Presentation is loading. Please wait.

Presentation is loading. Please wait.

WDMS 2002 June 26 -- page 1 Middleware Policies for Intrusion Tolerance QuO Franklin Webber, Partha Pal, Chris Jones, Michael Atighetchi, and Paul Rubel.

Published byJonah Wilson Modified over 8 years ago

Similar presentations

Presentation on theme: "WDMS 2002 June 26 -- page 1 Middleware Policies for Intrusion Tolerance QuO Franklin Webber, Partha Pal, Chris Jones, Michael Atighetchi, and Paul Rubel."— Presentation transcript:

1 WDMS 2002 June 26 -- page 1 Middleware Policies for Intrusion Tolerance QuO Franklin Webber, Partha Pal, Chris Jones, Michael Atighetchi, and Paul Rubel BBN Technologies

2 WDMS 2002 June 26 -- page 2 Outline Using middleware for defense against intrusions Defense mechanisms Parameterizing defense policies

3 WDMS 2002 June 26 -- page 3 A Distributed Military Application

4 WDMS 2002 June 26 -- page 4 A Cyber-Attack

5 WDMS 2002 June 26 -- page 5 An Abstract View Attacker Data Processing (Fusion, Analysis, Storage, Forwarding, etc.) Data User Data Source

6 WDMS 2002 June 26 -- page 6 Traditional Security Attacker Application Private Resources Private Resources Limited Sharing Trusted OSs and Network

7 WDMS 2002 June 26 -- page 7 Most OSs and Networks In Common Use Are Untrustworthy Attacker Application Private Resources Private Resources Limited Sharing OSs and Network

8 WDMS 2002 June 26 -- page 8 Cryptographic Techniques Can Block (Most) Direct Access to Application Attacker Application Private Resources Private Resources Limited Sharing OSs and Network CryptoCrypto

9 WDMS 2002 June 26 -- page 9 Attacker Raw Resources CPU, bandwidth, files... OSs and NetworkIDSsFirewalls Firewalls Block Some Attacks; Intrusion Detectors Notice Others Application CryptoCrypto

10 WDMS 2002 June 26 -- page 10 Application Attacker Raw Resources CPU, bandwidth, files... CryptoCrypto OSs and NetworkIDSsFirewalls Defense-Enabled Application Competes With Attacker for Control of Resources Middleware for QoS and Resource Management

11 WDMS 2002 June 26 -- page 11 QuO Adaptive Middleware Technology QuO is BBN-developed middleware that provides: interfaces to property managers, each of which monitors and controls an aspect of the Quality of Service (QoS) offered by an application; specifications of the application’s normal and alternate operating conditions and how QoS should depend on these conditions. QuO has integrated managers for several properties: dependability communication bandwidth real-time processing (using TAO from UC Irvine/WUStL) security (using OODTE access control from NAI) QuO

12 WDMS 2002 June 26 -- page 12 QuO adds specification, measurement, and adaptation into the distributed object model Application Developer Mechanism Developer CLIENT Network operation() in args out args + return value IDL STUBS IDL SKELETON OBJECT ADAPTER ORB IIOP ORB IIOP CLIENT OBJECT (SERVANT) OBJECT (SERVANT) OBJ REF CLIENT Delegate Contract SysCond Contract Network MECHANISM/PROPERTY MANAGER operation() in args out args + return value IDL STUBS Delegate SysCond IDL SKELETON OBJECT ADAPTER ORB IIOP ORB IIOP CLIENT OBJECT (SERVANT) OBJECT (SERVANT) OBJ REF Application Developer QuO Developer Mechanism Developer CORBA DOC MODEL QUO/CORBA DOC MODEL

13 WDMS 2002 June 26 -- page 13 The QuO Toolkit Supports Building Adaptive Apps or Adding Adaptation to Existing Apps QuO Code Generator QoS Adaptivity Specification CORBA IDL Middleware for QoS and Resource Management

14 WDMS 2002 June 26 -- page 14 Implementing Defenses in Middleware for simplicity: QoS concerns separated from functionality of application. Better software engineering. for practicality: Requiring secure, reliable OS and network support is not currently cost-effective. Middleware defenses will augment, not replace, defense mechanisms available in lower system layers. for uniformity: Advanced middleware such as QuO provides a systematic way to integrate defense mechanisms. Middleware can hide peculiarities of different platforms. for reuseability Middleware can support a wide variety of applications.

15 WDMS 2002 June 26 -- page 15 Security Domains Limit the Damage From A Single Intrusion hacked domain host router domain host router domain host

16 WDMS 2002 June 26 -- page 16 Replication Management Can Replace Killed Processes hacked domain host router domain host router domain host application component replicas QuO replica management

17 WDMS 2002 June 26 -- page 17 Bandwidth Management Can Counter Flooding Between Routers hacked domain host router domain host router domain host QuO bandwidth management RSVP reservation or packet-filtered link

18 WDMS 2002 June 26 -- page 18 Other Defensive Adaptations Dynamically configure firewalls to block traffic Dynamically configure routers to limit traffic Dynamically change communication ports Dynamically change communication protocols

19 WDMS 2002 June 26 -- page 19 Defense Strategy Use QuO middleware to coordinate all available defense mechanisms in a coherent strategy. Our best current strategy has two parts: –“outrun”: move application component replicas off bad hosts and on to good ones –“contain”: quarantine bad hosts and bad LANs by limiting or blocking network traffic from them and, within limits, shutting them down

20 WDMS 2002 June 26 -- page 20 Policy Issues for ‘Outrunning’ Where should new replicas be placed? –Always in new security domain? –Always on a new host? –Unpredictably? Should number of replicas change under attack? –Increase for protection against stealth? –Decrease for more rapid response?

21 WDMS 2002 June 26 -- page 21 Policy Issues for ‘Containment’ Should quarantine be used? –Or rely only on self-shutdown based on local sensors? When is a domain, LAN, or host judged bad? –Depends on source of warning? –Depends on repeated warnings? –Depends on combination of warnings? Is agreement necessary before quarantine? –Yes: local decisions are easier to spoof –No: global decisions are impeded by flooding

22 WDMS 2002 June 26 -- page 22 Avoiding Self-Denial-of-Service How to prevent attacker from spoofing defense into quarantining all security domains? –Limit number or fraction of quarantined domains? –Limit rate of quarantining? –Allow later reintegration of quarantined domains?

23 WDMS 2002 June 26 -- page 23 Conclusion The feasibility of adaptive cyber-defense is being explored. Adaptive cyber-defense is naturally implemented in middleware. A strategy for cyber-defense can be parameterized in several ways.

Download ppt "WDMS 2002 June 26 -- page 1 Middleware Policies for Intrusion Tolerance QuO Franklin Webber, Partha Pal, Chris Jones, Michael Atighetchi, and Paul Rubel."

Similar presentations

1 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Toolkit for Creating Adaptable Distributed Applications Joe Loyall www.dist-systems.bbn.com/projects/OIT.

1 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Toolkit for Creating Adaptable Distributed Applications Joe Loyall
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 12 Slide 1 Distributed Systems Design 2.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 12 Slide 1 Distributed Systems Design 2.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Distributed Systems Architectures Slide 1 1 Chapter 9 Distributed Systems Architectures.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Distributed Systems Architectures Slide 1 1 Chapter 9 Distributed Systems Architectures.
Common Object Request Broker Architecture (CORBA) By: Sunil Gopinath David Watkins.

Common Object Request Broker Architecture (CORBA) By: Sunil Gopinath David Watkins.
1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,

1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Chapter 1 – Introduction

Chapter 1 – Introduction
Distributed Systems Architectures

Distributed Systems Architectures
1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.

1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.
1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.

CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
1 8/99 IMIC Workshop 6/22/2015 New Network ServicesJohn Zinky BBN Technologies The Need for A Network Resource Status Service IMIC Workshop 1999 Boston.

1 8/99 IMIC Workshop 6/22/2015 New Network ServicesJohn Zinky BBN Technologies The Need for A Network Resource Status Service IMIC Workshop 1999 Boston.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
OPX PI Meeting 2002 February 21 -- page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.

OPX PI Meeting 2002 February page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University.

1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University.
1 4/20/98ISORC ‘98 BBN Technologies Specifying and Measuring Quality of Service in Distributed Object Systems Joseph P. Loyall, Richard E. Schantz, John.

1 4/20/98ISORC ‘98 BBN Technologies Specifying and Measuring Quality of Service in Distributed Object Systems Joseph P. Loyall, Richard E. Schantz, John.
1 05/01/02ISORC 2002 BBN Technologies Joe Loyall Rick Schantz, Michael Atighetchi, Partha Pal Packaging Quality of Service Control Behaviors for Reuse.

1 05/01/02ISORC 2002 BBN Technologies Joe Loyall Rick Schantz, Michael Atighetchi, Partha Pal Packaging Quality of Service Control Behaviors for Reuse.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 12 Slide 1 Distributed Systems Architectures.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 12 Slide 1 Distributed Systems Architectures.
1 소프트웨어공학 강좌 Chap 9. Distributed Systems Architectures - Architectural design for software that executes on more than one processor -

1 소프트웨어공학 강좌 Chap 9. Distributed Systems Architectures - Architectural design for software that executes on more than one processor -

Similar presentations

Ads by Google