 Two things, virtual recitation session on Friday 11 a.m. to noon, check on FIASA for the Zoom links that will be posted, that will also be recorded and then posted online for everyone else. I'll be covering the assignment. The other thing is there's a number of the undergrad kids that are hosting assignment up sessions next week, I think four days next week, so there's a lot of availability. Three next week and then the day after. Yeah, that will be fun. So take advantage of these opportunities to ask questions, start on the home run early, don't wait till last minute. I could say that's unbelievable in the face, but cool. Okay, then let's go back to our security clearance. So somebody remind us where we left off on Tuesday. So what are we looking at? What are we trying to talk about, think about and why? You don't have to cover all of this, but some of it. We're talking about like security levels? Security levels, yeah. So in particular what kinds of or what types of security levels are we talking about? Mandatory access control example, the example is military clearance. Okay, mandatory access control, the example is military clearance, what's the difference between mandatory access control and military access control? A discretionary, users can choose to like lower all users. The owner, the owner of the file can decide the access. Yeah, exactly. Whereas in a mandatory access control, the system decides the access. So if you own the file, if you create a file, it doesn't matter, you don't get to decide who gets access to that file. Yeah, it's an important distinction to just be clear on what exactly the specific differences are in these systems. Okay, cool. So we have security levels. We've been using the example of the military immigration security levels. And so we have top secret, secret, classified and unclassified. So that's the system that we're dealing with. And we came up with this notion and we were trying to discuss and think about it. We had a system where we wanted to absolutely guarantee that no top secret information could ever flow out to somebody with a lower classification level. What rules would our mandatory access control system need to enforce? So we were thinking in terms of subjects and objects, and each of those subjects and objects has a security label associated with them. And through that, we derived basically the rules that you could read down. So if you have a top higher security level, you could read things that are at your security level or lower. You can subject, read and talk to your experience and read other topics by document. But writing only works up. So you can only write documents up. You can't write documents down, right? That violates the fundamental security policy that we've been thinking of. Cool. Anything else that I'm missing? No, no. Did I miss out? You got something deliberately that touched you? One thing I was wondering was like the UNIX bits. Yeah, we went over the UNIX bits. We're over that now. We're moving on a little bit back to the theoretical. Okay, cool. So now, and we talked about some of the problems here. So what's kind of one of the problems of this model maybe in the real world or several? So what are some of the problems? Basically it's saying people with top secret appearance can't even write emails or essays. So one problem is people with top secret clearance literally can't communicate with anybody that does not have top secret clearance. Actually being top secret doesn't mean that you need to see all the other information. Yeah, the other one is essentially the need to know the least privilege principle. So by having top secret clearance, even if you're only working on one project, this model gives you access to all the top secret information that exists. And so we can see that that's clearly a limitation of our model because we want to understand, well then, how would we try to limit that? The idea is, and kind of the way that this has come up, is ideas of security categories. So this is thinking about it. You have just security levels. It's too coarse-grained. It's hard to make fine-grained classification decisions. Some projects have access to more things than maybe they absolutely need to know. And so we can introduce this notion of security categories. So we can add this notion of categories to this notion of security levels and we can get a better system for trying to implement this notion of least privilege. And so some of the categories, I look these up. I'm not revealing any information. I also don't know any information so I can't reveal it. You can Google for different types of categories. So some of these things like Nuke would be related to nuclear stuff. NATO is a category. Man, I can't even remember what ACE is. We'll say I made that up. I think it has to do with missiles. Anybody know off the top of their head? Weird things to know. So yeah, the idea is we can assign both people, so subjects and objects. We can assign them to zero or more categories and that would define what type of access they can get. So then how do we want to think about our policy then? So what's our high-level policy security goal that we're trying to implement here with our rules that we're going to arrive in? So how does the situation change? So it used to be our security policy was we don't want any information at the higher security level to leak out to somebody with a lower security level. Is that still true? Yes. Yes, we still want that to be the case. What else do we want to be true? Yeah, so only people who need access to information are access to information and more specifically in the category, what would that mean? Yeah, people can only access objects in the same category that they are in. Yeah, so or maybe phrase the other way, we'd say objects in a specific category should only be accessed by people who have that category, right? They shouldn't leak out to people without that category. Cool. So now we need to change our notation a little bit. So now we have, for each subject and object, now it does not just have a security level, they have a level and categories. And so we have an L is the level and C is a set. So what is a set? Group of objects with no repeating elements, right? Could be an empty set, could be all of the categories, whatever. It's unordered, which means the order of the categories don't matter. But now we have this question. So now we need to think and we're going to redo this. So now we have our levels, we have the same levels. We have our categories. Right now we'll use the current example, Nuke, NATO. Also annoying, these are all caps. Ace. Cool. And we have our levels. We know, and I'll draw this kind of more as a vector because these have an ordering. Top secret, secret, classified, unclassified. And so every, so I can say, so where were our objects before, we had the, oh we didn't talk about that, okay. Cool. So now we need to think about, so now we need to start thinking about, now in this previous scenario, we had subjects and objects. So now if we have a subject with, let's say, top secret clearance and let's say Nuke, we'll try to keep this similarly. And then we have an object of top secret. Nuke, should they be allowed access? What type of access? We didn't talk about that. Hot. Let's do read. So what do you