem is hard for big n.Remember : FACTORING ≥ RSA ≥ S-RSASystemparameters: integer invervals Γ, ∆, Λ and length lnOrg Oʼs pk: RSA mod nO > 2ln and (aO, bO, dO, gO, hO) ∈R QRnO

User Uʼs master secret key: xU ∈ ΓUʼs nym with O: P(U,O) = aOxUbOs(U,O), where s(U,O) ∈R ∆ (s(U,O) = Uʼs secret)Credential by O on P(U,O): (c(U,O), e(U,O)) where – e(U,O) ∈R Λ and prime.– c(U,O)e(U,O) ≡ P(U,O)dO ≡ aOxUbOs(U,O)dO (mod nO) Theorem: Given an oracle O that on input xi ∈ Γ outputs(si, ei, ci) s.t. si ∈R ∆, prime ei ∈R Λ and ciei ≡ aOxibOsidO , then computing (c, e, x, s) s.t.c2e ≡ (aOxbOsdO)2& (mod nO) and (x, s, e, c) ̸= (xi, si, ei, ci) is infeasible under the SRSA.U has established pseudonym P(U,Oi) = aOixUbOis(U,Oi) with Oi. U want to prove to Oi possession of a credential by Oj, i.e., valuess(U,Oj), c(U,Oj), e(U,Oj)! s.t.! c(U,Oj)e(U,Oj)! ≡ aOjxUbOjs(U,Oj)dOj 1. U sends A = c(U,Oj)hOjr1 and B = hOjr1gOjr2 to Oi,where r1, r2 ∈R {0, 1}2ln PK{(α,β,γ,δ,ε,ζ,ξ,η) : dOj2 = (A2)α(a1 2)β(b1 2)γ(h1 2)δ ∧Oj Oj OjB2 = (hOj2)ε(gOj2)ζ ∧ 1 = (B2)α(h1 2)δ(g1 2)ξ ∧ Oj! OjP(U,Oi)2 =(aOi2)β(bOi2)η ∧ β∈Γ ∧ γ∈∆ ∧ α∈Λ} .16

Page 17: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Identity Mixer

• Anonymous sharing of data

• On the Internet or via Smart Cards

• Data owner controls who sees the data, for how long and who they can share it with

17

Page 18: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Identity Mixer

You

Friend

Auto Insurance Company

Call Center

Health Insurance

Family Doctor

DNA Database18

Page 19: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

AGENDA• Introduction to IBM Research

• What is a smarter planet?

• Innovations for a smarter planet

• Identity Mixer

• Zone Trusted Information Channel

• Fighting Crime with Analytics

19

Page 20: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Typical online banking scenario

BankYou USB Bank Token

sign(message) SSL/TLS connection

20

Page 21: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Man in the Middle online banking breach

BankYou Spoofed email (phishing)

Trojan Horse Virus

Impersonation

Fake Client

21

Page 22: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

22

Page 23: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Zone Trusted Information Channel (ZTIC)

Back End Server (Bank)

Maintains all asymmetric keys and TLS session keys

for server connection

User PC (possibly under attack)

Looks at/interacts with

ZTIC(secure display)

Separate ZTIC hardware

ZTICProxy

23

Page 24: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

AGENDA• Introduction to IBM Research

• What is a smarter planet?

• Innovations for a smarter planet

• Identity Mixer

• Zone Trusted Information Channel

• Fighting Crime with Analytics

24

Page 25: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Business Analytics

25

Business Optimization

Business Intelligence

Resource planning

Business Automation

Page 26: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

NYPD Real Time Crime Center

26

Page 27: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Fighting Crime with Analytics

27

Page 28: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

Summary

• Progress always comes with great risk. For this reason security needs to be a top priority from the start

• Open collaboration between corporations, academia and government are critical in reducing this risk

• Happy 60th Birthday

28

Page 29: Security and the Smarter Planet

© 2009 IBM Corporation

IBM Research - Zurich

29

Zurich Research Lab

29