Deborah Shands

Luiz Giovanini, Daniela Oliveira, Huascar Sanchez et al.

Open-source software (OSS) is a critical part of the software supply chain. Recent social engineering attacks against OSS development teams have enabled attackers to become code contributors and later inject malicious code or vulnerabilities into the project with the goal of compromising dependent software. The attackers have exploited interactions among development team members and the social dynamics of team behavior to enable their attacks. We introduce a security approach that leverages signatures and patterns of team dynamics to predict the susceptibility of a software development team to social engineering attacks that enable access to the OSS project code. The proposed approach is programming language-, platform-, and vulnerability-agnostic because it assesses the artifacts of OSS team interactions, rather than OSS code.

Deborah Shands, Carolyn Talcott

Many damaging cybersecurity attacks are enabled when an attacker can access residual sensitive information (e.g. cryptographic keys, personal identifiers) left behind from earlier computation. Attackers can sometimes use residual information to take control of a system, impersonate a user, or manipulate data. Current approaches to addressing access to residual sensitive information aim to patch individual software or hardware vulnerabilities. While such patching approaches are necessary to mitigate sometimes serious security vulnerabilities in the near term, they cannot address the underlying issue: explicit requirements for adequately eliminating residual information and explicit representations of the erasure capabilities of systems are necessary to ensure that sensitive information is handled as expected. This position paper introduces the concept of intentional forgetting and the capabilities that are needed to achieve it. Intentional forgetting enables software and hardware system designers at every level of abstraction to clearly specify and rigorously reason about the forgetting capabilities required of and provided by a system. We identify related work that may help to illuminate challenges or contribute to solutions and consider conceptual and engineering tradeoffs in implementations of forgetting capabilities. We discuss approaches to modeling intentional forgetting and then modeling the strength of a system's forgetting capability by its resistance to disclosing information to different types of detectors. Research is needed in a variety of domains to advance the theory, specification techniques, system foundations, implementation tools, and methodologies for effective, practical forgetting. We highlight research challenges in several domains and encourage cross-disciplinary collaboration to one day create a robust theory and practice of intentional forgetting.