think? Yes. Yes? Why? It doesn't violate our security principle properties, right? So they have the exact top secret clearance. They have the exact set. What about, let's go, top secret, secret Nuke? Should they be able to read that? Yeah, why? So they're in the program and they're in the same category and they have a, they're trying to read a document that has lower security clearance. We already agreed in our previous model that that is correct. So we could try other versions of this. A secret with nuclear reading, a top secret with nuclear. Should we allow this? No, why not? Is any reading down? Yeah, it'd be somebody reading up, right? So they can only read down. It's something at the secret level. So even if they have the same category, right, it still should not be able to read top secret information about that category, right? So all this is showing is that our prior rules are still in effect. They should still operate exactly how we expect them to. Now we need to start thinking about, and the reason why we can see this is the categories are all the same, right? So now we need to think about different scenarios when the categories are not the same. So let's think, what about top secret, Nuke, NATO, and top secret, Nuke. Should they be able to read that? Yeah. Yes, why? Yeah, one of their categories includes what the object is, right, so they're not getting information that they don't have access to. What about, let's flip it around a little bit. What if we had somebody with top secret clearance who's only classified for Nuke, and they're reading, trying to read a document that is nuclear and NATO? No? Yes? In here resounding one way or the other. So we want to make an argument for why? The object needs to be subset of the subject. Yeah, why? So in terms of our policy, what does this violate? There's more information in the object of the subject that doesn't have access to it. Yeah, that's a great way of phrasing it. So yeah, there's more information, right? This document, whatever it is, contains information about nuclear and NATO, but we only have access to NATO. So this would give us, or we only have access to Nuke, but it gives us access to a NATO category of object that we should not be able to have access to. So this should be denied. And inherent in there you, so what was your reasoning behind that? What were you thinking about there in terms of these sets? Like the object isn't a subset of the subject. Right, so the, so kind of where you're thinking is the, let's say the subject's category must be either a subset or equal to the object category, or is it the reverse? I always mess this up, so you have to double check. You have the subjects to be bigger. Bigger, yeah. Right, so the subject, so yeah, the object, so here, object is not a super subset of the subject, which would mean we should deny it, right? So there's more information on that object. And the other case we should then think about is how does this then work with TS? Maybe we can think like this. I have no categories, but I do have top secret clearance, but I'm trying to access a secret document that's classified as Nuke. Should I allow that? But it passes this jack, right? No, it doesn't pass this jack, right? But it does pass our other reading down. So it's reading down, but because the object is, the object's category is not a subject's category, right? It doesn't contain it in there. We should not be able to access that. So even though we have the highest level clearance, we are not clear to that category. That means we cannot redocument that are in a lower security level with that category. So this is, again, how you get that nice fine-grained separation. So what's our rule then? So what's our original rule? Let's say the level, you can read if the level of the subject is, what would you say, greater than or equal to the level of the object. Is this it for them? How do we take the categories into account? Yeah. You end it with what you wrote at the top, right? End it with this thing up here? Yeah. So I guess I'm going to flip the O's and C's. I hope that's not super confusing. The category of the object needs to be a subset of the category. And then now we have our nice rule. So we still are reading down just like before. But now we have this interesting subset relationship. So there's kind of a, I want to take a little time to graph this to see what this looks like. So we have three. So could we draw just like we did with the levels? Could we draw a diagram that said kind of who, if you have what clearance, where could you read from? Can we use the line that we did before? We'll go over the top, right? So this reading down is like a graphical representation of you can read if the level of the subject is greater than or equal to the level of the object. Right? Can we do something similar with the categories? So let's think about it like this. Can we do something like this? So I say this is a set with Nuke and NATO and Ace. And then can I do Nuke, NATO and the empty set? Can I do something like a read down relationship here? So what's the problem? It's variable like you can take the case out and you can also take NATO out and you can take the Nuke out. So I have actually specified all possible combinations of these three categories, right? But can I draw that? Yeah, I can enumerate that. It's not impossible. So let's do that and see what happens. All right, I've got to plan this out for a second. I'm just going to write it again. So we'll start at the top. We have all the categories. We have Nuke, NATO, Ace. And then we have, so what do we have? Nuke and NATO with an Ace. And then we have Ace and NATO or NATO and Ace. And then what do we have at the second? So are there any more two element sets? Nope, we've got that all. So then we have Nuke, we have NATO, we have Ace. At the bottom, a peace set. Yeah, so we constructed the power set of this original set. We have all the possible subsets of that set. We can draw them. We could even draw circles around them to start making a graph. So then if we think about it, so what's the relationship like between, we'll start at the bottom, these four nodes. So if a subject has nuclear, can they read an object that has an empty set? Yeah, so we can draw an arrow down like this. What about NATO to empty set? Yeah. What about Ace to empty set? Yeah. What about nuclear to NATO? Yeah. And what about NATO to nuclear? I don't know. And the same logic applies with NATO to Ace and the Ace to NATO. So this is why we don't have a nice total ordering of all of these sets. There's no relationship between nuclear and NATO, the second tank nuclear and the second tank NATO. There's no subset of relationship there. Because neither is a subset of the other one. So there's no arrows we can draw there. So if you have nuclear clearance, it doesn't matter. No matter what security level we are, you can't access a document that just has NATO access. Cool. All right. And what do we do at this level? So nuclear and NATO. So is there an arrow down to the empty set? Yeah. Let's not draw it for now because that's going to be a lot of arrows. What about each of these? So nuclear and NATO. So is nuclear a subset of nuclear and NATO? Yeah. So we can draw an arrow here. What about this one? Yeah. Cool. And then anything that's a subset of this will