BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Architectures for Practical Client-Side Security - Virgil Gligor\,
  Carnegie Mellon University
DTSTART:20110503T144500Z
DTEND:20110503T154500Z
UID:TALK30299@talks.cam.ac.uk
CONTACT:Wei Ming Khoo
DESCRIPTION:Few of the security architectures proposed for the past four d
 ecades (e.g.\, fine-grain domains of protection\, security kernels\, virtu
 al machines) have made a significant difference on client-side security. I
 n this presentation\, I examine some of the reasons for this and some of t
 he lessons learned to date. Focus on client-side security is warranted pri
 marily because it is substantially more difficult to achieve than server s
 ecurity in practice\, since\nclients interact with human users directly an
 d have to support their security needs.  I argue that system and applicati
 on partitioning to meet user security\nneeds is now feasible [2\,3\,5]\, a
 nd that special focus must be placed on how to design and implement trustw
 orthy communication between users and their\npartitions and between partit
 ions themselves.\n\nTrustworthy communication goes beyond secure channels\
 , firewalls\, guards and filters. The extent to which one partition accept
 s input from or outputs to another depends on the trust established with t
 he input provider and output receiver.  It also depends on input-rate thro
 ttling and output propagation\ncontrol\, which often require establishing 
 some degree of control over remote communication end points.  I illustrate
  some of the fundamental challenges of\ntrustworthy communication at the u
 ser level\, and introduce the notion of optimistic trust with its technica
 l requirements for deterrence for non-compliant input providers and output
  receivers. Useful insights for trustworthy communication are derived from
  the behavioral economics\, biology\n[1] and social [4] aspects of trust.\
 n\nReferences\n\n[1] E. Fehr\, “On the Economics and Biology of Trust\,
 ” Journal of the European Economic Association\, April – May 2009\, pp
 . 235-266.\n\n[2] B. Lampson\, ``Usable Security: How to Get it\,” Comm.
  of the ACM\, vol. 52\, no. 11\, Nov. 2009.\n\n[3] J. McCune\, Y. Li\, N. 
 Qu\, Z. Zhou\, A. Datta\, V. Gligor\, and A. Perrig\, ``TrustVisor: Effici
 ent TCB Reduction and Attestation\,” Proc. of IEEE Symp. on\nSecurity an
 d Privacy\, Oakland\, CA\, May 2010.\n\n[4] F. Stajano and P. Wilson\, “
 Understanding Scam Victims: Seven Principles for Systems Security\,” Uni
 versity of Cambridge Computing Laboratory\,\nUCAM-CL-TR-754\, Aug. 2009.\n
 \n[5] A. Vasudevan\, B. Parno\, N. Qu\, V. Gligor and A. Perrig\, ``Lockdo
 wn: A Safe and Practical Environment for Security Applications\,” Techni
 cal Report\,\nCMU-CyLab-09-011\, July 14\, 2009.
LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR