Towards trustworthy computing on untrustworthy hardware

Historically, hardware was thought to be inherently secure and trusted due to its obscurity and the isolated nature of its design and manufacturing. In the last two decades, however, hardware trust and security have emerged as pressing issues. Modern day hardware is surrounded by threats manifested mainly in undesired modifications by untrusted parties in its supply chain, unauthorized and pirated selling, injected faults, and system and microarchitectural level attacks. These threats, if realized, are expected to push hardware to abnormal and unexpected behaviour causing real-life damage and significantly undermining our trust in the electronic and computing systems we use in our daily lives and in safety critical applications. A large number of detective and preventive countermeasures have been proposed in literature. It is a fact, however, that our knowledge of potential consequences to real-life threats to hardware trust is lacking given the limited number of real-life reports and the plethora of ways in which hardware trust could be undermined. With this in mind, run-time monitoring of hardware combined with active mitigation of attacks, referred to as trustworthy computing on untrustworthy hardware, is proposed as the last line of defence. This last line of defence allows us to face the issue of live hardware mistrust rather than turning a blind eye to it or being helpless once it occurs. This thesis proposes three different frameworks towards trustworthy computing on untrustworthy hardware. The presented frameworks are adaptable to different applications, independent of the design of the monitored elements, based on autonomous security elements, and are computationally lightweight. The first framework is concerned with explicit violations and breaches of trust at run-time, with an untrustworthy on-chip communication interconnect presented as a potential offender. The framework is based on the guiding principles of component guarding, data tagging, and event verification. The second framework targets hardware elements with inherently variable and unpredictable operational latency and proposes a machine-learning based characterization of these latencies to infer undesired latency extensions or denial of service attacks. The framework is implemented on a DDR3 DRAM after showing its vulnerability to obscured latency extension attacks. The third framework studies the possibility of the deployment of untrustworthy hardware elements in the analog front end, and the consequent integrity issues that might arise at the analog-digital boundary of system on chips. The framework uses machine learning methods and the unique temporal and arithmetic features of signals at this boundary to monitor their integrity and assess their trust level

Cyber Law and Espionage Law as Communicating Vessels

Professor Lubin\u27s contribution is Cyber Law and Espionage Law as Communicating Vessels, pp. 203-225. Existing legal literature would have us assume that espionage operations and “below-the-threshold” cyber operations are doctrinally distinct. Whereas one is subject to the scant, amorphous, and under-developed legal framework of espionage law, the other is subject to an emerging, ever-evolving body of legal rules, known cumulatively as cyber law. This dichotomy, however, is erroneous and misleading. In practice, espionage and cyber law function as communicating vessels, and so are better conceived as two elements of a complex system, Information Warfare (IW). This paper therefore first draws attention to the similarities between the practices – the fact that the actors, technologies, and targets are interchangeable, as are the knee-jerk legal reactions of the international community. In light of the convergence between peacetime Low-Intensity Cyber Operations (LICOs) and peacetime Espionage Operations (EOs) the two should be subjected to a single regulatory framework, one which recognizes the role intelligence plays in our public world order and which adopts a contextual and consequential method of inquiry. The paper proceeds in the following order: Part 2 provides a descriptive account of the unique symbiotic relationship between espionage and cyber law, and further explains the reasons for this dynamic. Part 3 places the discussion surrounding this relationship within the broader discourse on IW, making the claim that the convergence between EOs and LICOs, as described in Part 2, could further be explained by an even larger convergence across all the various elements of the informational environment. Parts 2 and 3 then serve as the backdrop for Part 4, which details the attempt of the drafters of the Tallinn Manual 2.0 to compartmentalize espionage law and cyber law, and the deficits of their approach. The paper concludes by proposing an alternative holistic understanding of espionage law, grounded in general principles of law, which is more practically transferable to the cyber realmhttps://www.repository.law.indiana.edu/facbooks/1220/thumbnail.jp