be a subset of this. Right? Or the transitive. So we don't need to draw that extra line that's implied. All right. Let's finish this out. So then nuclear and Ace. Oh wait. So nuclear and NATO is Ace a subset of nuclear and NATO? No. No. So there's no arrow here. Nuclear and Ace is nuclear subset of nuclear and NATO? Yes. Mm-hmm. Yeah. What about NATO? I'll do. And Ace? Mm-hmm. All right. Final one. Going to go here and here. And last one at the top. Ah. It's going to bug me, but it's fine. Right. So what in this graph is a subset of the set nuclear and NATO and Ace? Everything. Everything, right? But we can just do draw arrows, let's say here to the top three. And then we know by transitive all those are subsets. So now we constructed a, and this is actually a, this is actually this model of the graph we're representing subset relationship or things like that comes up a lot of times in other areas of computer science. It's called the lattice. You can do things like this. It comes up in weird things like program analysis in a lot of areas where you wouldn't necessarily expect. So it's interesting to see it here come up, which is why we took a lot of time to do this and derive this. But using this, now we have this nice model of reading down, right? Graphically just like we had before, we can pick, if we know where our subject is, so then how would we do that? So let's say my subject is, this is my subject and this is my object. Can the subject read that object? No. And how would you define that in terms of this graph? Edge or path, right? The transitive nature too, because we can also see, okay, there's no path, no way that this subject can read this object, right? Cool. All right, but we're not, our policy is not just concerned about reading, right? What was the, what else are we concerned with? Writing. Writing, and now we need to consider that. And look at these scenarios and what we think about writing. Cool. Okay, so should somebody with top secret and nuclear be able to write an object of top secret and nuke? Top secret and nuke? Be able to write an object of secret and nuke? No, why not? Yeah, it violates the writing of the principle. Right, it violates the, you can only write off the principle, which we derived on Tuesday. Awesome. Cool. What about a secret with nuke? Could they write a top secret with nuke? What about top secret with nuke and nato? Could they write a document that's top secret and nuke? If we think just our old security policy, should they be able to do it? Yeah, your top secret level, you should be able to write a top secret document. But should they be able to do this now with our categories? No. No, why not? Somebody defend it. They have both nuke and nato. They have both nuke and nato? Right, so they have access to both nuclear and nato data. Am I the same logic? Why you can't create, write down? Here, they may be putting nato information into that nuclear document. Right, so this is information leaking out from one category to another category, to something we want to absolutely not allow. Okay. What about, I have top secret and nuke, can I write a document with top secret, nuke, and nato? No? I heard multiple things. Yeah. Yeah. I think you can. But say your position first. I think you can write it, because if you only have access to nuke, and then you write a native document, you're not going to leak any information that you don't have access to. Okay, so we have a position for allow. What about deny? Yeah. You can write the information from nuke to nato. So the other, the deny is that you have access to nuclear information, and you're creating a document that is both nuclear and nato. So this means somebody else wins. Okay. Yeah. Right. Okay. So yes, you almost got me. But very close. So if we think about this document here, can somebody with top secret and nato, can they read this document? No. No, because they don't have access to the nuclear information. So the only people that can read this document must have at least the set nuclear and nato. They could have other things. But that's fine for reading. It's about writing. Cool. The only, I guess the way we can reason about this, the only people that can read this document will absolutely must have access to nuclear information. There's no possible way to read this document if you don't already have access to nuclear information. The fact that we're adding additional security categories on here doesn't really matter in terms of information leakage because it's not going to leak out. Everyone agree with that? Okay, what about this? So you're a person with top secret and no categories. You want to write a secret document with nuclear. No, why no? You have to write up. You can't write down. Yeah, so from the categories it makes sense. Like we just said, yes, this should be able to do it by the categories, but the security level is also coming to play. And this would be an instance of writing top secret information to a secret document which violates our security policy. So then, just like we did before, so then what are the rules for, if we had to write this, what are the rules for writing? So we'll call this R for reading. And what about for writing? So what's our original rule? L of S is less than or equal to L of O, and we need another pause, and what? C of S is a subset of C of O. C of S is a subset or equal to C of O. And so how does that change our lattice? Yeah, it goes the opposite direction, right? So we can draw the same lattice starting from the empty set and going down, and that would say all the ways that you could write. And so we have basically, or you could flip all of the arrows here. And you can, so basically, again, we have the similar type of thing with a different model reading down and writing up. If you only have empty set permissions, you can't write to anything with permissions on it. So you can, if you have empty set, just like if you have an unclassified level, you could create documents that are top secret, even though you don't have access to that. Because that, there's still no way that top secret information is leaking out. In a similar way, if you have an empty set, right, you have no privileges, you can create a document that is nuclear, NATO, and ace, and there's no way that information is leaking out of the system, right? It's both of them are kind of a similar argument. Yeah. Yeah, we have a pair of that. So that's kind of a common utility and integrity and availability. We don't really need to attack or maybe the tragedy depends on how you want to think about that. I think right now we're only solely focused on common actualities to the detriment of real-world applicability of this model. But yes, that's definitely something you'd want to also think about as well. So you can think that, I don't know, in a situation like this, you can say no document ever actually believes it, right? We have all the history of all the documents, so there's no way somebody with a lower level could believe it Yeah. Should the right graph actually have arrows pointing to each other in the categories? Interesting. So should the right graph have arrows pointing to each other? So if... let's add that here. Do we have an example of that? We did not. Okay. I'm going to add this example here, TS. So you have top secret clearance