Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sandbox technology, a suitable approach for secure distributed systems By: Arash Karami Supervisor : Hadi Salimi Distributed Systems Course Seminar

Published byElyse Leopard Modified over 10 years ago

Similar presentations

Presentation on theme: "Sandbox technology, a suitable approach for secure distributed systems By: Arash Karami Supervisor : Hadi Salimi Distributed Systems Course Seminar"— Presentation transcript:

1 Sandbox technology, a suitable approach for secure distributed systems By: Arash Karami Supervisor : Hadi Salimi Distributed Systems Course Seminar arashkarami88@gmail.com Mazandaran University of Science and Technology IT departmentJuly 2010

2 Main Contents What: Sandbox security Where: General-purpose Grid computing Why: security with lightweight overhead, … How: see those in next parts!!! 2/36 Sandbox technology present by Arash Karami

3 Table of Content Introduction Sandbox idea Other concepts Usages Features Interception Interception Levels Access Control List Chroot mechanism Applications Evaluating Time line Conclusion 3/36 Sandbox technology present by Arash Karami

4 Motivation Introduction My purpose Introduction 4/36 Sandbox technology present by Arash Karami

5 Motivation large scale systems need to be high performance Distributed system are normally untrusted environments Establishing secure processing environments is very time consuming (common) We have found a suitable technology for lightweight secure environemnts in large scale systems ` 1990 2000 2010 Standalone Antivirus Security suits Sandboxes 5/36 Sandbox technology present by Arash Karami

6 Introduction to sandbox By wikipedia: In computer security, a sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers and untrusted users. By common: Process virtual machine By my survey: A jail that can override and modify the behaviour of system calls without change in real system 6/36 Sandbox technology present by Arash Karami

7 Purposes & specifics Lightweight High performance Virtualization Role based Special ACL Control and management resource Restriction in resources Better than complex authentications Self defensive 7/36 Sandbox technology present by Arash Karami

8 Idea Other concepts The sandbox idea 8/36 Sandbox technology present by Arash Karami

9 Other means Sandbox games Google sandbox rating Sandboxes have many applications in computer science!!! The sandbox tool aims to fulfill the need for application security on a distributed environment 9/36 Sandbox technology present by Arash Karami

10 Sandbox in X computing Sandbox as virtual machine Sandbox as monitoring tools (EVEN) Sandbox as IDS ;) usages 10 Sandbox technology present by Arash Karami

11 Virtualization IDS Mobile computing Anti viruses Cloud/Grid computing Rule base management systems Full virtualization Resource Management systems Honey pots Usage of sandboxes Network monitoring tools, Network traffic control Sandbox approach Sandbox approach FVM Norman Avast Mobile codes EVM Gridbox DGMonitor Janus Chromium Java sandbox FVM BlueBox 11/36 Sandbox technology present by Arash Karami

12 Interception Access Control List Application sandboxes Features 12/36 Sandbox technology present by Arash Karami

13 Interception Base of sandboxes Process interception system call interception Os: Unix: ptrace OR… Windows: dll injection Monitoring resources and controlling them 13/36 Sandbox technology present by Arash Karami

14 User level sandbox Trace system calls Using ptrace in Unix Using injection to address space of processes in windows. For example: Gridbox Chromium sandbox project Chroot Janus 14/36 Sandbox technology present by Arash Karami

15 Kernel level sandbox Create a driver or kernel modules for a specific platform Low level programming Dirty programming!!! Non-hacked (than to user mode) For example BlueBox EVM Condor 15/36 Sandbox technology present by Arash Karami

16 Access Control List Assign a task, role, system call Change system call with real system call Example: Gridbox: Define acl.c + syscalls.c for resource management 16/36 Sandbox technology present by Arash Karami

17 Application sandboxes Move desktop app to web app Protecting with lightweight, secure, flexible approach (WHERE???) Extension or separated program Sandboxie A part of Applets SilverLight Lost real performance 17/36 Sandbox technology present by Arash Karami

