Presentation is loading. Please wait.

Presentation is loading. Please wait.

SANE: A Protection Architecture for Enterprise Networks

Published byMercy Dickerson Modified over 8 years ago

Similar presentations

Presentation on theme: "SANE: A Protection Architecture for Enterprise Networks"— Presentation transcript:

1 SANE: A Protection Architecture for Enterprise Networks
Author: Martin Casado, Tal Garfinkel, Aditya Akella, Michael J. Freedman Dan Boneh, Nick McKeown, Scott Shenker Publisher: IEEE COMMUNICATIONS SURVEYS & TUTORIALS Presenter: Ching Hsuan Shih Date: 2013/10/09

2 Outline 1. Instroduction 2. What’s Wrong with Existing Technuques? 3. System Architecture 4. Attack Resistance 5. Implementation 6. Evaluation 7. Related Work 8. Conclusion

3 1. Instroduction Allow natural policies that are simple yet powerful.
- We seek an architecture that supports natural policies that are independent of the topology and provide least privilege access to resources. Enforcement should be at the link layer, to prevent lower layers from undermining it. Hide information about topology and services from those without permission to see them. Have only one trusted component.

4 2. What’s Wrong with Existing Techniques?
Complexity of Mechenism Proliferation of Trust Proliferation of Information

5 3. System Architecture This section describes two versions of the SANE architecture: 1. a clean –slate approach, in which every network component is modified to support SANE 2. inter-operate with unmodified end hosts running standard IP stacks

6 3.1 Domain Controller (DC)
DC is the central component of a SANE network and responsible for authenticating users and hosts. 1. Authentication Service 2. Network Service Directory (NSD) 3. Protection Layer Controller Revoking Access Ethernet SANE header IP header data Figure 2: SANE operates at the same layer as VLAN Figure 1: The SANE Service Model

7 3.2 Interoperability Translation Proxies Gateways Broadcast
Service Publication

8 3.3 Fault Tolerance Replicating the Domain Controller
Service directory must maintain consistency among multiple DCs Recovering from Network Failure Send periodic probes or keep-alive messages to detect failures and request fresh capabilities

9 4. Attack Resistance Access-control lists
The NSD uses ACLs for directories, preventing attackers from enumerating all services in the system Encrypted, authenticated source-routes and link-state updates These prevent an attacker from learning the topology or from enumerating hosts and performing port scans Authenticated network components The authentication mechanism prevents unautherticated switches from joining a SANE network, thwarting a variety of topology attacks

10 4.1 Resource Exhaustion Flooding Revocation state exhaustion
Rate-limit requests for capabilities to the DC Revocation state exhaustion Generate a new key to the DC DC tracks the number of revocations issued per sender

11 4.2 Tolerating Malicious Switches
Sabotaging MST Discovery Bad Link-State Advertisement Figure 5: Attacker C can deny service to A by selectively dropping A’s packets, yet letting the packets of its parent (B) through. As a result, A cannot communicate with the DC, even though a alternate path exists through D.

12 4.3 Tolerating a Malicious DC
Split the DCs’ secret key across a few servers, such that two of them are needed to generate a capability.

13 5. Implementation All development was done in C++ using the Virtual Network System (VNS) within the group LAN - Seven physical hosts on 100 Mb Ethernet for one month The implementation consists of a DC, switches and IP proxies - No support for multiple DCs - No support for tolerating malicious switches

14 5. Implementation (Cont.)
IP Proxies and SANE Switches The proxies use ARP (Address Resolution Protocol) cache Support automatic neighbor discovery, MST construction, link-state updates and packet forwarding Domain Controller Capability construction Service Directory

15 6. Evalution 5 hops 10 hops 15 hops DC 100,000 cap/s 40,000 cap/s
Switch 762 Mb/s 480 Mb/s 250 Mb/s Table 1: Performance of a DC and switches Figure 6: DNS requests, TCP connection establishment requests, and maximum concurrent TCP connections per second, respectively, for the Lawrence Berkeley National Laboratory enterprise network.