with nuclear. You want to write to it, you want to read, we'll start with the reading. You want to read from a document that's top secret in NATO, should that be allowed? Because you'd be accessing information from the NATO category that you should not have access to, right? This violates our basic property. Okay. And then from writing, so should we be able to write nuclear information to a document that is specified in NATO? Yeah. Yes, why? By the writing rule, S is a subset or equal to the category of arrows. So the category of the subject is a nuke? Yeah. Is that a subset or equal to of NATO? Shit. You can just say no. Right? And why not? So intuitively why? Yeah. You can leak some information about nuclear to someone who only has clearance for NATO. Yeah, so the people that have read this document have access almost to NATO. You could be writing nuclear information to this document that is readable by people who don't have access to that security policy. Yeah, that was a great example. I should have come up with that. So yeah, this is why in both models this is disallowed. So you can't read from any documents like this and you also can't write to any documents like this. All right. So, yeah. So if you want a prettier version from the slides, you can look at this, although I don't know, I think it's a decent job. And this is actually one of the most famous security models in computer science. Basically, sorry, I guess not computer science, but definitely security. So everyone in security knows this. It's called the Bell Lopadula Model because I believe two people named Bell and Lopadula came up with this model in a paper. So you can do things like once you have this model, you can prove that with those rules, no information is out. But you already derived this. You're smarter than these people. So we have this. And so the other thing and the way that we'll represent this here is in terms of in lattice terminology. So dominates is what we're talking about here. So that's how you can phrase in a lattice model that this you could say the set containing NATO and ACE dominates the set containing ACE. Because of the subset or equal to operation that we're using. You could not say that NATO and ACE dominates nuclear and ACE because there's no way to compare those. You can't compare those at all. So just in this model, what we'll use is this notion of dominates. And what that means is less than the example where you can categorize the subset or equal to operation. But yeah, you basically we would derive all of this. So we have the security level and the categories. So I'll leave this here. We're not going to go over this because we just went through a bunch of examples. If you want more practice, check this out. And again, of course, this model has a lot of problems which we talked about. Clearly, it doesn't make sense to give somebody top secret clearance and say, by the way, you can no longer talk to literally anyone who does not have top secret clearance. So there is, in the real world notion, make it very clear when things are supposed to be top secret and not so that you know what information you're not supposed to leak out. There are ways of declassifying documents. The document was originally classed by the top secret level. There are ways to eventually, maybe over time or whatever, reduce the security level of that document that's done with review and maybe through redacting and removing information from that document. So it's no longer the top secret information is no longer in there. You have this interesting conundrum that maybe you don't really think about. So you, like with a physical document, let's say you have a top secret document. How do you know but you only have secret clearance, how do you know if you should read the document? Do you start reading and then stop and go, oh shit. That's probably bad. Yeah, you actually need a cover page on top of it that is unclassified or maybe classified at a certain level. Not only those people can read that specified what the security level is and what the categories are applied to that. So you can know if you should open that document or not. There's all kinds of interesting stuff in here and thinking more broadly to other types. And then the other thing I'll say very briefly is this notion, so we talked about discretionary access control is on basically the basis of all UNIX machines. Yeah, you had a question? Yeah, I was going to say what are like the consequences to this system? Like what happens if you do read, like a document you should read? I think we have some military people here. Do they know the answer to that question? You can get your clearance removed. Yeah, you can lose your clearance as well. You can get your clearance removed, you can get disciplinary action. The guy that took a picture of that in the back in the engine room with submarine and I think he got like prison time for it because whatever is back there is classified and even the manuals are classified themselves so everybody on a submarine has to have at least a secret clearance. Yeah, so yeah, big problems, right? I think it's dependent on the specific scenario and all of those things but yeah, your entire apparatus is built around keeping information secret and so you need penalties with people to violate those. That was a cool example. What was I saying? Oh yeah, Mac and Mac. So discretionary access controls on every Linux system you use, Windows systems, you use Android devices? Yeah, so there's actually two Android called I think it's SE Android for security enhanced. There's also a Mac system for SE Linux and the idea is for instance if you think about a web server a web server runs a specific user on your system but you may want to actually restrict what things they can do even further so if somebody cooperates with your web server they can't just do anything that a user can do so you can use SE Linux, security enhanced Linux to write policies that mandatory to say the web server user can only read and write to this folder and that means if anybody compromises it they can't alter and change other files on your system that even though that user should be able to have access to and the similar thing exists on Android so it locks down a lot of system services so that and this policy is actually under root too usually it adds that even if you're root you can't change and act like you can restrict what root can do and what other users can do so this is and actually the other interesting thing is this notion of mandatory access control on Unix systems came from the NSA so this idea of I think SE Linux came out of the NSA as a way to apply mandatory access control ideas to a Unix system which I think is super cool but there are other types of access control systems that we're not going to talk about but we'll talk about them briefly here we're not going to go into depth I like we did the other ones so some of the things other things and this is a big area and this makes more intuitive sense and I think when we started talking about access control people brought up examples of this we talked about with the access control matrix one of the big problems is we have every single user on it but as we talked about on a homework server there's different roles for different users we have professors TAs and students so rather than thinking about the access of every single individual person if we group them into roles we could make access control policies based on their roles so you can base and this is basically the essential idea here is create the user's permission based on the user's role so what are the benefits of this your TA can it get access to the vitality of it yeah maybe or maybe I want them to it makes it easier to administer this so if I have three TAs then I don't have to change their permissions for every single user I can specify the issue of access to this think about that multiplied by students for 370 students if I need you to have access to a file on my system adding that for all those users can be a major pain but if I just say all students now have access to this directory it just works and it updates what are some drawbacks it's difficult to get user specific so when might that come up in an organization the CEO the CEO position the CEO for the CEO position so why would because that would be an individual user or if you have the contractors come in then different contractors might have different things that's a great one people may not have well defined roles you may bring in contractors for a specific project that needs weird custom permissions that you have to create for each of these contractors I think both positive and negative it makes a hierarchy so like someone at the top could maybe have access to things that they shouldn't whereas someone at a lower role might need something vice versa yeah so it doesn't I would say it doesn't necessarily have to be in a hierarchy it can be more you can think of it a little bit in subset relationships so it may be that the administrators have access to information that marketing people don't but that marketing people have information that the admins can't necessarily directly access yeah it can be very difficult also standardizing what roles need what can be difficult you may have a marketing person actually that's probably a good example like a marketing person who's working for a specific team may be different than the marketing person that's working for the CEO even though they're technically both in the same role they have different responsibilities different things they need to have access to and so now you have to customize and tweak these individual things so anyways but it does map pretty nicely onto business and this is why it's used in a lot of businesses because it's pretty easy and so what are some examples of real systems that you use that have this notion of role-based actors in a role was that acting director? acting director definitely has this yeah what else? what about websites? ever use a website? why it's a house like a family member there's a lot of access into the house okay that's good so a house family members yeah you can group people like that or maybe kids and adults yeah a Google doc? yeah a Google doc has different roles you can own the document you can have a writer role I think they call it and a reader role so you can be able to read the document but not actually change the content of that document yeah canvas has roles my ASU has roles I see different things and you see Gradescope has roles Piazza has roles right all these things because it maps nicely to what the level that we're talking about cool yeah so that idea is creating temporary roles so yeah in all of these models I mean you could think about devolving a role-based actress control to a normal what we're talking about the matrix model by having every individual user have a role right so at that point it's the same thing right so you can express as long as you can express everything you can do in a matrix model you can do that here as well you can create customized roles for people I think the difficult thing is probably updating the maintenance of those custom roles right because they're not part of your standard thing so who's gonna go back and look and check does this person really need this access to this system is this appropriate for their role yeah it's just interesting challenge cool how do you determine complex roles how do you determine complex complex yes so let's say local admin should be able to do whatever they want on a computer however it's a network it says you cannot do XYZ yeah if you have to do system but a lot of those are you can think of as mandatory access control so that's when you on like a windows machine or even an iPhone actually so when you join like a domain like your work computer is on your work domain or whatever then administrators can put policies on your machine to specify certain things so anybody know what happens when you type in your passcode wrong on an iPhone how many times I don't know 3 times 3 times I think after 3 times it locks for 3 minutes and then you try again it locks for 5 minutes and then again it locks for 20 minutes and I think by default if you do that it keeps going for like 3 hours one of my friends was trying to play a prank on another friend got their phone and started typing in pin codes and did it again and then it's waited and did it again and then it said erasing iPhone because that's the policy that the company put on that phone because it was connected to their corporate email and so they switched these policies out and said after 4 whatever attempts wiped the device and so he freaked out a lot and had to severely apologize but I don't think any data was lost so that was fine so yeah you have to worry about so that's kind of like a mix of mandatory I think and a role based system and we could take that and they've taken this notion of roles even further so you could think of your role as one attribute of you as a user right here's my identity I am this user one of my attributes is I am the role of a professor but there's other attributes about you your person you could be thinking of things like age, ID ID number, group membership what classes you're in as a student are part of your attributes kind of some kind of the cool way we like to think about this and you can make policies that are complex boolean expressions of all of these things so you could say well the only people who should be able to access this are users of whatever this age and that are in this group or something and one of the really cool things about this one of our students was thinking about and doing some research so you can also we'll get the crypto net you can cryptographically verify that these are actually what they like that that you have this attribute so for instance theoretically when you what's the policy on purchasing alcohol in Arizona you have to be 21 or older that's an attribute of yourself how do you prove that you're 21 and older you give them your ID what else is on that ID your ID is something that just says yes you're over 21 what says that what else does it have on it your birthday, your picture, your name could make your social securities I don't think it's a social security no it could it's not the option to do that I documented can present so the idea is you're giving all of these attributes this large set of attributes to a person to verify only one of those attributes would it be cool if you could just I don't know send them something on your phone that the state has actually verified cryptographically verified you are of age and that's the only piece of information they learn about you they don't learn about your name or anything else just from looking at your ID anyway it's kind of thinking of that notion in terms of attribute-based access control so you only check the attributes that you actually need and you don't care about anything else so is that basically automatically assigning roles part of it it's expanding that more broadly and thinking your role is only one attribute of you as a user other context we've thought about this is in terms of complex like research networks between multiple institutions so what they do is they set up these like huge pipes that can you're doing physics research which generates terabytes and terabytes of data but you need to share that with collaborators so the question is how do you fairly share this information like this pipe that you all purchase and spend on a multiple million dollar amount so you can think of attributes of you, your project, your traffic and define rules that say it's a super high priority then it gets the most access but if the bandwidth being used is less than a certain amount then you have access and so you can create these complex policies around these notions of attributes so going to extend beyond the user it can be situations specific, all kinds of stuff plus you and so kind of then looking forward so kind of some of the research that's being done in access control is around this notion of usability so we talked about actually we even discussed usability we were thinking about access control list, capability list we looked at these models and we tried to see I don't know how usable would it be to write some policy or change something right so there's interesting ways there's a whole language in XML to write and a standard language to define access control policies in XML but writing XML for access control policies can be a huge pain and it's very much a specialized thing and so there's a lot of research into like how do you make it so that normal people can write these policies that they want flexibility so how flexible is your access control system this is what we talked about a little bit with the problem of the UNIX model of being able to create these custom subsets of groups that need access to things expressiveness this is again what we talked about what type of things can your model express or not express what kind of policies do you want and how easy or difficult is it to get those policies and the other interesting thing is the notion of federation and this means you have two entities that want to work together how do they share or map access with each other so one of the interesting things is when you're signing with Google or signing with Facebook as part of a web service so you're essentially logging onto Facebook and Facebook is telling this website yes you are this user I have verified it and then that website has to trust that from Facebook and they can get information about you from Facebook but you can actually control what information this website gets so there's complex kind of access control in these two competing organizations how do you do that, how do you manage that is kind of a complex interesting problem there's a lot of problems to be solved here one of the cool things that one of our postdocs is working on is how to do access control in terms of I think first they were looking at augmented reality so specifically games like Pokemon Go because a lot of places don't want them to be a they don't want people coming inside to look for Pokemon like in the middle of a class or something so how could like ASU say a geographic location like Armstrong Hall during these times should not be accessible and then how do you actually enforce that on the system, all this kind of stuff so there's interesting research here to be done any questions on access control alright ready for some crypto but you don't really have a choice so you might as well say yes that's not true you can always leave, I won't be offended alright actually you know what same video, I don't care that much so now we're going to get into cryptography what the heck is cryptography so what do you think, you've been alive for a certain number of years you've probably heard this term before what does it mean to you have you ever said it in this class you do not know what I said like using math to make and break code using math to make and break code and talking about programming code different type of code concealing information reversible but hard to reverse engineer processes some notion of hiding information hiding information using math so that's what we think of when we think about codes what else like concealing information maybe concealing information through a public channel so not just concealing information by putting it in my pocket but if I have some information and I don't want to get too much into the terms yet but I encoded it let's say although we're going to get rid of that word and I put it on the screen none of you should be able to figure out what that means or maybe you can if I told you my secret or something what else sometimes verifying who sent the message maybe we want to verify who sent the message maybe we want to verify that this user actually did send this message and it's not spooked by somebody else use the version that comes in line when it's like a seizure cypher yeah we'll get into that yeah so simple old school type of cypher yeah do you use cryptography in your data lake are you writing those to each other in secret when do you use it yeah it depends yeah so we like them to be some are so I think what's happening has to end to end encryption so everyone in that group so not even what that should be able to know I don't know all the specifics there I have signals probably the best known one that actually does secrecy and encryption really well iNesset is also encrypted but I don't know the exact all the details there but just an sms is not true you would really hope yes iNesset yeah anytime you access an htps page yeah anytime you access an htps website so this is not just securing your communication from people listening to it but also verifying the identity so it's doing both of those things we want verifying the identity that this website you are actually talking to google.com and it's accurate and tricky to go to my site cool nobody mentioned like bitcoin or any kind of crypto currencies this is not cool anymore is that it's really big for a long time now none of the students I guess seem to care I just recently did my practice actually last night and one of the questions on there I think I cannot do a practice if that's the question the question on there which I've never seen was have you gamed any money off of your crypto I thought that was weird yeah I mean it's something you have to do before anyways but I guess a lot of people don't what's the point of crypto currencies no you're still making money from selling something so it doesn't matter that it's a crypto currency by owning it you would not have to report that it's kind of like the same thing it's in plain sight but it's not a simple trick to just decode it whether it's your wallet address or yeah so crypto currencies they use a lot of cryptography let's say but they're not necessarily cryptography itself every time we speak over the phone our messages are encoded so that the channels can convey our message to the end user and then it's encoded on the other side correct but it's actually not cryptographically encoded so anybody can tap it and listen to your phone calls but people well not anybody you need a lot of special privileges but yeah there is no end to end encryption on phone calls I think things like WhatsApp calling are encrypted though but I don't know that for a fact check some files so verifying that a file you download is actually what the site says that it should be so that's exactly the same anybody use git or github yeah you can see those funky hexadecimal letters on every commit right that's a cryptographic hash and you can easily identify it when you SSH into like the general server yeah when you SSH into any server band it you've all done that so you definitely like the first S stands for secure so it's secure shell that's what SSH stands for yeah about like a FaceTime or Skype I think so there's multiple different types let's say when I say end to end I mean not even a signal or let's get back a space look could read what your communication is I think the way Skype works I know it's peer-to-peer yeah it may be encrypted I'm not 100% sure what was the other one FaceTime I don't know the details it might be email email that is true okay so proton mail is encrypted on their servers so they can't see what emails you have but when you send an email with proton it's getting sent to the other person in the clear if you send it to somebody else who uses your proton ah there you go proton to proton yeah where does like a security through like obscurity fall like if someone's using like a messaging service through something that no one knows to the point that no one ever looks into we'll talk about it but it's bad so security up through obscurity is no security basically so there have been cases of criminals using like xbox live to chat with each other and stuff like that but they you know as soon as you're big enough to identify they will identify if I do immediately it's especially bad with using a centralized service because they can go with a subpoena to Microsoft and say hey we need all the messages that were sent between these users and Microsoft will give it to them because they have that data hopefully passwords hopefully passwords yeah we'll talk about passwords too the torrent protocol I don't know that it's encrypted by default you can encrypt it but you do have to verify I think with a hash cryptographic hash that the file that you downloaded is the right file or chunk not the whole file but in the chunks yeah there's an option I think to encrypt your torrent connection but I don't know that it's on my default card you hope something is going on like you know the longer version is it's complicated the shorter version especially with the chip and pin so when you have the chip there it does some crypto stuff to verify that I think it does an actual computation on that little chip but even your SIM card there's certain operations that can happen on your SIM card so yeah there's stuff that happens there as well there's I did say okay phone calls I guess I misled a little bit your communication from your phone usually to the tower is encrypted but the tricky thing is somebody with a tower which costs like $200-$250 to make your own they can trick you to connect to your tower with your phone to automatically to the closest and strongest they can tell you tell your phone that this tower doesn't support any encryption so your phone will say great okay here's my call we'll do everything over that I wanted to get to the tower and then to the telcos then it's basically no encryption I didn't know this phone but facebook messenger has an intent on encryption oh facebook messenger that makes sense because they bought whatsapp and whatsapp had intent on encryption yeah cool so we can break it down a little bit you require an intent on encryption to be sending data but you're not encrypted how does that mean I have no idea yeah the fax is definitely not a secure form of encryption it's possible I mean they could have secured fax vertical I don't know if they actually use it because it's really bad it's like an image of the thing being encrypted over a telephone line so it's just like any other matter you could encrypt it it's just an old policy thing probably that like a legacy thing when they say faxes are fine because if we said they're not fine everything would blow up as a fax because they had to have it last year so yeah that makes sense so if we look at the term cryptography itself and I'm going to be Greek but it's derived from the Greek words of hidden secret and writing so there's kind of all these notions we've been talking about we want to keep things secret so this is where we're going to really start to focus on confidentiality but we'll also look at integrity that actually cryptography can help us in terms of integrity so we can answer the question of how do we keep information secret or hidden that we want to and this again also has a notion a little bit of access control we need to think about who should have access to this so that's kind of why we're going in this progression so we'll define some terms so encryption and this is what we'll start using from now on so it can be very clear when we're talking about cryptography oh maybe I should say it when I get there but I'm also not a cryptographer in case you don't know so I know how to use cryptographic elements I know what they're supposed to do what they should do I don't understand the math to be able to prove it to you of why they do certain things so we will take commonly accepted things as truths there's crypto people there they're very math oriented I can still teach you some stuff hopefully so encryption so basically we can think of it as transforming a message such that its information is hidden so we want to take a and we'll define other terms we want to take a message and we want to encrypt it so that no one else can read it or that very few people can read it and then decryption is going to be the reverse so taking some information that's been encrypted and we want to decrypt it back to the original message questions on this? encryption, decryption ok then we're going to talk about and we're going to study and look at several types of crypto systems so basically systems that describe how to encrypt or end usually decrypt messages so we'll look at several different types of crypto systems starting from early ones you're going to be able to break your homework assignment will be breaking these early crypto systems and so every crypto system we think of we'll talk about different types of things we'll talk about plain text so plain text is the message in its original form so this is a whatever message you're trying to send it could be text it could be a fax it could be an email it could be a jpeg which is a certain file format composed of a bunch of different bytes whatever it is, plain text cypher text is going to be the message in its encrypted form so we take the plain text we encrypt it we get cypher text we decrypt that and now we get plain text cool, good a cryptographer someone who invents encryption