The fair dealing doctrine in respect of digital books

Copyright is essentially the right of the rightsholder of an original work to prohibit others from making or distributing unauthorised copies of his or her work. More specifically for this dissertation, when an end user deals with digital content, one of the aims of copyright becomes the balancing of the conflicting interests in ‘exclusivity’ on the one hand, and in ‘access to information’ on the other. Exclusivity is achieved by the rightsholders through technological protection measures to protect their commercial interests. Access to information is achieved where works are available to the general public without payment and technological protection measures and where the digital content is not directly marketed for commercial gain. Exclusivity and access to information are two conflicting cultures surrounding copyright in the digital era. It is submitted that unless we find a socio-economic-legal way for the dynamic coexistence of these two conflicting cultures by means of fair dealing, the culture of exclusivity will eventually dominate fair access to information. The transient nature of digital content means that rightsholders have little or no control over their works once the end user has obtained a legal digital copy of the work. The right ‘to prohibit’ end users from copying and distributing unauthorised copies is, therefore, largely meaningless unless a legal or other solution can be found to discourage end users from the unauthorised reproduction and distribution of unauthorised copies of the work. Currently, technological protection measures are used to manage such digital rights because legal permissions within the doctrine of fair dealing for works in printed (analogue) format are inadequate. It is, however, submitted that a legal solution to discourage end users from copying and distributing unauthorised copies rests on two pillars. Firstly, the solution must be embedded in state-of-the-art digital rights management systems and secondly the business model used by publishers, and academic publishers in particular, should change fundamentally from a business-to-consumer model to a business-to-business model. Empirical evidence shows that the printing of e-content will continue to be relevant far into the future. Therefore, the management of fair dealing to allow for the printing of digital content will become increasingly important at educational institutions that use e-books as prescribed course material. It is submitted that although the origination cost of print editions and e-books correspond, the relatively high retail price of e-books appears to be based on the fact that academic publishers of digital content do not have the legal or digital rights management tools to manage the challenges arising from the fair dealing doctrine. The observation that academic publishers are reluctant to grant collecting societies mandates to manage the distribution of digital content, and/or the right to manage the authorised reproduction (printing) of the digital content, supports this hypothesis. Ultimately, with technologies at our disposal, the fair use of content in digital and print format can be achieved because it should simply be cheaper to comply with copyright laws than to make unauthorised digital or printed copies of content that our society desperately needs to make South Africa a winning nation.Mercantile LawLL. M

Intelligent Circuits and Systems

ICICS-2020 is the third conference initiated by the School of Electronics and Electrical Engineering at Lovely Professional University that explored recent innovations of researchers working for the development of smart and green technologies in the fields of Energy, Electronics, Communications, Computers, and Control. ICICS provides innovators to identify new opportunities for the social and economic benefits of society.　 This conference bridges the gap between academics and R&D institutions, social visionaries, and experts from all strata of society to present their ongoing research activities and foster research relations between them. It provides opportunities for the exchange of new ideas, applications, and experiences in the field of smart technologies and finding global partners for future collaboration. The ICICS-2020 was conducted in two broad categories, Intelligent Circuits & Intelligent Systems and Emerging Technologies in Electrical Engineering

Demystifying Internet of Things Security

Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. The IoT presents unique challenges in implementing security and Intel has both CPU and Isolated Security Engine capabilities to simplify it. This book explores the challenges to secure these devices to make them immune to different threats originating from within and outside the network. The requirements and robustness rules to protect the assets vary greatly and there is no single blanket solution approach to implement security. Demystifying Internet of Things Security provides clarity to industry professionals and provides and overview of different security solutions What You'll Learn Secure devices, immunizing them against different threats originating from inside and outside the network Gather an overview of the different security building blocks available in Intel Architecture (IA) based IoT platforms Understand the threat pyramid, secure boot, chain of trust, and the software stack leading up to defense-in-depth Who This Book Is For Strategists, developers, architects, and managers in the embedded and Internet of Things (IoT) space trying to understand and implement the security in the IoT devices/platforms

