Skip to main content
SpringerLink
Log in

Dancing with the Adversary: A Tale of Wimps and Giants

  • Conference paper
  • First Online:
Security Protocols XXII (Security Protocols 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8809))

Included in the following conference series:

Abstract

The long-standing requirement that system and network designs must include accurate and complete adversary definitions from inception remains unmet on commodity platforms; e.g., on commodity operating systems, network protocols, and applications. A way to provide such definitions is to (1) partition commodity software into “wimps” (i.e., small software components with rather limited function and high-assurance security properties) and “giants” (i.e., large commodity software systems, with low/no assurance of security); and (2) limit the obligation of definining the adversary to wimps while realistically assuming that the giants are adversary controlled. We provide a structure for accurate and complete adversary definitions that yields basic security properties and metrics for wimps. Then we argue that wimps must collaborate (“dance”) with giants, namely compose with adversary code across protection interfaces, and illustrate some of the salient features of the wimp-giant composition. We extend the wimp-giant metaphor to security protocols in networks of humans and computers where compelling services, possibly under the control of an adversary, are offered to unsuspecting users. Although these protocols have safe states whereby a participant can establish temporary beliefs in the adversary’s trustworthiness, reasoning about such states requires techniques from other fields, such as behavioral economics, rather than traditional security and cryptography.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Amoroso, E.G.: Fundamentals of Computer Security Technology, pp, 15–29. Prentice-Hall (1994) ISBN0131089293

    Google Scholar 

  2. Bishop, M., Dilger, M.: Checking for race conditions in file accesses. Comput. Syst. 9(2), 131–152 (1996)

    Google Scholar 

  3. van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: FlipIt: the game of “Stealthy Takeover.” J. Cryptology 26(4), 655–713 (2013). (also in IACR Cryptology ePrint Archive, Report 2012/103, 2012)

    Google Scholar 

  4. Gligor, V.D., Lindsay, B.G.: Object migration and authentication. IEEE Trans. Softw. Eng. SE–5(6), 607–611 (1979)

    Article  Google Scholar 

  5. Gligor, V.D.: On the evolution of adversary models in security protocols (or Know Your Friend and Foe Alike). In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2005. LNCS, vol. 4631, pp. 276–283. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  6. Gligor, V.D.: Security limitations of virtualization and how to overcome them. In: Proceedings of the 18th International Workshop on Security Protocols (SPW-18). LNCS, Cambridge University, UK, vol. 7061. Springer, March 2010

    Google Scholar 

  7. Gligor, V., Wing, J.M.: Towards a theory of trust in networks of humans and computers (transcript of discussion). In: Christianson, B., Crispo, B., Malcolm, J., Stajano, F. (eds.) Security Protocols 2011. LNCS, vol. 7114, pp. 223–242. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  8. Gupta, S., Gligor, V.D.: Experience with a penetration analysis method and tool. In: Proceedings of the 1992 National Computer Security Conference, Baltimore, Maryland, pp. 165–183 (1992)

    Google Scholar 

  9. Howard, M., Pincus, J., Wing, J.M.: Measuring relative attack surfaces. In: Lee, D.T., Shieh, S.P., Tygar, J.D. (eds.) Computer Security in the 21st Century, chap. 8, pp. 109–137. Springer, New York (2005)

    Chapter  Google Scholar 

  10. Hutchins, E.M., Clopper, M.J., Amin, R.M.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion Kill Chains. In: Proceedings of the 6th Annual International Conference on Information Warfare and Security, Washington, DC (2011)

    Google Scholar 

  11. Kim, T.H.-J., Gligor, V., Perrig, A.: Street-level trust semantics for attribute authentication (transcript of discussion). In: Christianson, B., Malcolm, J., Stajano, F., Anderson, J. (eds.) Security Protocols 2012. LNCS, vol. 7622, pp. 96–115. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  12. Lampson, B.W.: Software components: Only the giants survive. In: Computer Systems: Theory, Technology, and Applications, pp. 137–145. Springer, New York (2004)

    Google Scholar 

  13. Lampson, B.W.: Usable security: how to get it. Commun. ACM 52, 25–27 (2009)

    Article  Google Scholar 

  14. Li, Y., McCune, J., Perrig, A.: VIPER: verifying the integrity of peripherals firmware. In: Proceedings of the ACM Conference on Computer and Communications Security (2011)

    Google Scholar 

  15. Manadhata, P.K., Karabulut, Y., Wing, J.M.: Report: measuring the attack surfaces of enterprise software. In: Massacci, F., Redwine Jr., S.T., Zannone, N. (eds.) ESSoS 2009. LNCS, vol. 5429, pp. 91–100. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  16. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  17. McCune, J., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: efficient TCB reduction and attestation. In: CMU-CyLab-09-003, March, 2009. (also in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2010)

