CAREER: Centralized Authorities in Internet Security: Risk Assessment, Mitigation, and New Architectures

职业：互联网安全的集中管理机构：风险评估、缓解和新架构

• 批准号: 1350733
• 负责人: Sharon Goldberg
• 金额: $ 58.85万
• 依托单位: Trustees of Boston University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2014
• 资助国家: 美国
• 起止时间: 2014-06-01 至 2020-05-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1350733&HistoricalAwards=false
• 关键词: CAREER; Centralized; Authorities; Internet; Security

In response to serious vulnerabilities that plague many of the Internet's core protocols, the last two decades have seen various security infrastructures layered on top of originally insecure protocols (DNSSEC on top of the domain name system, SSL and its public key infrastructure on top of TCP, the RPKI on top of interdomain routing). The security of each is derived from centralized authorities that are trusted to provide information about cryptographic keys or identities. When authorities behave correctly, each security infrastructure protects the underlying insecure system from attack. However, what happens if an authority abuses its power, or experiences a malfunction, misconfiguration, or a compromise by an external attacker?This project is predicated on the observation that the scope, impact, and visibility of abuse by compromised authorities is determined by the architecture of a security infrastructure (e.g., the presence or absence of hierarchy, the scope of an authority's power, etc.). The project finds new ways to balance between the need to provide strong security guarantees for a vulnerable insecure system, and the need to limit the control that a centralized authority can exercise over that system. To do this, the project will use cryptography and mechanism design to design architectures that make abuse easier to detect, or harder to execute. The project has implications on the security of some of the Internet's most crucial systems, and also involves technology transfer to the practitioners involved in the standardization and adoption of Internet systems.

为了应对困扰互联网许多核心协议的严重漏洞，在过去20年里，各种安全基础设施都建立在最初不安全的协议之上(域名系统上的DNSSEC、TCP上的SSL及其公钥基础设施、域间路由上的RPKI)。每个密钥的安全性都来自中央授权机构，这些授权机构被信任提供有关加密密钥或身份的信息。当当局行为正确时，每个安全基础设施都会保护底层不安全的系统免受攻击。然而，如果授权机构滥用其权力，或遇到故障、错误配置或外部攻击者的妥协，会发生什么情况？此项目基于以下观察：受威胁授权机构滥用的范围、影响和可见性取决于安全基础设施的架构(例如，存在或不存在层次结构、授权机构的权力范围等)。该项目找到了新的方法来平衡为脆弱的、不安全的系统提供强有力的安全保障的需要和限制中央当局可以对该系统实施的控制的需要。为了做到这一点，该项目将使用密码学和机制设计来设计架构，使滥用更容易检测，或更难执行。该项目对互联网上一些最重要的系统的安全有影响，还涉及向互联网系统标准化和采用的从业人员转让技术。