SciDAC SSS Face-To-Face Erik P. DeBenedictis February 21, 2002 Sandia is a multi-program laboratory operated by Sandia Corporation, a Lockheed Martin Company,

Slides:



Advertisements
Similar presentations
Conclusion Kenneth Moreland Sandia National Laboratories Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company,
Advertisements

Sockets and Services CS-480b Dick Steflik. Evaluating Socket Based Services How complex is the service? How might the service be abused? What information.
Chapter 17: WEB COMPONENTS
Inter-Institutional Registration UNC Cause December 4, 2007.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
Secure Socket Layer.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
Component Interface Testing SciDAC Quarterly Report Argonne, IL William McLendon Ron Oldfield Sandia National Laboratories Sandia is a multiprogram laboratory.
Bookshelf.EXE - BX A dynamic version of Bookshelf –Automatic submission of algorithm implementations, data and benchmarks into database Distributed computing.
(4.4) Internet Protocols Layered approach to Internet Software 1.
Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.
HTML Form Processing Learning Web Design – Chapter 9, pp Squirrel Book – Chapter 11, pp
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
CS-3103 & CS-502, Summer 2006 Programming Project #31 Programming Project #3 Web Server CS-3103 & CS-502 Operating Systems.
Asynchronous Web Services Approach Enrique de Andrés Saiz.
Course 201 – Administration, Content Inspection and SSL VPN
INTRODUCTION TO WEB DATABASE PROGRAMMING
Introduction to InfoSec – Recitation 8 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Crystal Yellow Agile Software Methodology For ParaView Development Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin.
Introduction to InfoSec – Recitation 7 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Testing, Integration, Validation, and/or XML Erik DeBenedictis Sandia National Labs Sandia is a multiprogram laboratory operated by Sandia Corporation,
GDT V5 Web Services. GDT V5 Web Services Doug Evans and Detlef Lexut GDT 2008 International User Conference August 10 – 13  Lake Las Vegas, Nevada GDT.
Enabling Embedded Systems to access Internet Resources.
Scalable Systems Software Center Resource Management and Accounting Working Group Face-to-Face Meeting June 13-14, 2002.
Integrating with UCSF’s Shibboleth system
Internet Addresses. Universal Identifiers Universal Communication Service - Communication system which allows any host to communicate with any other host.
Web Services An introduction for eWiSACWIS May 2008.
WHAT IS A WEBSITE AND HOW TO GET YOUR BUSINESS ONLINE Anna Gabali – 30/07/ MKLC.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 OSI Transport Layer Network Fundamentals – Chapter 4.
CS4273: Distributed System Technologies and Programming Lecture 13: Review.
WS-Security Protocol Ramkumar Chandrasekharan CS 265.
Building Security into Your System Bill Major Gregory Ponto.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
System Security: Cryptography Technologies CPE Operating Systems
SciDAC SSS Quarterly Report Sandia Labs August 27, 2004 William McLendon Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed.
CH 25-Remote Login (TELNET,Rlogin)
LAMMPS Users’ Workshop
Erik P. DeBenedictis Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of.
October 10-11, 2002 Houston, Texas Erik DeBenedictis William McLendon Mike Carifio Sandia is a multiprogram laboratory operated by Sandia Corporation,
Field Trip #28 Securing a VNC Connection with Java By Keith Lynn.
SSS Validation and Testing September 11, 2003 Rockville, MD William McLendon Neil Pundit Erik DeBenedictis Sandia is a multiprogram laboratory operated.
PHP Secure Communications Web Technologies Computing Science Thompson Rivers University.
1 Java Servlets l Servlets : programs that run within the context of a server, analogous to applets that run within the context of a browser. l Used to.
What is a Servlet? Java Program that runs in a Java web server and conforms to the servlet api. A program that uses class library that decodes and encodes.
Shell Interface Shell Interface Functions Data. Graphical Interface Graphical Interface Command-line Interface Command-line Interface Experiments Private.
Front end (user interfaces) Facilitating the user‘s interaction with the SandS services and processes I. Mlakar, D. Ceric, A. Lipaj Valladolid, 17/12/2014.
ClearQuest XML Server with ClearCase Integration Northwest Rational User’s Group February 22, 2007 Frank Scholz Casey Stewart
Presentation Title 1 1/27/2016 Lucent Technologies - Proprietary Voice Interface On Wireless Applications Protocol A PDA Implementation Sherif Abdou Qiru.
Milestone 3 Ernie Costa Michael Daniels Lindsay Graham Erik Olson Dion St. Hilaire.
 authenticated transmission  secure tunnel over insecure public channel  host to host transmission is typical  service independent WHAT IS NEEDED?
Secure Transactions Chapter 17. The user's machine No control over security of user's machine –Might be in very insecure: library, school, &c. Users disable.
Web Services Essentials. What is a web service? web service: software functionality that can be invoked through the internet using common protocols like.
How to Use LINCWorks as a Wireless Repeater For additional help please contact: Paul Peterson
SciDAC SSS Quarterly Report Sandia Labs January 25, 2005 William McLendon Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
1 Chapter 1 INTRODUCTION TO WEB. 2 Objectives In this chapter, you will: Become familiar with the architecture of the World Wide Web Learn about communication.
SFS-HTTP: Securing the Web with Self-Certifying URLs
Secure Sockets Layer (SSL)
Final Presentation CIS 4911 Senior Project
Topic 5: Communication and the Internet
NetChat Communications Framework
Snippet Engine as a Database Server
Electronic Payment Security Technologies
Q/ Compare between HTTP & HTTPS? HTTP HTTPS
Presentation transcript:

SciDAC SSS Face-To-Face Erik P. DeBenedictis February 21, 2002 Sandia is a multi-program laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy under contract DE-AC04-94AL SciDAC SSS Secure Wire Protocol and Cplant Interface

XML & Browser Dual Mode –Accepts XML For machine-to- machine communications –Accepts HTML- Embedded XML For testing and human interaction GET /form?XML HTTP/1.0 XML

Secure Wire Protocol Client Private Key Server Private Key Client 1 Public Key Client 2 Public Key Encrypted Communications

Example

Technology Employed C++ OpenSSL –For security –128 bit encryption RC4 Certificates –Server –Client Stream XML parser –Wrote it ourselves –Doesn’t wait for close controversial UserID and Password –Server needs to log in as user before executing command –Not done now Security Plan –Can be written –Requires commitment –Unused modes of access get closed by Sandia security in spite of security plans

XML Process Launcher Receive an XML encoded command via a web form. Parse the XML to extract the command SSL Encryption adds security.

Sequence of Server Actions 1)User establishes a HTTPS connection with Server. 2)Server transmits a form with an XML command framework filled in. 3)User submits their command. 4)Server receives XML & Parses it. 5)Server walks the parse tree to determine appropriate action. 6)Server executes user request 7)Server transmits results to user via HTTPS connection.

Simplified Interaction Timeline User XML Web Server CPlant Web form submission execution raw result result formatted and returned via browser

What You See –XML A test schema –Encapsulated in HTML Input

What You See –Response to XML command –Encapsulated in HTML Not Done Yet –Parsing and encapsulating the result Output

Conclusions and Future Work Approach Works –Work devoted to C++, SSL, XML SAX parser paid off –Browser interface good Demos GUI to Cplant –For wimps who don’t want to do everything with telnet Future control console Need Commitment –I can write a security plan –But I will be asked “is it necessary” –If I say “SourceForge might work too” it won’t get approved –Need a mandate to proceed Should do doable in this case

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.