1 Welcome Hans Andersson Der Yao Leong Yee Jiun Song Wendy Tobagus Yang Bei Sherif Yousef.

Slides:

Advertisements

Similar presentations

Accelerating The Application Lifecycle. DEPLOY DEFINE DESIGN TEST DEVELOP CHANGE MANAGEMENT Application Lifecycle Management #1 in Java Meta, Giga, Gartner.

Advertisements

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Data Management Expert Panel - WP2. WP2 Overview.

Document Management System Proposal. Project Vision To improve communication, collaboration and efficiency within Horizon School Division.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Chapter 6 Security Kernels.

Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.

Midterm Presentation. iSecurity Project Team Presentation Contents Background Goal Project work breakdown The work so far Future targets User Perspective.

Technical Brief v1.0. Communication tools that broadcast visual content directly onto the screens of computers, using multiple channels and formats Easy.

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Maintaining and Updating Windows Server 2008

Understanding Active Directory

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Winter Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

Microsoft ® Official Course Module 9 Configuring Applications.

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

JWST Integrated Modeling Environment James Webb Space Telescope.

SOA, BPM, BPEL, jBPM.

1 Week #7 Network Access Protection Overview of Network Access Protection How NAP Works Configuring NAP Monitoring and Troubleshooting NAP.

Balancing Zero-Admin and Incremental Integration in Real-World Ubicomp Environments Andy Szybalski Adviser: Armando Fox 25 May 2004.

11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.

C Copyright © 2009, Oracle. All rights reserved. Appendix C: Service-Oriented Architectures.

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

RUP Implementation and Testing

Implementing Network Access Protection

ANSTO E-Science workshop Romain Quilici University of Sydney CIMA CIMA Instrument Remote Control Instrument Remote Control Integration with GridSphere.

Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.

Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.

Engineering Essential Characteristics Security Engineering Process Overview.

Portfolio Presentation – Forgent Suite of Products Wendy Spies Senior User Interface Designer

NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.

Configuring Network Access Protection

ABone Architecture and Operation ABCd — ABone Control Daemon Server for remote EE management On-demand EE initiation and termination Automatic EE restart.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

ECI – electronic Commerce Infrastructure “ An application to the Shares Market ” Demetris Zeinalipour ( Melinos Kyriacou

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Symphony A Java-Based Composition and Manipulation Framework for Computational Grids Dennis Kafura Markus Lorch This work is supported by the Virginia.

Lesson 12: Configuring Remote Management

Afresco Overview Document management and share

Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.

Module 10: Implementing Administrative Templates and Audit Policy.

Welcome. Welcome to this TechNet Event URL for on-line feedback is in your reminder No Planned Fire Drills Please turn your Mobile Phones off To.

E-Science Security Roadmap Grid Security Task Force From original presentation by Howard Chivers, University of York Brief content:  Seek feedback on.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

Securing Web Applications Lesson 4B / Slide 1 of 34 J2EE Web Components Pre-assessment Questions 1. Identify the correct return type returned by the doStartTag()

Introduction Web analysis includes the study of users’ behavior on the web Traffic analysis – Usage analysis Behavior at particular website or across.

Maintaining and Updating Windows Server 2008 Lesson 8.

Store and exchange data with colleagues and team Synchronize multiple versions of data Ensure automatic desktop synchronization of large files B2DROP is.

Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.

 1- Definition  2- Helpdesk  3- Asset management  4- Analytics  5- Tools.

AMHS (ATS Message Handling System)

PLM, Document and Workflow Management

Architecture Concept Documents

Implementing Network Access Protection

Joseph JaJa, Mike Smorul, and Sangchul Song

Welcome To : Group 1 VC Presentation

IS4680 Security Auditing for Compliance

Greta Mameniskyte IV course 3rd group

DEPLOYING SECURITY CONFIGURATION

PLANNING A SECURE BASELINE INSTALLATION

Presentation transcript:

1 Welcome Hans Andersson Der Yao Leong Yee Jiun Song Wendy Tobagus Yang Bei Sherif Yousef

2 iSecurity Project Team

3 Overview Background Background Vision and Goals Accomplishments Future Work Summary

4 Background iSecurity Project – Joint project between KTH and Stanford University – Security in an interactive environment iSpace project – To create an international network of usable augmented environments for collaborative, project-driven learning and working iRoom & iLoungeiLounge

5 Motivation The iSpace project was conceived in an academic environment Security issues have not been a high priority However, security is essential for widespread deployment

6 Video

7 Security Requirements Security is a very important issue in Interactive Workspaces Our security system ensures privacy and integrity Convenience, customizability, accessibility and accountability are also ensured by our security system

8 Overview Background Vision and Goals Vision and Goals Accomplishments Future Work Summary

9 Vision and Goals Our vision is to deliver a non-intrusive and robust security system for interactive environments Social model Technically feasible system design Implementation Auditing tools Testing and evaluation

10 Overview Background Vision and Goals Accomplishments Accomplishments Future Work Summary

11 Accomplishments Social Model Technical Design Implementation Auditing and Logging Tools Evaluation

12 Social Model Specify the nature of security in Interactive workspaces Enumerate the objectives of the model Define the mechanisms by which these objectives are accomplished.

13 Ubicomp Security Transparent, open and dynamic environment – Users and devices interacting spontaneously and in an ad hoc fashion Different security concerns compared to traditional computer environment

14 Social Model Objectives Integrity Privacy Availability Accountability Customizability Convenience

15 Security Mechanisms Gatekeeper Trust Groups – Implicit Trust Groups – Explicit Trust Groups Security Policy Definition – Permissions – Owners – Delegation Authentication Privacy Guarantee Enforcement

16 Technical Design Map the ideas of the social model into a technical design that can be implemented Specify the parts of the system and how they interact with each other Specify authentication and security mechanisms Clear system and interface specifications, to allow application design to proceed concurrently

17 Secure Event Heap A new secure Event Heap, built on top of the existing event heap server Users are required to log into the system All events are checked by the security module before they are sent or received All events can be traced back to a particular user Programmatic support for the development of secure applications

18 System Architecture Event Heap

19 Implementation Implemented our design using Java SSL and crypto packages, and added security checking elements into Event Heap Achieved: – Backwards compatibility – Secure communication – Permission management iRoom now uses the secure version of Event Heap – all original applications run fine No major problem

20 Auditing and Logging Tools Administrator should have the option of logging all activity Provides traceability of security breaches Adapted a logging tool originally written by Andy Szybalski Allows recording as well as browsing of logs, also provides filtering capabilities

21 Logging Tool

22 Sample Applications iPaint – Allows the sharing of a virtual whiteboard – All authenticated users can draw on it Secure File Share – Allows the sharing of files – Three kinds of permissions (list, download, upload)

23 iPaint

24 Secure File Share

25 Permission Manager

26 Evaluation No detailed evaluation with real users Internal evaluation Useful security system that is easy to use More studies will be needed to determine if our system fully meet users’ needs

27 Overview Background Vision and Goals Accomplishments Future Work Future Work Summary

28 Future Work Performance improvement Flow Control Graphical User Interface Automatic monitoring and log-analysis tools

29 Overview Background Vision and Goals Accomplishments Future Work Summary Summary

30 Summary iSpace infrastructure lacks security Ubicomp security issues are unique Our iSecurity system provides a non- intrusive, robust security system for users System provides strong privacy and integrity guarantees for users Rich area for future research work

31 Questions For further information about this project please visit our homepage: