University of Cambridge > > Microsoft Research Cambridge, public talks > Dynamically Enforcing Knowledge-based Security Policies

Dynamically Enforcing Knowledge-based Security Policies

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Microsoft Research Cambridge Talks Admins.

This event may be recorded and made available internally or externally via Microsoft will own the copyright of any recordings made. If you do not wish to have your image/voice recorded please consider this before attendin

Knowledge-based security policies are those which specify a threshold on an adversary’s knowledge about secret data. The data owner initially estimates what an adversary might know about his secret, and with each interaction, defined in terms of a query made by the adversary over his secret data, he updates his estimate. If a query response could lead the adversary’s knowledge to exceed a given threshold, the query is denied.

In this talk I will discuss how we implement query analysis and belief tracking via abstract interpretation using a novel probabilistic polyhedral domain, whose design permits trading off precision with performance while ensuring estimates of a querier’s knowledge are sound. I will present examples of our technique that might apply to personal data. I will also show how our technique can be generalized to reason about knowledge increase in secure multiparty computation (SMC), which is a protocol that allows a set of mutually distrusting parties to compute a function f of their private inputs while revealing nothing about their inputs beyond what is implied by the result. Our technique permits reasoning about what can be inferred by each participant from the result. Finally, I will sketch how we are working to apply our technique to securing sensor data streams.

This is joint work with Piotr Mardziel (Maryland), Jonathan Katz (Maryland), Stephen Magill (formerly at Maryland), and Mudhakar Srivatsa (IBM). For more details see our papers at CSF ’11 and PLAS ’12:

This talk is part of the Microsoft Research Cambridge, public talks series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.


© 2006-2022, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity