An Interdisciplinary Approach to Grid Security P Y A Ryan School of Computing Science University of Newcastle.

Slides:

Advertisements

Similar presentations

Intelligence Step 5 - Capacity Analysis Capacity Analysis Without capacity, the most innovative and brilliant interventions will not be implemented, wont.

Advertisements

Operating System Security

Ch:8 Design Concepts S.W Design should have following quality attribute: Functionality Usability Reliability Performance Supportability (extensibility,

Chapter 1  Introduction 1 Chapter 1: Introduction.

Ethics, Privacy and Information Security

Teaching Diversity Through Inclusive Design Case Studies L. Goldberg, E. Jolly, J.P. Mellor, B. Moeller, M. Rothberg, R. Stamper, and M. Wollowski Rose-Hulman.

Systems Engineering in a System of Systems Context

1 An Overview of Computer Security computer security.

July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

System Engineering Instructor: Dr. Jerry Gao. System Engineering Jerry Gao, Ph.D. Jan System Engineering Hierarchy - System Modeling - Information.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 2 Slide 1 Systems engineering 1.

Author: Andy Reedftp://topsurf.co.uk/reed FdSc IT/Computer Networking & IT(e-commerce) Communications Network Management An Introduction to Security.

Upstream Prerequisites

SEC835 Database and Web application security Information Security Architecture.

Mixed commercialized health systems: the implications for regulation and stewardship HPF Hub Technical Review meeting Krishna Hort : Monday 10 October.

DIRC PA6: Security and Privacy in Computer-Based Systems Peter Ryan School of Computing Science University of Newcastle

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Developing a ‘Bench to Bedside’ Commercial Collaboration Jo Chambers.

Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.

Switch off your Mobiles Phones or Change Profile to Silent Mode.

Computer Science and Engineering 1 Service-Oriented Architecture Security 2.

Workshop on Programming in support of Anti-Corruption Agencies Bratislava, 30 June - 1 July 2009 A methodology for capacity assessment of AC agencies:

Lecture 9: Chapter 9 Architectural Design

IST 2006 – 22/11/2006 Aljosa Pasic Atos Origin Security, Dependability and Trust in Service Infrastructures.

CPSC 871 John D. McGregor Module 6 Session 3 System of Systems.

1 NGO Management Lesson 4 Capacity Building for Not-Profit Organizations for Development.

An Environmental Scan for Data Services Trends that are shaping today’s environment for data services.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

E-Science Projects and Security M. Angela Sasse & Mike Surridge.

Protection Models Yeong-Tay Timothy Sun September 27, Dennis Kafura – CS5204 – Operating Systems.

Chapter 6: Integrity Policies  Overview  Requirements  Biba’s models  Clark-Wilson model Introduction to Computer Security ©2004 Matt Bishop.

Supporting education and research Security and Authentication for the Grid Alan Robiette, JISC Development Group.

Session 6: Summary of Discussion A. Institutional Barriers and Potential Solutions 1. Natural environment does not have national or institutional boundaries,

SEEK Welcome Malcolm Atkinson Director 12 th May 2004.

Security Vulnerabilities Linda Cornwall, GridPP15, RAL, 11 th January 2006

14.1/21 Part 5: protection and security Protection mechanisms control access to a system by limiting the types of file access permitted to users. In addition,

SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,

HPC Centres and Strategies for Advancing Computational Science in Academic Institutions Organisers: Dan Katz – University of Chicago Gabrielle Allen –

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Living in a Network Centric World Network Fundamentals – Chapter 1.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Living in a Network Centric World Network Fundamentals – Chapter 1.

Dependable Healthcare Stuart Anderson Dependability Interdisciplinary Research Collaboration (DIRC) UK.

Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,

Introduction to Grids By: Fetahi Z. Wuhib [CSD2004-Team19]

Advanced CAMP: BoF Summaries. 2 Role-based Access Control (RBAC)

Academic Year 2014 Spring Academic Year 2014 Spring.

Cognitive Psychology What is cognitive psychology?

ASPEC Damaging Energies New Staff Induction What is this course about? This course is designed to talk through the major damaging energies on site. It.

Computer Security: Principles and Practice

EVIDENCE BASED POLICY RECOMMENDATIONS – TAKE AWAY LESSONS ON HOW TO PROGRESS EFFECTIVE ALCOHOL EDUCATION BETSY THOM Drug and Alcohol Research Centre MIDDLESEX.

Protection & Security Greg Bilodeau CS 5204 October 13, 2009.

E-Science Security Roadmap Grid Security Task Force From original presentation by Howard Chivers, University of York Brief content:  Seek feedback on.

IAEA International Atomic Energy Agency The Human and Organizational Part of Nuclear Safety Monica Haage – International Specialist on.

Chapter 13: Managing Groups and Teams Learning Objectives

Cyber in the Cloud & Network Enabling Offense and Defense Mark Odell April 28, 2015.

July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

Welcome Grids and Applied Language Theory Dave Berry Research Manager 16 th October 2003.

Version 4.0 Living in a Network Centric World Network Fundamentals – Chapter 1.

Dolly Dhamodiwala CEO, Business Beacon Management Consultants

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.

Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.

Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University

Information Security, Theory and Practice.

Data and database administration

Chapter 1: Introduction

Chapter 1: Introduction

Access Control What’s New?

Presentation transcript:

An Interdisciplinary Approach to Grid Security P Y A Ryan School of Computing Science University of Newcastle

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan DIRC Dependability Interdisciplinary Research Collaboration. 6 year (1st July, th June, 2006 ), EPSRC funded collaboration of 5 institutes: –City University, London. –Edinburgh –Lancaster –Newcastle –York

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Aims From the DIRC web page: “To address the dependability of computer- based systems. Dependability is a deliberately broad term to encompass many facets including reliability, security and availability. The term "computer-based systems" highlights the involvement of human participants. The interdisciplinary approach includes, for example, sociologists and psychologists as well as computer scientists and statisticians.”

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Key messages Security matters for Grid Security is challenging Needs to be addressed early Needs to be addressed in an interdisciplinary fashion Failures will occur. –Prevention is not enough. –=> need to develop effective detection, containment and recovery mechanisms, strategies. –Synergy between dependability/fault tolerance and security communities.

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Beyond the glass bead game… Most security vulnerabilities can be traced back to failures to take due account of human factors: –Weak passwords, post-its,… –Social engineering, –Poorly designed, non-intuitive interfaces, –Failures to patch promptly. However, most work hitherto has concentrated on purely technical challenges and issues. Notable exceptions: –Roger Needham –Ross Anderson –Angela Sasse –Doug Tygar –Avi Rubin –Kevin Mitnick ?!

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Goals, policies, rules Security goals are high-level requirements. Goals induce constraints (may include obligations, availability…) on the behaviour of components, including the humans. Typically need a mix of technical (crypto, access control,…) as well as legal, social enforcement mechanisms (audits, accountability,…). The conjunction of rules and mechanisms as the “security policy”.

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Security policy rules The policy and assumptions should entail the goals. Violation of rules does not necessarily entail a violation of the goals, e.g., use of weak passwords. Hazard states. Tendency to assume that everything can be technically enforced. Modelling and analysis tractable.

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Limits of technical enforcement Theoretical limits: –E.g., information flow (confidentiality, integrity) not enforceable. Pillow talk etc.. Envelope of what is technically enforced can be pushed out: –E.g., separation of duty –Least privilege –Forced complexity of passwords… In practice it may not be effective: –Inflexible –Unwieldy –Counterproductive (workarounds, post-its)

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Security culture Fully technically enforced security doesn’t seem feasible or desirable. May be counter-cultural, e.g., clinicians, bank managers…. Need to deal with exceptions, adaptation… User involvement in system security is essential. Security cultures-how do organisations instil and maintain a culture of security. –Grid theory. Need to be able to establish cost effective balance and mix of socio-technical mechanisms. Need to better understand, ideally to be able to model the various stakeholders.

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Modelling the users Mental models-how do humans construct mental models to interpret the behaviour of security mechanisms –“Why Johnny can’t encrypt” –Rushby style FSM models –Chaum experiments… Shaping factors- what influences peoples attitude and effectiveness: –Stress, fatigue –Risk perception, anticipated regret. –Least effort.

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Modelling the adversary Difference with dependability: accidental vs. malicious (intentional). Pure actuarial data not very useful. Traditionally fairly crude models: e.g., Dolev-Yao for security protocols. Really just rough models of capability. No motivation, risk perception, expertise, collusion etc. Can we do better, e.g., constraint approach. Game theory. Psychology of hackers. Hacker community.

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Detection and recovery Intrusion/failure detection. Difficulty in distinguishing normal, accidental and malicious. Define failure modes (vulnerabilities). Define recovery modes and strategies. Learning and adaptation.

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Boundaries, structure, abstraction… Recurring problem: where to draw the system boundaries, where to set the levels of abstraction. Security properties tend not to behave well under refinement and composition. Creating systems. Recovery systems. Legal redress, liability

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Challenges Establish minimal policy requirements (policy templates, meta-policies?) To what extent are security requirements uniform across grid projects? Data vs. compute grids. Similar to security requirements across other domains: military, commercial etc? is RBAC or maybe TBAC enough? Medical applications lead to richer info flow policies. How special is security really? Better understanding (models?) of the role of humans. Boundaries, levels of abstraction.

An Interdisciplinary Approach to Grid Security, NESC 25 November 2003 P Y A Ryan Ongoing DIRC work Security cultures-application of grid theory. GOLD: grid-enabled, virtual (dynamic) enterprises for the (UK) Pharmaceutical industry. Dependability/risk analysis of the Chaum voting scheme (DSN). Trials of Chaum-understanding, mental models, public trust etc. More (Grid) case studies welcome. DIRC potentially a useful resource.