Intrusion Tolerant Software Architectures Bruno Dutertre, Valentin Crettaz, Victoria Stavridou System Design Laboratory, SRI International

Slides:



Advertisements
Similar presentations
AUTHENTICATION AND KEY DISTRIBUTION
Advertisements

Network Security: Lab#2 J. H. Wang Apr. 28, 2011.
CSC 774 Advanced Network Security
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
Pond The OceanStore Prototype. Pond -- Dennis Geels -- January 2003 Talk Outline System overview Implementation status Results from FAST paper Conclusion.
Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.
1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.
12/2/2003chow1 Network and System Support for Multi-Level Security C. Edward Chow Department of Computer Science University of Colorado At Colorado Springs.
Principles of Information Security, 2nd edition1 Cryptography.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
FIT3105 Smart card based authentication and identity management Lecture 4.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Cryptography Basic (cont)
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
A Secure Network Access Protocol (SNAP) A. F. Al Shahri, D. G. Smith and J. M. Irvine Proceedings of the Eighth IEEE International Symposium on Computers.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
On-The-Fly Verification of Rateless Erasure Codes Max Krohn (MIT CSAIL) Michael Freedman and David Mazières (NYU)
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Building an Application Server for Home Network based on Android Platform Yi-hsien Liao Supervised by : Dr. Chao-huang Wei Department of Electrical Engineering.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
SSH Secure Login Connections over the Internet
Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
JMS Compliance in NaradaBrokering Shrideep Pallickara, Geoffrey Fox Community Grid Computing Laboratory Indiana University.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
MASY: Management of Secret keYs in Mobile Federated Wireless Sensor Networks Jef Maerien IBBT DistriNet Research Group Department of Computer Science Katholieke.
Securing Every Bit: Authenticated Broadcast in Wireless Networks Dan Alistarh, Seth Gilbert, Rachid Guerraoui, Zarko Milosevic, and Calvin Newport.
Pond: the OceanStore Prototype Sean Rhea, Patric Eaton, Dennis Gells, Hakim Weatherspoon, Ben Zhao, and John Kubiatowicz University of California, Berkeley.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.
Peer to Peer Applications in Ad hoc Networks Author: Jesús Hijas Networking Laboratory Helsinki University of Technology Supervisor:
TRIGON BASED AUTHENTICATION, AUTHORIZATION AND DISTRIBUTION OF ENCRYPTED KEYS WITH GLOBUS MIDDLEWARE Anitha Kumari K 08MW01 II ME – Software Engineering.
A Transport Framework for Distributed Brokering Systems Shrideep Pallickara, Geoffrey Fox, John Yin, Gurhan Gunduz, Hongbin Liu, Ahmet Uyar, Mustafa Varank.
Case Study II: A Web Server CSCI 8710 September 30 th, 2008.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Hao Yang, Fan Ye, Yuan Yuan, Songwu Lu, William Arbaugh (UCLA, IBM, U. Maryland) MobiHoc 2005 Toward Resilient Security in Wireless Sensor Networks.
Heavy and lightweight dynamic network services: challenges and experiments for designing intelligent solutions in evolvable next generation networks Laurent.
Strong Security for Distributed File Systems Group A3 Ka Hou Wong Jahanzeb Faizan Jonathan Sippel.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Roh, Yohan October.
Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.
1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST PI Meeting January 29, 2003.
Intrusion Tolerant Software Architectures Bruno Dutertre and Hassen Saïdi System Design Laboratory, SRI International OASIS PI Meeting.
Rehab AlFallaj.  OSI Model : Open system Interconnection.  is a conceptual model that characterizes and standardizes the internal functions of a communication.
Lecture 2: Introduction to Cryptography
Agent Based Transaction System CS790: Dr. Bruce Land Sanish Mondkar Sandeep Chakravarty.
1 My Dream of Jini Fabio Kon Jalal Al-Muhtadi Roy Campbell M. Dennis Mickunas Department of Computer Science University of Illinois at.
Network Security Celia Li Computer Science and Engineering York University.
International Conference Security in Pervasive Computing(SPC’06) MMC Lab. 임동혁.
Network Security: Lab#2 J. H. Wang Oct. 9, Objectives To learn to use message digests –MD5 To learn to use secure hash functions –SHA-1, SHA-2 To.
Cluster Computers. Introduction Cluster computing –Standard PCs or workstations connected by a fast network –Good price/performance ratio –Exploit existing.
Security of the Internet of Things: perspectives and challenges
Cryptography CSS 329 Lecture 13:SSL.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Virtual Private Networks
Intrusion Tolerant Architectures
Intrusion Tolerance for NEST
CT1303 LAN Rehab AlFallaj.
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Presentation transcript:

Intrusion Tolerant Software Architectures Bruno Dutertre, Valentin Crettaz, Victoria Stavridou System Design Laboratory, SRI International OASIS PI Meeting Hilton Head, SC March 13, 2002

