Enabling Trust and Efficiency in Provenance-Aware Systems
Adam Bates - University of Illinois at Urbana-Champaign
Apr 26, 2017Size: 575.2MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractIn a provenance-aware system, mechanisms gather and report metadata that describes the history of each object being processed on the system, allowing users to understand how data objects came to exist in their present state. However, little attention has been given to securing provenance-aware systems. Provenance itself is a ripe attack vector, and its authenticity and integrity must be guaranteed before it can be put to use. In this talk, I will detail our efforts to bring trustworthy data provenance to computing systems. These efforts have led to the design and implementation of a provenance-aware operating system anchored in trusted hardware, and a mechanism that leverages the confinement properties provided by Mandatory Access Controls to perform efficient policy-based provenance collection. Using these architectures, I will demonstrate that provenance is an invaluable tool for combating critical security threats including data exfiltration, SQL injection, and even binary exploitation. By addressing key security and performance challenges, this work paves the way for the further proliferation of provenance capabilities.
About the SpeakerAdam Bates is an Assistant Professor in the Computer Science Department at the University of Illinois at Urbana-Champaign. He received his PhD from the University of Florida, where he was advised by Professor Kevin Butler in the study of computer systems and cyber security. Adam has conducted research on a variety of security topics, including SSL/TLS, cloud computing, USB attack vectors, financial services, and telephony infrastructure. He is best known for his work in the area of data provenance, particularly the construction of secure provenance-aware systems.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.