algorithms as I'm going to hopefully pound into your brains by the end of this you should not do this do not create cryptographic algorithms unless you're doing it just for fun there's been tons and tons of breaks of cryptography systems the most recent one was did you hear about the Windows one so there was this massive vulnerability that they found that essentially in some elliptic herb cryptosystem that Microsoft supported the attacker could supply one of the parameters that they shouldn't be able to supply and that would let them essentially let an attacker decrypt or make the system think that it's going to be proven to find and really the attacker is broken so it would allow them to intercept the Windows update that would be able to put in any kind of updates it would allow them to break any H2BS site that you were visiting by forging a certificate that your computer would think was legit of all kinds of massive math this just came out like three weeks ago I think I'll send out make a post on Piazza even very, very, very smart people and those can often have flaws so it's especially true in the cryptocurrency realm where people do weird stuff that doesn't make sense and it turns out to have vulnerabilities cryptanalysts is somebody on the more black hat side to break either encryption algorithms or implementations so cryptographers build things cryptanalysts analyze things try to find vulnerabilities all that kind of stuff questions plaintext, encrypt, psychrotex, decrypt, plaintext okay so some of the benefits we're going to get out of cryptography as we talk about confidentiality that's going to be the main focus we want to keep secret information secret this is the goal we want, also we'll see notions of integrity so we'll see and this kind of let's say for example, we have some message so we have the plaintext message it's been encrypted now what if an attacker takes that psychrotex and just randomly changes things when we decrypt that how do we know that the person originally tried to send us this thing if our cryptic system is good it should decrypt to garbage but how do we know they weren't trying to send us garbage in the first place how do we know that it hasn't been tampered with in certain schemes there's like signing we'll get into it this is the question that we're going to definitely try to answer and why it's important to have them in a cryptic system exactly and we'll also see authentications, we're going to study authentication next so we can understand how crypto actually supports authentication so a lot of these things we talk about caching and everything or cryptography basis and non-recudiation is another interesting one so this is, again, we could have a scenario where I can send a message to the class and I can't ever say, well I never sent that message you can have cryptographic mathematically verified proof that says I sent that message so like, no takes in vaccines I guess it's how you think about that alright, we'll define a crypto system as a quintuple we'll define things, don't freak out we have a set of plain text so this is M M is a set of basically what's the language of our plain text we have some set of keys what are the keys to this crypto system we can have a set of psychrotex, that's going to be the output of our encryption function and we have an encryption function so you can think of an encryption function literally as a function so if you're not used to reading this type of syntax you can think of it as E is a function that takes in two parameters, one from M one from K and output C so what does that mean in our system it takes in a plain text and a key and output psychrotex it's exactly just more formal notation than what we were talking about but it's exactly what we would want from an encryption function the other important thing so it's a mathematical function so what does that mean different from like a function that you would write in your code yeah, exactly, or the same input always gives you the same output there's no global state the way in programming there's no global variables whatever these two inputs are you're given the exact same plain text, the exact same key will produce the same psychrotex or possibly, but yes it's a function of those things that gives you output there's no global things in there just trying to help you think about mathematical functions and how they map to what you do so the encryption function takes in a psychrotex and a good crypto system should be that if we well, if we use the right, if we have the key that was used in the, wow, I don't want to say this it's not true for everything but we want n to be the same, let's say this we take the psychrotex the correct key and that gives us the right message the original plain text message cool we will go very briefly over Caesar Cypher I want you to be thinking about this, I'm going to ask somebody to remind me if I don't remember but I probably will think about if you've ever invented a crypto system I want to hear about it on Tuesday but one of the most famous and oldest crypto systems is what's known as the Caesar Cypher and this comes from literally Julius Caesar's day you can think of it, it's kind of impressive even back then, probably writing itself was a cypher you could write something and not many people could read but you still want to maybe send a message to your generals and you want it to be that nobody can intercept that message and read what was going on, right? so we had a simple crypto system so I like that if you have anything confidential to say he wrote it in a cypher, that is by so changing the order of the letters in the alphabet that not a word could be made out if anyone wishes to decipher these and get at their meaning he must substitute the fourth letter the alphabet, namely D for A and so on with the other so what is this describing? so you shift all the characters in a message by a set amount so in this case the key would be 4 so when you're encrypting the message every A you shift 4 letter overs to D and so on and so forth for all the other letters so we can actually think about this in terms of our crypto system we have messages so we can't consider A through Z we can't consider uppercase versus lowercase because we're only picking A through Z so our messages are combined of only sequences of letters so this defines what type of language our crypto system works with our key is an integer from 0 to 25 why does 26 not make sense? or 27 or 28? because it's also represented by the key 0, 1, 2 because if you do it 27 times we're going to wrap around then our encryption becomes exactly what we talked about so if we want to encrypt with the key K for all letters M in the message we encrypt it by doing M plus K so if we think of A as 0 we would add 4 to it which becomes D mod 26 which wraps us all the way around at the end so that Z plus 4 would be C is that right? and then we have to decrypt so then how do we decrypt this system? what do we need to decrypt it? we need the key if we know the key is 4 we can decrypt by moving every letter back so we can write back here as just a 26 plus C minus K mod 26 whatever but you can think of it just moving along that line and our cyber text is the same as the set is the same so here's how to attack this and I'll see you on Tuesday