CSIS logoCenter for Secure Information Systems

Securing the World's Cyber Infrastructure

Aerial View of the George Mason Fairfax Campus

CSIS Seminar

Distributed Data Usage Control

Speaker:   Prof. Alexander Pretschner, Technische Universität München
When:   Thursday, March 5, 2015, 2:30pm - 3:30pm
Where:   Research Hall, Room 401, Fairfax Campus


Distributed data usage control is concerned with what happens to data once it is given away ("delete after 30 days;" "notify me if data is forwarded;" "copy at most twice"). In the past, we have considered the problem in terms of policies, enforcement and guarantees from two perspectives: (a) In order to protect data, it is necessary to distinguish between content (a song by Elvis called "Love me Tender") and representations of that content (song.mp3; song.wav, etc.). This requires efficient data flow-tracking concepts and capabilities in data usage control frameworks. (b) The representations exist at different layers of abstraction: a picture downloaded from the internet exists as pixmap (window manager), as element in the browser-created DOM tree (application), and as cache file (operating system). This requires the data flow tracking capabilities to cross the single layers to which they are deployed.

In distributed systems, it has turned out that another system can be seen as another set of abstraction layers, thus generalizing the basic model. Demo videos of our work are available at http://www22.in.tum.de/forschung/distributed-usage-control/.

In this talk, we present the general model and its implementations. We also show how to use our approach to not only protect entire data items but possibly also fractions of data items. This allows us to specify and enforce policies such as "not more than 20% of the data may leave the system", evidently leading to interesting questions concerning the interpretation of "20%", and if the structure of data items cannot be exploited. We present a respective model, an implementation, and experimental results. Time permitting, we will finally discuss how to use precomputed static analysis results in a dynamic multi-layer context.

Speaker Bio

Alexander Pretschner is a full professor of computer science at Technische Universität München. Research interests include software engineering, specifically testing; and information security, specifically distributed data usage control. Prior appointments include a full professorship at Karlsruhe Institute of Technology; an adjunct associate professorship at TU Kaiserslautern; a group management position at the Fraunhofer Institute for Experimental Software Engineering in Kaiserslautern; guest professorships at the universities of Rennes, Trento, and Innsbruck; and a senior researcher's position at ETH Zurich. PhD degree from Technische Universitaet Muenchen; Master's degrees from Kansas University, on a Fulbright scholarship, and from RWTH Aachen. Recent awards include two IBM faculty awards, a Google focused research award, and a Fraunhofer Attract award. Member of the editorial board of the IEEE Transactions on Secure and Dependable Computing, the Journal of Software Testing, Verification, and Reliability, and the Journal of Software Systems Modeling; membership in numerous program committees; organization of ca. 25 symposia; frequent invited speaker; frequent reviewer for national and international funding agencies as well as hiring committees.