Solving Enterprise Security Problem With Hardware Software Hybrid Solution
-
Upload
calmansoor -
Category
Documents
-
view
219 -
download
0
Transcript of Solving Enterprise Security Problem With Hardware Software Hybrid Solution
-
8/6/2019 Solving Enterprise Security Problem With Hardware Software Hybrid Solution
1/7
ECOM 6031 Project Part 1 Information
Solving Enterprise Security Problem withHardware/Software Hybrid Solution
Dr Lucas Hui
(CYC307, 28592190, [email protected])
1
on en
Motivation
Hardware Platforms
Example systems
2
o va on
addresses execution environment
e.g. ar ware or so ware Hardware environment provides
better security
In articular: ke stora e
Higher costs
ore cu t to ep oy Therefore
3
o va on
Combining Hardware and Software
Design easy-to-deploy hardware (e.g.mobile phone)
Aim to derive formal proof withSystem assumptions (Hardware) and
Cryptographic assumptions (Software)
cryptographic/security techniques
4
-
8/6/2019 Solving Enterprise Security Problem With Hardware Software Hybrid Solution
2/7
Hardware Platform 1:
Mobile Phone
IMEI : International Mobile Equipment
SIM card: unique phone number toreceive message (in particular SMS)
Alternative communication channel(GSM/3G Vs Internet)
,external mini-SD card, etc.
5
Hardware Platform 2:
JavaCard
A smart card design
A convenient token form
Tamper-resistant device
sma program ava ar e can eloaded to the card to execute
JavaCard is like a micro-computer
No dis la /in ut/clock A lot of cryptographic functions are
6
o e p one Mobile-Aided Encrypted Web File
Mobile-Aided Encrypted USB/PC FileSystem
SMS-Aided Authentication System
Javacard Encrypted Web File System using
JavaCard
ncryp e e ys em us ngJavaCard
-Communication System (JSCS) 7
Mobile-Aided Encr ted Web FileSystem
ncrypte es are store on e
When PC is connected to a Mobile
PC is able to decrypt and display filesfrom Web after ettin a ke fromMobile
Files cannot be decrypted on Client-
Demo is available
8
-
8/6/2019 Solving Enterprise Security Problem With Hardware Software Hybrid Solution
3/7
Mobile-Aided Encr ted Web File S stem(Unsuccessful Decryption)
9
Mobile-Aided Encrypted Web File System(Successful Decryption)
10
Mobile-AidedEncrypted Web
(Full system of the demo)
1. eys store nserver, sent via
2. Mobile and PC
connecte v aUSB or Bluetooth
11
-File System
1. SMSKeyManagement
.
3. UsingGPS onlydecryptfilesathome,officeor
selectedplaces
12
-
8/6/2019 Solving Enterprise Security Problem With Hardware Software Hybrid Solution
4/7
SMS-AidedAuthentication
1. Mutualu en ca on
2. Against Man-in-e- e ac
3. With formal Proof
13
xamp es o avacar app cat on 1
ncryp e e e ys em us ng ava ar 1. Fordataprotection
2. UseJavaCard(akindofCryptoSmartcard)ashardwaretoken
3. Reauthentication &authentication
4. DoubleEncryption(SessionKeyandProgramKey)
5. DelegationofAccessRightincaseofLostCard (EnforceSecurityPolicy)
Internet
14
xamp es o avacar app ca on
Encrypted PC File System using JavaCard1. Use JavaCardas Hardware Token
. owever, avacar can prov e more cryp ograp ccomputation than a fixed token.
15
xamp es o avacar app ca on
JavaCard-based SecretCommunication System
*messages over theInternet in plaintext
1. UseJavaCard ashardwaretoken
2. Amessagingsystem:Chatroom modeandPrivatemode3. BrowserbasedwithJavaapplet
4. ProvideCommunicationLoggingfacilities16
-
8/6/2019 Solving Enterprise Security Problem With Hardware Software Hybrid Solution
5/7
- emons ra on
Flow:1. ent goes on ne
2. Client sends a secret message to allother online users
3. Client sends a secret messa e tosome online users
. 5. Check the server-side clients
17
- emons ra on
1. Client goes online
18
- emons ra on
1. Client goes online (contd)
19
- emons ra on
2. Client sends a secret message to allother online users
a or eave t an a so
means send to all other
online users
20
-
8/6/2019 Solving Enterprise Security Problem With Hardware Software Hybrid Solution
6/7
- emons ra on
2. Client sends a secret message to allother online users contd
21
- emons ra on
3. Client sends a secret message tosome online users
22
- emons ra on
3. Client sends a secret message tosome online users contd
23
- emons ra on
4. Client goes offline
24
-
8/6/2019 Solving Enterprise Security Problem With Hardware Software Hybrid Solution
7/7
- emons ra on
5. ec e server-s e c en s
communication recordsNote that all theen/decryption is done
by the connectedJavacard
25
26