2 2 Outline t Status t Intrusion-tolerant Enclaves Software architecture Cryptographic Protocols Tests and performance t Prototype Wireless Enclaves Implementation issues Security issues Future work t Conclusion

3 3 Status t Architecture refinement and transformation for intrusion-tolerant systems Study of transformations that preserve noninterference properties t Security analysis of GENOA/CrisisNet (Eric Monteith, NAI Labs) Intrusion-tolerant CrisisNet (under way) t Intrusion-tolerant Enclaves Implementation and experiments Wireless prototype

4 4 Enclaves t Originally proposed by Li Gong (1996) as lightweight software for supporting secure group collaboration t Middleware for building secure groupware applications Support collaboration between human users For small to medium groups t Provides means to construct and maintain a secure multicast channel between group members Protocols to authenticate and accept new members Crypto for secrecy and integrity of communication Group and key management services

5 5 Enclaves in 2000 and Before t Centralized Architecture t A single leader in charge of Authentication Group and Key Management t Several Versions : Prototypes 2000: More robust protocols for increased security, new implementation in Java Leader Member

6 6 Intrusion-Tolerant Enclaves t Intrusion tolerance: Group management performed by N distributed leaders Tolerate failure of up to f leaders (provided 3f < N) t Technology Byzantine fault-tolerant coordination protocol Threshold cryptography (secret sharing) for group key management Standard crypto for group communication

7 7 Group Key Share Generation t Leader secret: t Public values: t Share: t Validity proof: Based on Cachin, Kursawe, and Shoup, 2000

8 8 Implementation t Java-based (SDK 1.3.1) t Uses Cryptix 3.2 libraries + our implementation of the secret sharing protocol t Applications incorporated via a “plug in” mechanism t Code size: 10,000 lines of code Byte code Leader: 196 Kb Client: 342 Kb

9 9 Existing Applications Four Basic Plugins: Whiteboad, Chat, File transfer, Streaming Audio

10 Performance Issues t Leader coordination protocol: N digitally signed messages per user t Group key management Each leader generates a key share + a proof of validity Member gets at least f+1 shares, checks their validity, and constructs the group key from f+1 valid shares Computation based on exponentiation modulo a large number p: Share generation: 3 exponentiations Checking validity: 4 exponentiations per share Building the key: f+1 exponentiations Intrusion-tolerant protocols require expensive crypto

11 Experiments t Test bed: 4 leaders on Pentium PCs (400 to 500MHz), Redhat Linux Clients on similar PCs Crypto: 512 bit DSA signatures Triple DES for symmetric-key encryption Length of a share: 128, 512, or 1024 bits t Measure: Signature generation/verification times Share generation time for a leader Share verification and group key construction for a client Encryption of group communication for different size of messages

12 Results t Digital Signatures (DSA-512 bits) Generation: ms Verification: 30 ms t Encryption of messages: t Reasonable performance for a Java implementation t Existing C libraries do far better (e.g., openssl does more than 300 DSA-512 signatures per seconds on the same machine) Message Size1K10K50K Encryption time30-40 ms ms ms

13 Results (cont’d) t Secret sharing and group key generation Share size128 bits512 bits1024 bits Share generation3 -7 ms ms ms Share verification ms ms ms Key construction ms ms ms Total connection time ( client on a 500MHz PIII) s s s

14 Performance Assessment t Performance with current implementation Connection time slow but still reasonable for human users Other operations are fast enough: encryption of small messages t Possible optimizations : Replace digital signatures with MACs, using point-to-point communication between leaders Other optimizations possible to reduce signature overhead t Secret sharing algorithm will remain the bottleneck Possible improvement: native code

15 Wireless Enclaves Prototype t Port of Enclaves to IPAq: IPAq 3760: StrongARM 206MHz 64MB RAM + 34 MB ROM Linux OS Blackdown JAVA: 16MB t Wireless protocols: (ad hoc network) TBRPF routing protocol (SRI ITAD) TBRPF-specific implementation of IP multicast t Demo application: shared map + whiteboard

16 Performance issues t Crypto: Acceptable performance only with share length = 128 bits With share length = 512 bits, connection time is more than 1 minute Most likely explanation: no just-in-time compilation in the JVM t Solution: Native-code implementation of the secret sharing algorithm (under way) t Java : Big footprint for the IPAq: Blackdown JRE: 11 Mbytes + core libraries: 5 Mbytes

17 Security Issues t TBRPF has no security Assumes all nodes are trustworthy Deals only with link failures That’s a common problem with most ad hoc routing protocols t Enclaves architecture not designed for ad hoc networks: Server based (fixed set of leaders, known in advance) Clients need to maintain connectivity with at least 2f+1 leaders t Future work: Remove need for prespecified fixed leaders Improve security and reliability of the underlying wireless protocols

18 Conclusion t Prototype shows feasibility of intrusion-tolerant Enclaves despite heavy secret sharing algorithm t Future work: Enclaves security validation (including formal verification) Improved implementation Relation with architecture refinement ideas t Wireless Enclaves: Requires new architecture Requires work on security of wireless protocols

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.