Secure Communication with an Insecure Internet InfrastructureBut first: some spam!!If you rocked 15-441 (or are doing so), you might consider:"15-610 next semester"Conviva (Very CMU CSD startup)’s looking for summer interns"Dave’s looking for a few students for projects2preview - © 2006-2008 M. Satyanarayanan Preview of 15-610 for Spring 200915-610: Engineering Complex Large-scale Computer SystemsM. Satyanarayanan & Jan HarkesSchool of Computer ScienceCarnegie Mellon University http://www.cs.cmu.edu/~15-610preview - © 2006-2008 M. Satyanarayanan Preview of 15-610 for Spring 2009Vision of this CourseThis is a master's level course to prepare students for technical leadership roles in creating and evolving the complex, large-scale computer systems that society will increasingly depend on in the future. The course will teach the organizing principles of such systems, identifying a core set of versatile techniques that are applicable across many system layers. Students will acquire the knowledge base, intellectual tools, hands-on skills and modes of thought needed to build well-engineered computer systems that withstand the test of time, growth in scale, and stresses of live use. Strong design and implementation skills are expected of all students.! The course assumes a high level of proficiency in all aspects of operating system design and implementation.!preview - © 2006-2008 M. Satyanarayanan Preview of 15-610 for Spring 2009Course OverviewTarget audience• already possess strong hands-on systems skills • desire careers as creators of major computer systems• seek mastery of system design and implementation skillsApproach• small but versatile conceptual toolkit of systems techniques• immersive hands-on experience in applying this toolkit• case studies to learn hard-won experience of othersTechnical knowledgeHands-on expertiseEngineeringWisdom15-410++preview - © 2006-2008 M. Satyanarayanan Preview of 15-610 for Spring 2009Conceptual ToolkitCaching for performance and availabilityPrefetching for performance and availabilityContent-Addressable Storage for performanceDamage containment & replication for reliability and availabilityChallenges of size and longevity• Scale reduction for performance and usability• Reducing fragmentation for performance and manageability• Hints for performance and scalingCoping with human foibles for robustness• limitations of individual users• limitations of large groups of users preview - © 2006-2008 M. Satyanarayanan Preview of 15-610 for Spring 2009Hands-on ProjectsSeries of 4 projectsBased on a single open-source base (Coda File System)• embodies many of concepts discussed in class• almost entirely user-level implementation• local expertiseIndividual projectsHardware donated by Intel for course• loaner laptop for each studentpreview - © 2006-2008 M. Satyanarayanan Preview of 15-610 for Spring 2009Conviva InternshipLive Internet media streaming• Directly from CMU/Berkeley research (Hui Zhang et al.) on overlay multicast• (How do you stream media to 100,000 people on the Internet, with high quality, without a huge fixed infrastructure??)• Highly-available, scalable back-end services• Large-scale data analytics and visualization• Distributed software testing and automation• If parts of this sound similar to a 441 project, don"t be surprised. :) Overlay & p2p multicast is becoming important in the real world.• Std. qualifications - network programming, C/C++/Java, Python, etc. [email protected] for more info.preview - © 2006-2008 M. Satyanarayanan Preview of 15-610 for Spring 2009dga summer projects- Building systems for improving Web security• http://www.cs.cmu.edu/~dwendlan/perspectives/- Prototyping novel Internet architecture features:• http://www.cs.cmu.edu/~dga/papers/aip-hotnets2007-abstract.html- Building large-scale data analysis techniques on mid-sized clusterspreview - © 2006-2008 M. Satyanarayanan Preview of 15-610 for Spring 2009Back to our schedule...What is “Internet Security” ? Worms & VirusesDenial-of-ServiceDNS PoisoningPhishingTrojan HorseTraffic Eavesdropping Route Hijacks Password Cracking IP Spoofing SpamSpywareTraffic modificationEnd-host impersonationMany things to many people!1) Attacks and vulnerabilities at all layers of the stack2) Attackers will attack the most vulnerable / profitable componentsInternet Design Decisions:(ie: how did we get here? )!Origin as a small and cooperative network (=> largely trusted infrastructure)!Global Addressing (=> every sociopath is your next-door neighbor*) !Connection-less datagram service (=> can’t verify source, hard to protect bandwidth)* Dan GeerInternet Design Decisions:(ie: how did we get here? )!Anyone can connect"ANYONE can connect...!Millions of hosts run nearly identical software"single exploit can create epidemic!Most Internet users know about as much as Senator Stevens (aka “the tubes guy”)"God help us all…Our “Narrow” FocusYes: 1) Creating a “secure channel” for communication (today) 2) Protecting network resources and limiting connectivity (last time)No: 1) Preventing software vulnerabilities & malware, or “social engineering”. Secure Communication with an Untrusted InfrastructureISP AISP DISP CISP BAliceBobSecure Communication with an Untrusted InfrastructureISP AISP DISP CISP BAliceBobMallorySecure Communication with an Untrusted InfrastructureISP AISP DISP CISP BAliceHello, I’m“Bob”What do we need for a secure communication channel? !Authentication (Who am I talking to?)!Confidentiality (Is my data hidden?)!Integrity (Has my data been modified?)!Availability (Can I reach the destination?) What is cryptography?"cryptography is about communication in the presence of adversaries." - Ron Rivest“cryptography is using math and other crazy tricks to approximate magic” - Unknown 441 TAWhat is cryptography? Tools to help us build secure communication channels that provide: 1) Authentication 2) Integrity 3) ConfidentialityCryptography As a Tool!Using cryptography securely is not simple!Designing cryptographic schemes correctly is near impossible. Today we want to give you an idea of what can be done with cryptography. Take a security course if you think you may use it in the future (e.g. 18-487)The Great DivideSymmetric Crypto: (Commonly (mis)-called Private key)Asymmetric Crypto: (Public key)Example: RSARequires a pre-shared secret between
View Full Document
Unlocking...