16 7. Related Work Network Protection Mechanisms
Dealing with Routing Complexity Expanding the Link-layer Capabilities for DDOS prevention

17 8. Conclusion We believe that enterprise networks are different from the Internet at large and deserve special attention: Security is paramount Centralized control is the norm Uniform and consistent policies are important

Download ppt "SANE: A Protection Architecture for Enterprise Networks"

Similar presentations

June 2007NSF Find Forensics and Attribution in Ethane Martin Casado Stanford University With: Michael Freedman, Justin Pettit, Jianying Luo, Natasha Gude,

June 2007NSF Find Forensics and Attribution in Ethane Martin Casado Stanford University With: Michael Freedman, Justin Pettit, Jianying Luo, Natasha Gude,
ARP AND RARP ROUTED AND ROUTING Tyler Bish. ARP There are a variety of ways that devices can determine the MAC addresses they need to add to the encapsulated.

ARP AND RARP ROUTED AND ROUTING Tyler Bish. ARP There are a variety of ways that devices can determine the MAC addresses they need to add to the encapsulated.
Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.

Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.
Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.

Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
CCNA2 Module 4. Discovering and Connecting to Neighbors Enable and disable CDP Use the show cdp neighbors command Determine which neighboring devices.

CCNA2 Module 4. Discovering and Connecting to Neighbors Enable and disable CDP Use the show cdp neighbors command Determine which neighboring devices.
1 Semester 2 Module 4 Learning about Other Devices Yuda college of business James Chen

1 Semester 2 Module 4 Learning about Other Devices Yuda college of business James Chen
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
SANE: A Protection Architecture for Enterprise Networks Authors: Martin Casado, Tal Garfinkel, Aditya Akella, Michael J. Freedman Dan Boneh, Nick McKeown,

SANE: A Protection Architecture for Enterprise Networks Authors: Martin Casado, Tal Garfinkel, Aditya Akella, Michael J. Freedman Dan Boneh, Nick McKeown,
SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez.

SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez.
June, 2006 Stanford 2006 Ethane: Addressing the Protection Problem in Enterprise Networks Martin Casado Michael Freedman Glen Gibb Lew Glendenning Dan.

June, 2006 Stanford 2006 Ethane: Addressing the Protection Problem in Enterprise Networks Martin Casado Michael Freedman Glen Gibb Lew Glendenning Dan.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 7 Network Perimeter Security.

J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 7 Network Perimeter Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
1 CCNA 2 v3.1 Module 4. 2 CCNA 2 Module 4 Learning about Devices.

1 CCNA 2 v3.1 Module 4. 2 CCNA 2 Module 4 Learning about Devices.
August, 2006 Usenix Security 2006 SANE: Addressing the Protection Problem in Enterprise Networks Martin Casado Tal Garfinkel Michael Freedman Aditya Akaella.

August, 2006 Usenix Security 2006 SANE: Addressing the Protection Problem in Enterprise Networks Martin Casado Tal Garfinkel Michael Freedman Aditya Akaella.
1 Review of Important Networking Concepts Introductory material. This module uses the example from the previous module to review important networking concepts:

1 Review of Important Networking Concepts Introductory material. This module uses the example from the previous module to review important networking concepts:
Spring 20071 Routing & Switching Umar Kalim Dept. of Communication Systems Engineering 06/04/2007.

Spring Routing & Switching Umar Kalim Dept. of Communication Systems Engineering 06/04/2007.
1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:

1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:
Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.

Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.
Each computer and router interface maintains an ARP table for Layer 2 communication The ARP table is only effective for the broadcast domain (or LAN)

Each computer and router interface maintains an ARP table for Layer 2 communication The ARP table is only effective for the broadcast domain (or LAN)

Similar presentations

Ads by Google