18 GridBox Chromium sandbox project Present two prof sandbox 18 Sandbox technology present by Arash Karami

19 Gridbox started at 2005 Lightweight code files & executable file Heterogeneous on Unix base system User mode interception Used in ProGrid, SETI@ Using ACL Multi level security 19/36 Sandbox technology present by Arash Karami

20 Multi level security # Network access: Allow connections to trusted machines rule connect allow 200.18.98.120:80 rule connect allow 200.18.98.132:80 # Disallow any other connection rule connect deny *:* # Serving connections: Allow to bind to port 8000 of interface 200.18.98.120 rule bind allow 200.18.98.120:8000 # Disallow any other port binding rule bind deny * # Program execution` # Allow execution of /bin/cat rule system allow /bin/cat # Disallow any other program execution rule system deny * #/usr/local/grid/sandbox.sh /usr/local/grid/applications/test_suite...GRIDBOX: fopen (input): DENIED GRIDBOX: connect (200.18.98.120:80): DENIED GRIDBOX: nice(10): DENIED GRIDBOX: connect (200.18.98.120:22): DENIED GRIDBOX: system (/bin/rm): DENIED GRIDBOX: fopen (/etc/passwd): DENIED # Node profile # Limit the CPU use to 5 minutes limit CPU_TIME 600 # Limit maximum file size limit FILE_SIZE 1000000 # Limit maximum process stack limit STACK 20000 20/36 Sandbox technology present by Arash Karami

21 GridBox Functionalities 21/36 Sandbox technology present by Arash Karami

22 Chromium Sandbox project Subset of Chromium open source project Independent to Google codes Cross-platform Restriction in: process I/O Network 22 Sandbox technology present by Arash Karami

23 Table of all surveyed sandboxes Time-line Evaluate 23/36 Sandbox technology present by Arash Karami

24 Compression Sandbox is a wide concept It is based of interception 24/36 Sandbox technology present by Arash Karami

25 Some surveyed sandboxes 25/36 Sandbox name GoalImplantation Level Heterogon ous Compatible OS Application Domain Program ChrootOS virtualization User modeNoMost Unix-like OS Secure policyChroot GridboxImprove security in grid User modeY/NAll Unix-like OSGrid computing, Pro Grid,SETI@ ACL, customize confige file, BlueBoxN IDSKernel modeNoLinuxNetwork IDS, Host base real – time IDS, webservers Host base driven DGMonitorVirtualized resources User modeYesLinux,windows, Unix Entropia, DCGrid,Xterm web Portable, Entropia VMVirtualizationKernle modeNoWindows NT or higher Grid systems, image – processing Combine VM approach with Sandbox approach, File Virtualzaiton, Thread mng,Job manager JanusMonitoringUser modeNoSolaris 2.4Ptrace/proc mechanism ChromiumSandboxingUser modeYesUnix-like, windows Web application Free BSD jailSecurity in Server farms Kernel/user modeNoOnly BSDInternet security File system isolation,Disk quotas,Network isolation

26 Time-Line Progress sandboxes 1980 Gridbox Janus Systrace Avast Chroot 198519901995200020052010 chromium FreeBSD Jail Condor 26 Sandbox technology present by Arash Karami

27 Result challenges discussion Result 27/36 Sandbox technology present by Arash Karami

28 A good sandbox properties: Interception without restriction on resources A secure box for virtual processes Multi part restriction: Memory restriction: Restriction space for Processes, threads process management monitoring network protocols 28/36 Sandbox technology present by Arash Karami

29 challenges Implement level Goal Cross-platform Fine-grained level 29/36 Sandbox technology present by Arash Karami

30 Conclusion 30/36 Sandbox technology present by Arash Karami

31 Today we need to: 1. A cross platform sandbox 2. High performance 3. Support kernel and user mode sandboxing 4. Dynamic ACL (Google ACL)s 5. Full virtualization 6. Limited local resource and network resource 7. Open source 31/36 Sandbox technology present by Arash Karami

32 Discussion 32/36 Sandbox technology present by Arash Karami

33 References 33/36 Sandbox technology present by Arash Karami

34 All references Sandbox technology present by Arash Karami 34 S Loureiro, R Molva, Y Roudier 2000 Mobile Code Security Proceedings of ISYPAR AR.Butt, S.Adabala, NH.Kapadia, RJ.Figueiredo and J.A.B.Fortes Grid-computing portals and security issues Journal of Parallel and Distributed Computing, October 2003 H.Chen, P.Liu, R.Chen, B.Zang, H.Chen, P.Liu, R.Chen VMM-based Process Shepherding Parallel Processing Institute Technical Report Number: FDUPPITR-2007-08002 August 2007 I.Goldberg, D.Wagner, R.Thomas, EA.Brewer A Secure Environment for Untrusted Helper Applications Conning the Wily Hacker Sixth USENIX UNIX security symposium, July 1996 By Wikipedia http://en.wikipedia.org/wiki/Sandbox_%28computer_security%29t 2010-07-14http://en.wikipedia.org/wiki/Sandbox_%28computer_security%29t J. Lange, P. Dinda, Transparent Network Services via a Virtual Traffic Layer for Virtual Machines, Proceedings of the 16th IEEE International Symposium on High Performance Distributed Computing (HPDC 2007), June, 2007 CHARI, S. N., AND CHENG, P.-C. BlueBoX: A Policy-driven, Host-Based Intrusion Detection System. In Proceedings of the 9th Symposium on Network and Distributed Systems Security (NDSS 2002) (2002). T.Khatiwala, R.Swaminathan, V. N.Venkatakrishnan Data Sandboxing: A Technique for Enforcing Confidentiality Policies, Proceedings of the 22nd Annual Computer Security Applications Conference, p.223-234, December 11-15, 2006 Frey, J. Tannenbaum, T. Livny, M. Foster, I. Tuecke, S. Condor-G: A Computation Management Agent for Multi-Institutional Grids cluster computing, 2002, VOL 5; NUMBER 3, pages 237-246 P. Cicotti, M.Taufer and A. Chieny DGMonitor: A Performance Monitoring Tool for Sandbox-Based Desktop Grid Platforms journal of supercomputing, 2005, VOL 34; NUMBER 2, pages 113-133 D.Wagner A Secure Environment for Untrusted Helper Applications http://searchsystemschannel.techtarget.com/generic/0,295582,sid99_gci1379901,00.html http://searchsystemschannel.techtarget.com/generic/0,295582,sid99_gci1379901,00.html

35 … Sandbox technology present by Arash Karami 35 http://www.webpronews.com/insiderreports/2004/05/06/google-sandbox-effect-revealed Evgueni Dodonov, Joelle Quaini Sousa, Hélio Crestana Guardia, GridBox: securing hosts from malicious and greedy applications, Proceedings of the 2nd workshop on Middleware for grid computing, p.17-22, October 18-22, 2004, Toronto, Ontario, Canada S.Santhanam, P.Elango, A.Arpaci-Dusseau,M.Livny "Deploying virtual machines as sandboxes for the grid" Proceedings of the 2nd conference on Real, Large Distributed Systems, 2005 Jiang, X. Wang, X. "Out-of-the-Box" Monitoring of VM-Based High-Interaction Honeypots lecture notes in computer science, 2007 Malkhi, D. Reiter, M. K Secure Execution of Java Applets Using a Remote Playground IEEE transactions on software engineering, 2000 M.Khambatti, P.Dasgupta, KD.Ryu A Role-Based Trust Model for Peer-to-Peer Communities and Dynamic Coalitions In IWIA '04: Proceedings of the Second IEEE International Information Assurance Workshop, page 141, Washington, DC, USA, 2004 The Technion DSL Lab, Israel Condor Local File System Sandbox high level design document B Calder, AA Chien, J Wang, D Yang,The Entropia Virtual Machine for Desktop Grids Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments, 2005 David A. Wagner. Janus: an Approach for Confinement of Untrusted Applications. Technical Report CSD-99-1056, 12, 1999. 2, 8 N.Provos Improving host security with system call policies Proceedings of the 12th conference on USENIX Security Symposium, 2003 sandboxie http://www.sandboxie.com/http://www.sandboxie.com/ Chromium project http://www.google.com/url?sa=t&source=web&cd=1&ved=0CBYQFjAA&url=http%3A%2F%2Fcode.google.com%2Fchromium%2F& ei=Qs49TI_NJ5i8jAerqZT5Aw&usg=AFQjCNFFIW41N_oxaGVfvEf4kTPmYqUfWg&sig2=Af2KdebPFzPOcyA-wSUAVQ http://www.google.com/url?sa=t&source=web&cd=1&ved=0CBYQFjAA&url=http%3A%2F%2Fcode.google.com%2Fchromium%2F& ei=Qs49TI_NJ5i8jAerqZT5Aw&usg=AFQjCNFFIW41N_oxaGVfvEf4kTPmYqUfWg&sig2=Af2KdebPFzPOcyA-wSUAVQ

36 Sandbox technology present by Arash Karami 36 ?

37 Sandbox technology present by Arash Karami 37

Download ppt "Sandbox technology, a suitable approach for secure distributed systems By: Arash Karami Supervisor : Hadi Salimi Distributed Systems Course Seminar"

Similar presentations

Shared-Memory Model and Threads Intel Software College Introduction to Parallel Programming – Part 2.

Shared-Memory Model and Threads Intel Software College Introduction to Parallel Programming – Part 2.
Computer Networks TCP/IP Protocol Suite.

Computer Networks TCP/IP Protocol Suite.
© 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Installation & management of SUSE.

© 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Installation & management of SUSE.
Feichter_DPG-SYKL03_Bild-01. Feichter_DPG-SYKL03_Bild-02.

Feichter_DPG-SYKL03_Bild-01. Feichter_DPG-SYKL03_Bild-02.
Pricing for Utility-driven Resource Management and Allocation in Clusters Chee Shin Yeo and Rajkumar Buyya Grid Computing and Distributed Systems (GRIDS)

Pricing for Utility-driven Resource Management and Allocation in Clusters Chee Shin Yeo and Rajkumar Buyya Grid Computing and Distributed Systems (GRIDS)
1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 2 Getting Started.

1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 2 Getting Started.
Distributed Systems Architectures

Distributed Systems Architectures
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Processes and Operating Systems

Processes and Operating Systems
Author: Julia Richards and R. Scott Hawley

Author: Julia Richards and R. Scott Hawley
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 3 CPUs.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 3 CPUs.
Remote Educational Programming Of Robots (REPOR) Tord Fauskanger Aurelie Aurilla Bechina Arntzen Dag Samuelsen Buskerud University College.

Remote Educational Programming Of Robots (REPOR) Tord Fauskanger Aurelie Aurilla Bechina Arntzen Dag Samuelsen Buskerud University College.
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.

Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
CSF4 Meta-Scheduler Tutorial 1st PRAGMA Institute Zhaohui Ding or

CSF4 Meta-Scheduler Tutorial 1st PRAGMA Institute Zhaohui Ding or
11 Application of CSF4 in Avian Flu Grid: Meta-scheduler CSF4. Lab of Grid Computing and Network Security Jilin University, Changchun, China Hongliang.

11 Application of CSF4 in Avian Flu Grid: Meta-scheduler CSF4. Lab of Grid Computing and Network Security Jilin University, Changchun, China Hongliang.
UNITED NATIONS Shipment Details Report – January 2006.

UNITED NATIONS Shipment Details Report – January 2006.
Business Transaction Management Software for Application Coordination 1 www.choreology.com Business Processes and Coordination. Introduction to the Business.

Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination. Introduction to the Business.
1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.

1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.

FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.

Similar presentations

Ads by Google