Blind processing: Securing data against system administrators

Multi-owner systems such as power grid need information from all parties to operate efficiently. However, in general, information sharing is limited by market and other constraints. In addition, the emerging problem of demand side management in distribution systems as a part of “smarter grid” efforts, secure communication and execution between the utilities and the customers is required to ensure the privacy. In this paper, we propose blind processing, a novel communication and execution approach for entities that compete with each other but need to cooperate for the overall good of the system. Our goal is to allow information exchange between system components with protection mechanisms against everyone including system administrators. Shielding information will prevent gaining access to the sensitive data while providing a complete picture of the whole system in computations. Such a security mechanism can be provided by employing the functionality of Trusted Computing, a security technology that utilizes hardware and software modules to improve the trustworthiness of a system.

[1]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[2]  William A. Arbaugh,et al.  A secure and reliable bootstrap architecture , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[3]  M. Schunter,et al.  An Open Trusted Computing Architecture — Secure Virtual Machines Enabling User-Defined Policy Enforcement , 2006 .

[4]  Siani Pearson,et al.  On enhancing biometric authentication with data protection , 2000, KES'2000. Fourth International Conference on Knowledge-Based Intelligent Engineering Systems and Allied Technologies. Proceedings (Cat. No.00TH8516).

[5]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[6]  D. Ernst,et al.  Contingency Filtering Techniques for Preventive Security-Constrained Optimal Power Flow , 2007, IEEE Transactions on Power Systems.

[7]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[8]  Trent Jaeger,et al.  Attestation-based policy enforcement for remote access , 2004, CCS '04.

[9]  Ulrich Kühn,et al.  Realizing property-based attestation and sealing with commonly available hard- and software , 2007, STC '07.

[10]  Birgit Pfitzmann,et al.  The PERSEUS System Architecture , 2001 .

[11]  Siani Pearson,et al.  Towards accountable management of identity and privacy: sticky policies and enforceable tracing services , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[12]  Sean W. Smith,et al.  Building the IBM 4758 Secure Coprocessor , 2001, Computer.

[13]  Radia J. Perlman,et al.  Network security - private communication in a public world , 2002, Prentice Hall series in computer networking and distributed systems.

[14]  Jean-Pierre Seifert,et al.  Model-based behavioral attestation , 2008, SACMAT '08.

[15]  Boris Balacheff,et al.  A trusted process to digitally sign a document , 2001, NSPW '01.

[16]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[17]  Gerwin Klein,et al.  Running the manual: an approach to high-assurance microkernel development , 2006, Haskell '06.

[18]  Trent Jaeger,et al.  PRIMA: policy-reduced integrity measurement architecture , 2006, SACMAT '06.

[19]  Peter M. Chen,et al.  Pocket Hypervisors: Opportunities and Challenges , 2007 .

[20]  Fred C. Schweppe,et al.  Power System Static-State Estimation, Part I: Exact Model , 1970 .

[21]  Pandelis N. Biskas,et al.  Decentralised security constrained DC-OPF of interconnected power systems , 2004 .

[22]  Siani Pearson,et al.  A Privacy-Enhanced Peer-to-Peer Reputation System , 2003, EC-Web.

[23]  Siani Pearson How trusted computers can enhance privacy preserving mobile applications , 2005, Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks.

[24]  Coroiu Nicolae,et al.  SCADA: Supervisory Control and Data Acquisition , 2015 .

[25]  Timothy Fraser,et al.  LOMAC: Low Water-Mark integrity protection for COTS environments , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[26]  Hermann Härtig,et al.  The Nizza secure-system architecture , 2005, 2005 International Conference on Collaborative Computing: Networking, Applications and Worksharing.

[27]  Emanuele Cesena,et al.  Secure storage using a sealing proxy , 2008, EUROSEC '08.

[28]  Kenneth G. Paterson,et al.  e-EMV: emulating EMV for internet payments with trusted computing technologies , 2008, STC '08.

[29]  Mark Ryan,et al.  Direct Anonymous Attestation (DAA): Ensuring Privacy with Corrupt Administrators , 2007, ESAS.

[30]  Fei Yan,et al.  Daonity: grid security with behaviour conformity from trusted computing , 2006, STC '06.

[31]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2002, Journal of Cryptology.

[32]  Gernot Heiser,et al.  Camkes: a Component Model for Secure Microkernel-based Emebedded Systems , 2007 .

[33]  M. Amin,et al.  Security challenges for the electricity infrastructure , 2002 .

[34]  Adrian Perrig,et al.  Turtles all the way down: research challenges in user-based attestation , 2007, WRAITS '08.

[35]  William Yurcik,et al.  Outsourcing Security Analysis with Anonymized Logs , 2006, 2006 Securecomm and Workshops.

[36]  Mike Bond,et al.  Cryptographic Processors-A Survey , 2006, Proceedings of the IEEE.

[37]  Chris J. Mitchell,et al.  Trusted Computing: Security and Applications , 2009, Cryptologia.

[38]  Stefan M. Petters,et al.  Towards trustworthy computing systems: taking microkernels to the next level , 2007, OPSR.

[39]  Andrew P. Martin,et al.  Grid security: Next steps , 2007, Inf. Secur. Tech. Rep..

[40]  Sean W. Smith Outbound authentication for programmable secure coprocessors , 2004, International Journal of Information Security.

[41]  Roger S. Pressman,et al.  Software Engineering: A Practitioner's Approach , 1982 .

[42]  Steve H. Weingart Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences , 2000, CHES.

[43]  William F. Tinney,et al.  State Estimation in Power Systems Part II: Implementation and Applications , 1970 .

[44]  Nicolai Kuntze,et al.  Trusted Ticket Systems and Applications , 2007, SEC.

[45]  Stefan Berger,et al.  Towards Trustworthy Kiosk Computing , 2007, Eighth IEEE Workshop on Mobile Computing Systems and Applications.

[46]  Michael K. Reiter,et al.  Seeing-is-believing: using camera phones for human-verifiable authentication , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[47]  S. Hurd,et al.  Tutorial: Security in Electric Utility Control Systems , 2008, 2008 61st Annual Conference for Protective Relay Engineers.

[48]  Christian Stüble,et al.  User-Friendly and Secure TPM-based Hard Disk Key Management , 2009 .

[49]  Xiaohong Guan,et al.  The conditions for obtaining feasible solutions to security-constrained unit commitment problems , 2005, IEEE Transactions on Power Systems.

[50]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[51]  Trent Jaeger,et al.  Shame on Trust in Distributed Systems , 2006, HotSec.

[52]  Kenneth G. Paterson,et al.  Trusted computing: providing security for peer-to-peer networks , 2005, Fifth IEEE International Conference on Peer-to-Peer Computing (P2P'05).

[53]  Chris J. Mitchell,et al.  Single Sign-On Using Trusted Platforms , 2003, ISC.

[54]  Miodrag Potkonjak,et al.  Enabling trusted software integrity , 2002, ASPLOS X.

[55]  Brian A. LaMacchia Key Challenges in DRM: An Industry Perspective , 2002, Digital Rights Management Workshop.

[56]  Paul England,et al.  NGSCB: A Trusted Open System , 2004, ACISP.

[57]  Elaine Shi,et al.  BIND: a fine-grained attestation service for secure distributed systems , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[58]  Stefan Katzenbeisser,et al.  Improving the scalability of platform attestation , 2008, STC '08.

[59]  Ahmad-Reza Sadeghi,et al.  Enhancing Grid Security Using Trusted Virtualization , 2007, ATC.

[60]  Victor K.-W. Wei,et al.  Short Linkable Ring Signatures for E-Voting, E-Cash and Attestation , 2005, ISPEC.

[61]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.

[62]  R. H. Kerr,et al.  Unit commitment , 1966, Mathematical Programming for Power Systems Operation with Applications in Python.

[63]  G. Edward Suh,et al.  Aegis: A Single-Chip Secure Processor , 2007, IEEE Design & Test of Computers.

[64]  Balho H. Kim,et al.  A fast distributed implementation of optimal power flow , 1999 .

[65]  Scott A. Rotondo Trusted Computing Group , 2011, Encyclopedia of Cryptography and Security.

[66]  Ruby B. Lee,et al.  Architecture for protecting critical secrets in microprocessors , 2005, 32nd International Symposium on Computer Architecture (ISCA'05).

[67]  Rakesh Bobba,et al.  PBES: a policy based encryption system with application to data sharing in the power grid , 2009, ASIACCS '09.

[68]  Srinivas Devadas,et al.  Offline untrusted storage with immediate detection of forking and replay attacks , 2007, STC '07.

[69]  Stefan Berger,et al.  vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.

[70]  Siani Pearson,et al.  Trusted Computing Platforms: TCPA Technology in Context , 2002 .

[71]  Christine Julien,et al.  A secure modular mobile agent system , 2006, SELMAS '06.

[72]  Tal Garfinkel,et al.  Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[73]  Armin B. Cremers,et al.  Protecting the Creation of Digital Signatures with Trusted Computing Platform Technology Against Attacks by Trojan Horse Programs , 2001, SEC.