    Google Scholar 

  18. Parno, B., McCune, J.M., Perrig, A.: Bootstrapping trust in commodity computers. In: Proceedings of the IEEE Symposium on Security and Privacy, May 2010

    Google Scholar 

  19. Rogaway, P.: On the role definitions in and beyond cryptography. In: Maher, M.J. (ed.) ASIAN 2004. LNCS, vol. 3321, pp. 13–32. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  20. Rushby, J.M.: Separation and Integration in MILS (The MILS Constitution). Technical report, SRI-CSL-TR-08-XX, Feb 2008

    Google Scholar 

  21. Parno, B., Lorch, J., Douceur, J., Mickens, J., McCune, J.: Memoir: practical state continuity for protected modules. In: Proceedings of the IEEE Symposium on Security and Privacy (2011)

    Google Scholar 

  22. Vasudevan, A., Chaki, S., Jia, L., McCune, L.J., Newsome, J., Datta, A.: Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework. In: Proceedings of the IEEE Symposium on Security and Privacy (2013)

    Google Scholar 

  23. Vasudevan, A., Parno, B., Qu, N., Gligor, V., Perrig, A.: Lockdown: a safe and practical environment for security applications. In: CMU-CyLab-09-011, 14 July 2009. (Also in Proceedings of TRUST, Vienna, Austria, 2012)

    Google Scholar 

  24. Schneier, B.: Attack trees. Dr. Dobb’s J. 24(12), 21–29 (1999)

    Google Scholar 

  25. Weiss, J.D.: A system security engineering process. In: Proceedings of the 14th National Computer Security Conference, Baltimore, Maryland (1991)

    Google Scholar 

  26. Zhao, J., Gligor, V., Perrig, A., Newsome, J.: ReDABLS: revisiting device attestation with bounded leakage of secrets. In: Christianson, B., Malcolm, J., Stajano, F., Anderson, J., Bonneau, J. (eds.) Security Protocols 2013. LNCS, vol. 8263, pp. 94–114. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  27. Zhou, Z., Gligor, V., Newsome, J., McCune, J.: Building verifiable trusted path on commodity x86 computers. In: Proceedings of the IEEE Symposium on Security and Privacy (2012)

    Google Scholar 

  28. Zhou, Z., Han, J., Lin, Y.-H., Perrig, A., Gligor, V.: KISS: “key it simple and secure” corporate key management. In: Huth, M., Asokan, N., Čapkun, S., Flechais, I., Coles-Kemp, L. (eds.) TRUST 2013. LNCS, vol. 7904, pp. 1–18. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  29. Zhou, Z., Miao, Y.: Dancing with giants: wimpy kernels for on-demand isolated I/O on commodity platforms. In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, CA (2014)

    Google Scholar 

Download references

Acknowledgments

This paper benefitted from discussions and joint work with Min Suk Kang, Miao Yu, Jun Zhao, and Zongwei Zhou. Their insights are gratefully acknowledged. This work was supported in part by the National Science Foundation (NSF) under grant CCF-0424422 and a gift from Intel Corporation at CyLab. The views and conclusions contained in this document are those of the author and should not be interpreted as representing the official policies, either expressed or implied, of any sponsoring institution, the U.S. government or any other entity.

Author information

Authors and Affiliations

  1. Carnegie Mellon University, Pittsburgh, PA, 15213, USA

    Virgil Gligor

Authors
  1. Virgil Gligor
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Virgil Gligor .

Editor information

Editors and Affiliations

  1. University of Hertfordshire, Hertfordshire, United Kingdom

    Bruce Christianson

  2. University of Hertfordshire, Hertfordshire, United Kingdom

    James Malcolm

  3. Masaryk University Faculty of Informatics, Brno, Czech Republic

    Vashek Matyáš

  4. Masaryk University Faculty of Informatics, Brno, Czech Republic

    Petr Švenda

  5. University of Cambridge, Cambridge, United Kingdom

    Frank Stajano

  6. Memorial University of Newfoundland, St. John's, Newfoundland and Labrador, Canada

    Jonathan Anderson

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Gligor, V. (2014). Dancing with the Adversary: A Tale of Wimps and Giants. In: Christianson, B., Malcolm, J., Matyáš, V., Švenda, P., Stajano, F., Anderson, J. (eds) Security Protocols XXII. Security Protocols 2014. Lecture Notes in Computer Science(), vol 8809. Springer, Cham. https://doi.org/10.1007/978-3-319-12400-1_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-12400-1_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-12399-8

  • Online ISBN: 978-3-319-12400-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation