Presentation is loading. Please wait.

Presentation is loading. Please wait.

TIED: A Cluster of One. TIED: Trial Integration Environment DETER The DETER folks: Terry Benzel, Bob Braden, Ted Faber, John Hickey, Alefiya Hussain,

Published byMarshall Kelly Modified over 8 years ago

Similar presentations

Presentation on theme: "TIED: A Cluster of One. TIED: Trial Integration Environment DETER The DETER folks: Terry Benzel, Bob Braden, Ted Faber, John Hickey, Alefiya Hussain,"— Presentation transcript:

1 TIED: A Cluster of One

2 TIED: Trial Integration Environment DETER The DETER folks: Terry Benzel, Bob Braden, Ted Faber, John Hickey, Alefiya Hussain, Anthony Joseph, Calvin Ko, Kevin Lahey, Jelena Mirkovic, Steve Schwab, Keith Sklower, Arun Viswanathan, John Wroclawski, … built on

3 The DETER Facility Cyber Security testbed at USC/ISI and UC Berkeley Funded by NSF and DHS, started in 2004 Based on Emulab software, with focus on security experimentation 200 Nodes at ISI (128 Dell 1850, 8 Sun V65x, 64 IBM Netfinity 4500R) 96 Nodes at UC Berkeley (64 Dell 1850, 32 Sun V60x) Many tools for experimenters: GUIs, traffic generators, simulators, traffic analyzers, etc.

4 DETER Project Goals Scientific methods and infrastructure for advancing security in identified hard problems Enhanced availability of validated information about security protection technology Enduring realistic testbed for security research Advances in testing methods and methodology for network security devices Suite of reusable network security tests including traffic data sets

5 (contributions to) Next-Gen Facilities - National Malware Collaboratory National Cyber Range (DARPA) GENI… Today’s DETER Testbed Key New Capabilities: Risky Experiment Management High Level User/Workflow Tools Experiment Health Management Dynamic Federation

6 On-demand creation of experiments spanning multiple, independently controlled facilities Why? Scale Unusual facilities Data & knowledge sharing Information hiding - multiparty scenarios (not just “Internat’l cooperation”) Researcher Controls experiment embedding Federants Control Resource Access Constrain Resource Use Related to (but not same as) experiment composition

7 Three Key Elements Establish federated experiment Create coherent distributed environment (embedding) Guide experimenter about potential choices and effects Manage federated resources within local policies Access / Authorization (who can use?)‏ Constrain use (how can they use?) Provide unified runtime environment to researcher and experiment Shared file system, etc. Events Control hooks Failure management model

8 DFA System Architecture Experiment Creation Tool Federator Testbeds Experiment Creation Tool Experiment Creation Tool Testbed Properties Experiment Requirements Experiment Topology CEDL “Assembly Code” Standard Experiment Representation Experiment Decomposition Tools Testbed Properties

9 CEDL Canonical Experiment Description Language Standard Experiment Representation - “Assembly Code” Output of all tools / input to Federator Expressiveness (today): Core semantics: Logical {nodes, links, elements} topology (Emulab/ns2)‏ Annotations: Logical attributes - eg, node type Type information: router, switch, etc. Physical selection: map to specific instance Physical attributes “Escapes” to allow physical configuration of hardware CEDL is related to one form/use of “RSpecs”

10 DFA Access Control Architecture (Today) Based on single-Emulab model: Projects control resource access User's project membership determines access DETER federation architecture - three level model: Users, projects, testbeds have global names Federants honor accesses based on: Proof of name Attested facts (evaluated wrt name)‏ Local information bound to name Once accepted, federants assign accepted sub-experiments to local projects for resource control

11 TIED

12 Philosophical Diversion “MREFC GENI” One Testbed to Rule Them All “FlexiGENI” Still One, but Fun “Common Standards, Many Uses” “Managed GENI”“Peer to Peer GENI” Analogy with IP protocols: One protocol family, many network types Public Internet, Managed Enterprise, Home, …. …that differ in many dimensions: operational, security, performance, … requirements 2006 2008 ????

13 Authorization for Dynamic Federated Testbed Environments (With Steve Schwab, SPARTA) Decentralized, collaborative/competitive environment. Alliances form/break frequently Semantics appropriate for testbed federation Explicit, visible decision making Corollary: clear auditing and understanding Multiple trust models, independent of mechanism Examples: Hierarchical PKI, PGP web of trust, etc. Minimize unnecessary communication For disconnected operation Control and limit revelation of info (credentials, etc.) Corollary: potential multi-step negotiation

14 Attribute Based AC We build on Attribute-Based Access Control Work by Winsborough, Li, Mitchell, others in turn Basic model: Principals In our work, user’s identity established by local authority’s local means - Kerberos, certs, passwords, … Principals have attributes Established by digitally signed credentials… … through which credential issuers assert judgments about the attributes of principals Expressed in a formal language Attributes and Rules drive a reasoning engine Authorization decisions are based on applying rules to attributes of the requestor

15 Expressivity Decentralized attributes: “University Registrar says Dan is a full time student” Delegation of attribute authority “University delegates to its Registrar the determination of who is a full time student” Inference of attributes “University considers a student to be full time if s/he is [has the attribute of] a PhD candidate” Attribute-based delegation of attribute authority Delegate to strangers who’s trustworthiness is determined based on their own attributes. Key to scalability. “University delegates to the graduate officers of all departments the authority to determine who is PhD candidate” Words from “Toward Practical Automated Trust Negotiation”, W. Winsborough and N. Li, IEEE 3 rd Int’l. Workshop on Policies for Distributed Systems and Networks

16 Details.. Today DETER accessible as an Emulab Federation (DFA) in use across DETER, demo’d with Emulab and WAIL SEER in use as a low-level user interface GUI Basic DFA authorization is not ABAC- based 6 months DFA available for Emulab/GENI slice based experiments Internal ABAC prototype 1 Year Control system based on DFA and ABAC available Federation with DETER facility available through GENI interfaces SEER available as experiment management tool Interconnect with national DCNs

17 Technical Elements

18 Model Two-stage approach: Unconstrained malware / experiment behavior Constrained malware / experiment behavior Assured / constrained external behavior Malware / Experiment behavior constraint transform: T1 Testbed behavior constraint transform: T2 “Experiment Containment”  Risky Experiment Management Classical Formulation Focus on isolation De facto emphasis of earlier testbed work No bad stuff Bad stuff Containment Boundary More accurate formulation Key issue: Not “isolation and containment” but “understanding and assurance” World Experiment Controlled interaction with outside environmen t Experiment Control Observation and monitoring Behavioral composition model: External behavior == T2(T1(experiment))‏

19 Experiment Methodology and The SEER Facility Experimenters select from a palette of predefined elements: Topology, Background and Attack Traffic, and Packet Capture and Instrumentation Methodology Engine frames standard, systematic questions that guide an experimenter in selecting and combining the right elements Experiment Automation increases repeatability and efficiency by managing the experiment within the DETER testbed environment PALETTES METHODOLOGY & GUIDANCE EXPERIMENT AUTOMATION TOPOLOGY TRAFFIC ATTACK DATA-CAPTURE ?

Download ppt "TIED: A Cluster of One. TIED: Trial Integration Environment DETER The DETER folks: Terry Benzel, Bob Braden, Ted Faber, John Hickey, Alefiya Hussain,"

Similar presentations

TIED: A Cluster of One TIED: Trial Integration Environment DETER built on.

TIED: A Cluster of One TIED: Trial Integration Environment DETER built on.
This work was supported by the TRUST Center (NSF award number CCF-0424422) 1. Setting up experiment on DETER testbed a)Created twelve pc backbone nodes.

This work was supported by the TRUST Center (NSF award number CCF ) 1. Setting up experiment on DETER testbed a)Created twelve pc backbone nodes.
Software Modeling SWE5441 Lecture 3 Eng. Mohammed Timraz

Software Modeling SWE5441 Lecture 3 Eng. Mohammed Timraz
The Challenges of Repeatable Experiment Archiving – Lessons from DETER Stephen Schwab SPARTA, Inc. d.b.a. Cobham Analytic Solutions May 25, 2010.

The Challenges of Repeatable Experiment Archiving – Lessons from DETER Stephen Schwab SPARTA, Inc. d.b.a. Cobham Analytic Solutions May 25, 2010.
Design Deployment and Use of the DETER Testbed Terry Benzel, Robert Braden, Dongho Kim, Clifford Informatino Sciences Institute 2008. 10. 22.

Design Deployment and Use of the DETER Testbed Terry Benzel, Robert Braden, Dongho Kim, Clifford Informatino Sciences Institute
Information Sciences Institute Internet and Networked Systems Managing Security Policies for Federated Cyberinfrastructure Stephen Schwab, John Wroclawski.

Information Sciences Institute Internet and Networked Systems Managing Security Policies for Federated Cyberinfrastructure Stephen Schwab, John Wroclawski.
Presented by: Thabet Kacem Spring 2010. Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.

Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
Research topics Semantic Web - Spring 2007 Computer Engineering Department Sharif University of Technology.

Research topics Semantic Web - Spring 2007 Computer Engineering Department Sharif University of Technology.
1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson

1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson
1 DETER Community Meeting January 31 – February 1 Terry V. Benzel Information Sciences Institute University of Southern California.

1 DETER Community Meeting January 31 – February 1 Terry V. Benzel Information Sciences Institute University of Southern California.
1 GENI: Global Environment for Network Innovations Jennifer Rexford Princeton University

1 GENI: Global Environment for Network Innovations Jennifer Rexford Princeton University
1 GENI: Global Environment for Network Innovations Jennifer Rexford On behalf of Allison Mankin (NSF)

1 GENI: Global Environment for Network Innovations Jennifer Rexford On behalf of Allison Mankin (NSF)
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Unified Modeling (Part I) Overview of UML & Modeling

Unified Modeling (Part I) Overview of UML & Modeling
Architectural Design Principles. Outline  Architectural level of design The design of the system in terms of components and connectors and their arrangements.

Architectural Design Principles. Outline  Architectural level of design The design of the system in terms of components and connectors and their arrangements.
Nov. 14, 2007 Systems Engineering ä System ä A set or arrangement of things so related as to form a unity or organic whole. ä A set of facts, principles,

Nov. 14, 2007 Systems Engineering ä System ä A set or arrangement of things so related as to form a unity or organic whole. ä A set of facts, principles,
1 Objective of today’s lesson S oftware engineering occurs as a consequence of a process called system engineering. Instead of concentrating solely on.

1 Objective of today’s lesson S oftware engineering occurs as a consequence of a process called system engineering. Instead of concentrating solely on.
Course Instructor: Aisha Azeem

Course Instructor: Aisha Azeem
Chapter 10: Architectural Design

Chapter 10: Architectural Design

Similar presentations

Ads by Google