Toward Sensitive Information Redaction

700 views

Published on

Published in: Self Improvement, Technology
1 Comment
0 Likes
Statistics
Notes
  • Please use a free license, I would Like to upload these slides to Commons and add them in Wikimania wiki.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total views
700
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
5
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Toward Sensitive Information Redaction

  1. 1. Toward Sensitive Information Redaction in a Collaborative, Multilevel Security Environment Peter Gehres, Nathan Singleton, George Louthan, John Hale WikiSym 2010, Gdansk, Poland, July 8, 2010 Computer Science / www.isec.utulsa.edu
  2. 2. Overview •  Background •  Related Work •  Motivation •  SecureWiki •  Challenges •  Potential Environments •  Acknowledgments Computer Science / www.isec.utulsa.edu
  3. 3. Background •  Multilevel Security (MLS) –  Traditional military security model –  Each object is described by •  Sensitivity level (unclassified, confidential, secret, top secret) •  Compartments (e.g nuclear, europe, missle defense) •  Bell-La Padula –  Based on the MLS model –  Read Down –  Write Up Computer Science / www.isec.utulsa.edu
  4. 4. Background, cont. •  Text Redaction –  Tradtional redaction •  Black out using a marker •  Cut out using scissors –  Digital techniques •  Remove the underlying data •  Challenges: –  Metadata –  Incomplete redaction An example of traditional redaction Computer Science / www.isec.utulsa.edu
  5. 5. Related Work •  Intellipedia –  Based on MediaWiki –  Three distinct wikis for unclassified, confidential and secret on separate physical networks –  Problem: Many places to go for information on a single subject Computer Science / www.isec.utulsa.edu
  6. 6. Related Work •  Tearline Wiki –  Aggregates multiple wikis with "tear lines" between the classifications –  Problems •  Information is still segregated •  Still in testing at the NSA •  Proprietary technology From Galois Brief, “Tearline Wiki: Information collaboration across security domains” Computer Science / www.isec.utulsa.edu
  7. 7. Motivations •  To promote information sharing in sensitive environments –  Government –  Healthcare –  Corporate Intellectual Property •  To combine all information about a subject into a single, consolidated view by increasing granularity Computer Science / www.isec.utulsa.edu
  8. 8. SecureWiki - Architecture •  Store all article markup in separate data store •  Generate keys to indicate redacted text in markup •  Store keys in key store and generate tokens used to replace markup in page (mapped to a key by the key store) •  Replace tokens with markup during render of page (after checking authentication) Computer Science / www.isec.utulsa.edu
  9. 9. SecureWiki Architecture Diagram Computer Science / www.isec.utulsa.edu
  10. 10. SecureWiki - Example Excerpt from http://en.wikipedia.org/wiki/KFC Computer Science / www.isec.utulsa.edu
  11. 11. Initial Page Request SECRET Computer Science / www.isec.utulsa.edu
  12. 12. Initial Page Request SECRET Computer Science / www.isec.utulsa.edu
  13. 13. The “Unclassified” Recipe Computer Science / www.isec.utulsa.edu
  14. 14. Wiki Markup [snip] In 1983, writer [[William Poundstone]] examined the recipe in his book ''[[Big Secrets]]''. He reviewed Sanders' [[patent]] application, and advertised in college newspapers for present or former employees willing to share their knowledge. From the former he deduced that Sanders had diverged from other common fried-chicken recipes by varying the amount of oil used with the amount of chicken being cooked, and starting the cooking at a higher temperature (about {{convert|400|F|-1}}) for the first minute or so and then lowering it to {{convert|250|F|-1}} for the remainder of the cooking time. {redact 123} Following his buyout in 1964, Colonel Sanders himself expressed anger at such changes, saying: [snip] Computer Science / www.isec.utulsa.edu
  15. 15. SecureWiki - Example SECRET Computer Science / www.isec.utulsa.edu
  16. 16. SecureWiki - Example SECRET Computer Science / www.isec.utulsa.edu
  17. 17. SecureWiki - Example SECRET abc Computer Science / www.isec.utulsa.edu
  18. 18. The “Confidential” Recipe Computer Science / www.isec.utulsa.edu
  19. 19. Wiki Markup [snip] {redact 456} On February 9, 2009, the secret recipe returned to KFC's Louisville headquarters in a more secure, computerized vault. In 1983, writer [[William Poundstone]] examined the recipe in his book ''[[Big Secrets]]''. He reviewed Sanders' [[patent]] application, and advertised in college newspapers for present or former employees willing to share their knowledge. From the former he deduced that Sanders had diverged from other common fried-chicken recipes by varying the amount of oil used with the amount of chicken being cooked, and starting the cooking at a higher temperature (about {{convert|400|F|-1}}) for the first minute or so and then lowering it to {{convert|250|F|-1}} for the remainder of the cooking time. Several of Poundstone's contacts also provided samples of the seasoning mix, and a food lab found that it consisted solely of [[sugar]], [[flour]], [[salt]], [[black pepper]] and [[monosodium glutamate]] (MSG). He concluded that it was entirely possible that, in the years since Sanders sold the chain, later owners had begun skimping on the recipe to save costs [snip] Computer Science / www.isec.utulsa.edu
  20. 20. SecureWiki - Example SECRET Computer Science / www.isec.utulsa.edu
  21. 21. SecureWiki - Example SECRET Computer Science / www.isec.utulsa.edu
  22. 22. SecureWiki - Example SECRET def Computer Science / www.isec.utulsa.edu
  23. 23. Wiki Markup [snip] Before the move, KFC disclosed the following details about the recipe and its security arrangements: * The recipe, which includes exact amounts of each component, is written in pencil on a single sheet of notebook paper and signed by Sanders. * The recipe was locked in a filing cabinet with two separate combination locks. The cabinet also included vials of each of the {redact 789} herbs and spices used. * Only two executives had access to the recipe at any one time. KFC refuses to disclose the names and titles of either executive * One of the two executives said that no one had come close to guessing the contents of the secret recipe, and added that the actual recipe would include some surprises. On February 9, 2009, the secret recipe returned to KFC's Louisville headquarters in a more secure, computerized vault. [snip] [snip] Computer Science / www.isec.utulsa.edu
  24. 24. SecureWiki - Example SECRET Computer Science / www.isec.utulsa.edu
  25. 25. SecureWiki - Example SECRET Computer Science / www.isec.utulsa.edu
  26. 26. SecureWiki - Example SECRET Computer Science / www.isec.utulsa.edu
  27. 27. Final Output – “Secret” Recipe Computer Science / www.isec.utulsa.edu
  28. 28. Challenges •  Metadata –  A page’s existence may be classified –  Data inference •  Verification of security controls –  Certification and accreditation •  Declassifying Information –  Bell-La Padula prohibits write-down •  Implementation –  Hooks into parser –  Saving data –  Revision History? Computer Science / www.isec.utulsa.edu
  29. 29. Potential Environments •  Military and government •  Medical research –  Collaboration in blind/double-blind studies –  Compliance with HIPPA PII/PHI requirements •  Corporations –  Chinese Wall implementation –  Inter-departmental segregation –  Inter-corporation collaboration Computer Science / www.isec.utulsa.edu
  30. 30. Conclusions •  Redaction in wikis is possible with high granularity for secure environments. •  SecureWiki integrates the information into a single view based on the user's access level. •  SecureWiki has potential not only in government but also corporate, healthcare and other environments. Computer Science / www.isec.utulsa.edu
  31. 31. Future Work •  Develop a proof of concept –  Determine the real challenges in implementation –  Expand the workflow of the system •  Determine the wiki framework (MediaWiki?) –  Ability to add our framework without modifying (too much) core code –  Access controls –  Known vulnerabilities Computer Science / www.isec.utulsa.edu
  32. 32. Acknowledgements •  Mr. Philippe Beaudette, Head of Reader Relations, Wikimedia Foundation •  Dr. Rose Gamble, Professor, The University of Tulsa •  This material is based on research sponsored by DARPA under agreement number FA8750-09-1-0208. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of DARPA or the U.S. Government. Computer Science / www.isec.utulsa.edu
  33. 33. Questions? Computer Science / www.isec.utulsa.edu

×