Security protocols suite for machine-to-machine systems

Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks

Information leakage and steganography: detecting and blocking covert channels

This PhD Thesis explores the threat of information theft perpetrated by malicious insiders. As opposite to outsiders, insiders have access to information assets belonging the organization, know the organization infrastructure and more importantly, know the value of the different assets the organization holds. The risk created by malicious insiders have led both the research community and commercial providers to spend efforts on creating mechanisms and solutions to reduce it. However, the lack of certain controls by current proposals may led security administrators to a false sense of security that could actually ease information theft attempts. As a first step of this dissertation, a study of current state of the art proposals regarding information leakage protections has been performed. This study has allowed to identify the main weaknesses of current proposals which are mainly the usage of steganographic algorithms, the lack of control of modern mobile devices and the lack of control of the action the insiders perform inside the different trusted applications they commonly use. Each of these drawbacks have been explored during this dissertation. Regarding the usage of steganographic algorithms, two different steganographic systems have been proposed. First, a steganographic algorithm that transforms source code into innocuous text has been presented. This system uses free context grammars and to parse the source code to be hidden and produce an innocuous text. This system could be used to extract valuable source code from software development environments, where security restrictions are usually softened. Second, a steganographic application for iOS devices has also been presented. This application, called “Hide It In” allows to embed images into other innocuous images and send those images through the device email account. This application includes a cover mode that allows to take pictures without showing that fact in the device screen. The usage of these kinds of applications is suitable in most of the environments which handle sensitive information, as most of them do not incorporate mechanisms to control the usage of advanced mobile devices. The application, which is already available at the Apple App Store, has been downloaded more than 5.000 times. In order to protect organizations against the malicious usage of steganography, several techniques can be implemented. In this thesis two different approaches are presented. First, steganographic detectors could be deployed along the organization to detect possible transmissions of stego-objects outside the organization perimeter. In this regard, a proposal to detect hidden information inside executable files has been presented. The proposed detector, which measures the assembler instruction selection made by compilers, is able to correctly identify stego-objects created through the tool Hydan. Second, steganographic sanitizers could be deployed over the organization infrastructure to reduce the capacity of covert channels that can transmit information outside the organization. In this regard, a framework to avoid the usage of steganography over the HTTP protocol has been proposed. The presented framework, diassembles HTTP messages, overwrites the possible carriers of hidden information with random noise and assembles the HTTP message again. Obtained results show that it is possible to highly reduce the capacity of covert channels created through HTTP. However, the system introduces a considerable delay in communications. Besides steganography, this thesis has also addressed the usage of trusted applications to extract information from organizations. Although applications execution inside an organization can be restricted, trusted applications used to perform daily tasks are generally executed without any restrictions. However, the complexity of such applications can be used by an insider to transform information in such a way that deployed information protection solutions are not able to detect the transformed information as sensitive. In this thesis, a method to encrypt sensitive information using trusted applications is presented. Once the information has been encrypted it is possible to extract it outside the organization without raising any alarm in the deployed security systems. This technique has been successfully evaluated against a state of the art commercial data leakage protection solution. Besides the presented evasion technique, several improvements to enhance the security of current DLP solutions are presented. These are specifically focused in avoiding information leakage through the usage of trusted applications. The contributions of this dissertation have shown that current information leakage protection mechanisms do not fully address all the possible attacks that a malicious insider can commit to steal sensitive information. However, it has been shown that it is possible to implement mechanisms to avoid the extraction of sensitive information by malicious insiders. Obviously, avoiding such attacks does not mean that all possible threats created by malicious insiders are addressed. It is necessary then, to continue studying the threats that malicious insiders pose to the confidentiality of information assets and the possible mechanisms to mitigate them. ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Esta tesis doctoral explora la amenaza creada por los empleados maliciosos en lo referente a la confidencialidad de la información sensible (o privilegiada) en posesión de una organización. Al contrario que los atacantes externos a la organización, los atacantes internos poseen de acceso a los activos de información pertenecientes a la organización, conocen la infraestructura de la misma y lo más importante, conocen el valor de los mismos. El riesgo creado por los empleados maliciosos (o en general atacantes internos) ha llevado tanto a la comunidad investigadora como a los proveedores comerciales de seguridad de la información a la creación de mecanismos y soluciones para reducir estas amenazas. Sin embargo, la falta de controles por parte de ciertas propuestas actuales pueden inducir una falsa sensación de seguridad en los administradores de seguridad de las organizaciones, facilitando los posibles intentos de robo de información. Para la realización de esta tesis doctoral, en primer lugar se ha realizado un estudio de las propuestas actuales con respecto a la protección de fugas de información. Este estudio ha permitido identificar las principales debilidades de las mismas, que son principalmente la falta de control sobre el uso de algoritmos esteganográficos, la falta de control de sobre dispositivos móviles avanzados y la falta de control sobre las acciones que realizan los empleados en el interior de las organizaciones. Cada uno de los problemas identificados ha sido explorado durante la realización de esta tesis doctoral. En lo que respecta al uso de algoritmos esteganográficos, esta tesis incluye la propuesta de dos sistemas de ocultación de información. En primer lugar, se presenta un algoritmo esteganográfico que transforma código fuente en texto inocuo. Este sistema utiliza gramáticas libres de contexto para transformar el código fuente a ocultar en un texto inocuo. Este sistema podría ser utilizado para extraer código fuente valioso de entornos donde se realiza desarrollo de software (donde las restricciones de seguridad suelen ser menores). En segundo lugar, se propone una aplicación esteganográfica para dispositivos móviles (concretamente iOS). Esta aplicación, llamada “Hide It In” permite incrustar imágenes en otras inocuas y enviar el estegoobjeto resultante a través de la cuenta de correo electrónico del dispositivo. Esta aplicación incluye un modo encubierto, que permite tomar imágenes mostrando en el propio dispositivo elementos del interfaz diferentes a los de a cámara, lo que permite tomar fotografías de forma inadvertida. Este tipo de aplicaciones podrían ser utilizadas por empleados malicios en la mayoría de los entornos que manejan información sensible, ya que estos no suelen incorporar mecanismos para controlar el uso de dispositivos móviles avanzados. La aplicación, que ya está disponible en la App Store de Apple, ha sido descargada más de 5.000 veces. Otro objetivo de la tesis ha sido prevenir el uso malintencionado de técnicas esteganográficas. A este respecto, esta tesis presenta dos enfoques diferentes. En primer lugar, se pueden desplegar diferentes detectores esteganográficos a lo largo de la organización. De esta forma, se podrían detectar las posibles transmisiones de estego-objetos fuera del ámbito de la misma. En este sentido, esta tesis presenta un algoritmo de estegoanálisis para la detección de información oculta en archivos ejecutables. El detector propuesto, que mide la selección de instrucciones realizada por los compiladores, es capaz de identificar correctamente estego-objetos creados a través de la herramienta de Hydan. En segundo lugar, los “sanitizadores” esteganográficos podrían ser desplegados a lo largo de la infraestructura de la organización para reducir la capacidad de los posibles canales encubiertos que pueden ser utilizados para transmitir información sensible de forma descontrolada.. En este sentido, se ha propuesto un marco para evitar el uso de la esteganografía a través del protocolo HTTP. El marco presentado, descompone los mensajes HTTP, sobrescribe los posibles portadores de información oculta mediante la inclusión de ruido aleatorio y reconstruye los mensajes HTTP de nuevo. Los resultados obtenidos muestran que es posible reducir drásticamente la capacidad de los canales encubiertos creados a través de HTTP. Sin embargo, el sistema introduce un retraso considerable en las comunicaciones. Además de la esteganografía, esta tesis ha abordado también el uso de aplicaciones de confianza para extraer información sensible de las organizaciones. Aunque la ejecución de aplicaciones dentro de una organización puede ser restringida, las aplicaciones de confianza, que se utilizan generalmente para realizar tareas cotidianas dentro de la organización, se ejecutan normalmente sin ninguna restricción. Sin embargo, la complejidad de estas aplicaciones puede ser utilizada para transformar la información de tal manera que las soluciones de protección ante fugas de información desplegadas no sean capaces de detectar la información transformada como sensibles. En esta tesis, se presenta un método para cifrar información sensible mediante el uso de aplicaciones de confianza. Una vez que la información ha sido cifrada, es posible extraerla de la organización sin generar alarmas en los sistemas de seguridad implementados. Esta técnica ha sido evaluada con éxito contra de una solución comercial para la prevención de fugas de información. Además de esta técnica de evasión, se han presentado varias mejoras en lo que respecta a la seguridad de las actuales soluciones DLP. Estas, se centran específicamente en evitar la fuga de información a través del uso de aplicaciones de confianza. Las contribuciones de esta tesis han demostrado que los actuales mecanismos para la protección ante fugas de información no responden plenamente a todos los posibles ataques que puedan ejecutar empleados maliciosos. Sin embargo, también se ha demostrado que es posible implementar mecanismos para evitar la extracción de información sensible mediante los mencionados ataques. Obviamente, esto no significa que todas las posibles amenazas creadas por empleados maliciosos hayan sido abordadas. Es necesario por lo tanto, continuar el estudio de las amenazas en lo que respecta a la confidencialidad de los activos de información y los posibles mecanismos para mitigar las mismas

Cabining Intellectual Property through a Property Paradigm

One of the most revolutionary legal changes in the past generation has been the “propertization” of intellectual property (IP). The duration and scope of rights expand without limit, and courts and companies treat IP as absolute property, bereft of any restraints. But astonishingly, scholars have not yet recognized that propertization also can lead to the narrowing of IP. In contrast to much of the literature, which criticizes the propertization of IP, this Article takes it as a given. For the transformation is irreversible, sinking its tentacles further into public and corporate consciousness (as well as the IP laws) with each passing day and precluding the likelihood that IP will return to the prepropertization era. This Article therefore ventures onto a new path, one that follows property into unexpected briar patches of limits. The secret here is that property is not as absolute as it is often claimed to be. After surveying fifty doctrines in property law, Professor Carrier synthesizes limits based on development, necessity, and equity. He then utilizes these limits to construct a new paradigm for IP. The paradigm facilitates the reorganization of defenses that courts currently recognize as well as a more robust set of defenses, which include (1) a new tripartite fair use doctrine in copyright law, (2) a new defense for public health emergencies and a recovered experimental use defense and reverse doctrine of equivalents in patent law, (3) a development-based limit to trademark dilution, and (4) a functional use defense for the right of publicity. By adopting the paradigm of property, IP has reopened the door to limits. Rediscovering these limits offers significant promise for the future of innovation and democracy

Virtual Markets for Virtual Goods: The Mirror Image of Digital Copyright?

The Internet and Copyright Law are particularly ill-suited to each other. One is designed to give as much information as possible to everyone who wants it; the other allows authors, artists and publishers to earn money by restricting the distribution of works made out of information. The beneficiaries of copyright law are lobbying for the re-design of computers and the Internet to instate content control and digital rights management (DRM). These technologies are intended to make copyright workable again by re-imposing limits on access to information goods, but they carry high direct and indirect social costs. One alternative, which has generally received much less attention and legislative support than DRM, is to allow free distribution of works for non-commercial use, while restructuring digital copyright law so as to remunerate authors in ways which avoid those exclusive rights models which are incompatible with the Internet. This paper introduces the concept of a virtual market - a decentralized, software-mediated, publicly-funded mechanism which rewards digital authorship and artistry, without restricting flows of information. The virtual market is a sort of mirror image of a real marketplace, assigning market-like valuations to works, without an actual process of exchange. The normative economic implications of these systems are considered in detail, along with some of the technological requirements and other practical aspects of their implementation. This article concludes that virtual markets avoid the very high artificial scarcity ( deadweight loss ) and infrastructure costs associated with DRM, and should be seriously considered as a public policy alternative to strengthening copyright law. Furthermore, while there is already a robust case for such alternative compensation systems for musical works, the nature of text and of DRM technology mean that, in time, the need for alternatives to exclusive rights will be even greater for written works