Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Published byAlfred Cobb Modified over 8 years ago

Similar presentations

Presentation on theme: "Securing Legacy Software SoBeNet User group meeting 25/06/2004."— Presentation transcript:

1 Securing Legacy Software SoBeNet User group meeting 25/06/2004

2 Objectives Existing applications are enabled to operate in a networked environment Adapter Suites Application Platform Suites (J2EE,.NET,…) Application Servers Enterprise Portals Integration Suites Message-Oriented Middleware Object-Request Brokers Transaction Processing Monitors  Preserve Security Level  Compliance with Security Standards and regulations  Manageable

3 Ubizen – trusted partner in IT Security Ubizen has a vast experience in Application Security Via a highly qualified consultancy team Risk Management, Security Policies, Procedures and Standards Architecture Review and Infrastructure design Penetration testing Application Vulnerability Assessment Implementation of best of breed security products Via product development AAA products Web Shielding (DMZ/Shield TM ) Proven Track record in IT Security Top-3 Managed Security Service Provider World-wide Number 1 in Europe > 3200 devices under management Incident Response Forensics Investigation

4 Three research tracks for securing existing applications Protect all access paths to and from the application Interception and validation of the communication between components,modules and systems Shielding components, module and systems from malicious traffic Apply automatic protocol security Moving to a more formal model for protocol description and automatic application of protocol security at different layers of the stack. Monitoring and managing Introduction of security infrastructure is only the first step… Keeping it properly configured and monitored 24 by 7 by experienced security experts is the second.

5 MULTI LAYER approach to Application Security Deep Packet Inspection Protection at the network layer Protection at the transport layer Protection at the application layer Defense in depth Perimeter Demilitarized Zone  Transactional Zone Multi-tier architecture Coordination of Security Information between # tiers (e.g. SAML) Protection of end points Not all layers on the #tiers are under control (e.g. OS, Language execution environment, App Server)  Introduction of HIDS, Policy Compliance Modules,…

6 Deep Packet Inspection Security Context and Coordination Defense In Depth 2 dimensional multi layer approach 1 2 3 4 5 6 7 GUI Deep Packet Inspection 1 2 3 4 5 6 7 Presentation Logic Deep Packet Inspection 1 2 3 4 5 6 7 Business Logic Deep Packet Inspection 1 2 3 4 5 6 7 Data Access Deep Packet Inspection 1 2 3 4 5 6 7 Data Layer

7 In practice … Deep Packet Inspection Security Context and Coordination Defense In Depth 1 2 3 4 5 6 7 GUI Deep Packet Inspection 1 2 3 4 5 6 7 Presentation Logic Deep Packet Inspection 1 2 3 4 5 6 7 Business Logic Deep Packet Inspection 1 2 3 4 5 6 7 Data Access Deep Packet Inspection 1 2 3 4 5 6 7 Data Layer

8 Interception and Shielding in SoBeNet Deep Packet Inspection Security Context and Coordination Defense In Depth 1 2 3 4 5 6 7 GUI Deep Packet Inspection 1 2 3 4 5 6 7 Presentation Logic Deep Packet Inspection 1 2 3 4 5 6 7 Business Logic Deep Packet Inspection 1 2 3 4 5 6 7 Data Access Deep Packet Inspection 1 2 3 4 5 6 7 Data Layer

9 Interception Techniques Centralized applications Interception of method invocations/library calls/system calls  System based interception and shielding Distributed or multi-tier applications Interception of traffic using standard internet protocols Interception of Remote Method Invocations  Network based interception and shielding

10 System based interception Interception at the Operating System Level Plug-able services of the OS (e.g. network or file io) Host Intrusion Detection and Prevention Systems work at this level Library Level Dynamical loaded libraries can be replaced with more secure versions Language Runtime Support E.g. Load time modification of binary code Validation of pre and post conditions Audit-ability and forensics Application Platform Suite J2EE container services and components Microsoft.NET services and components

11 Network based interception Proxy Architectures… Asymmetric Proxy (protocol encapsulates proxy support), no modification of client software Reverse Proxy Symmetric Proxy (general applicable but has influence on client software) Transparency Link, network, transport level Application Protocol level (e.g. HTTP,…) User Application level

12 Fall back on industry adapted standards Scope definition for maximum valorization of the results? Target is “Protecting” Legacy Applications … … but these are built on evolving components Web Application  HTTP Firewalls Service Oriented Architectures  XML Firewalls Application Platform Suites  J2EE,.NET

13 Internet Application Protocols … The most important internet protocols were never designed with security in mind RFC’s describing the protocols allow often ambiguous interpretation  Vendors choose for interoperability instead of security Most applications use only a small part of the protocol definition … and vulnerabilities are often in the non- used protocol functionality

14 User Application Protocols … Communication protocols at application level are rarely specified, nor formalized User Application protocols get less attention because they are typically used once for a specific application User Application protocols are more complex because of their dependency of a (huge) internal state  combinatorial explosion of cases

15 Automatic protocol security Protocol = set of rules between communicating parties SequenceForm and content Formalization (Strong Typing, XML Schema,…) Formalization (State Charts, Sequence and Collaboration Diagrams, …) SANITY Checking Shields 4 of the Top 10 Vulnerabilities in application

16 Manageability and Monitoring Keeping the configuration up to date Default Deny Policy Automatic Learning of normal behavior Configuration automation  policy proposals Monitoring of all the alerts triggered by the devices Correlation of events from security components Coordination and exchange of security state between devices reduces the false positives Anomaly detection Audit Trail What information is required for Forensics Performance Management

17 www.ubizen.com

Download ppt "Securing Legacy Software SoBeNet User group meeting 25/06/2004."

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
® Context Aware Firewall Policies Ravi Sahita Priya Rajagopal, Pankaj Parmar Intel Corp. June 8 th 2004 IEEE Policy (Security)

® Context Aware Firewall Policies Ravi Sahita Priya Rajagopal, Pankaj Parmar Intel Corp. June 8 th 2004 IEEE Policy (Security)
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Middleware Fatemeh Hendijanifard 1 آزمايشگاه سيستم هاي هوشمند (http://ce.aut.ac.ir/islab)

Middleware Fatemeh Hendijanifard 1 آزمايشگاه سيستم هاي هوشمند (
02/12/00 E-Business Architecture

02/12/00 E-Business Architecture
eGovernance Under guidance of Dr. P.V. Kamesam IBM Research Lab New Delhi Ashish Gupta 3 rd Year B.Tech, Computer Science and Engg. IIT Delhi.

eGovernance Under guidance of Dr. P.V. Kamesam IBM Research Lab New Delhi Ashish Gupta 3 rd Year B.Tech, Computer Science and Engg. IIT Delhi.
The Architecture of Transaction Processing Systems

The Architecture of Transaction Processing Systems
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Intrusion Detection System Marmagna Desai [ 520 Presentation]

Intrusion Detection System Marmagna Desai [ 520 Presentation]
Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.

Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.
.NET, and Service Gateways Group members: Andre Tran, Priyanka Gangishetty, Irena Mao, Wileen Chiu.

.NET, and Service Gateways Group members: Andre Tran, Priyanka Gangishetty, Irena Mao, Wileen Chiu.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.

© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.
Securing Internet Applications SoBeNet User group meeting 08/10/2004.

Securing Internet Applications SoBeNet User group meeting 08/10/2004.

Similar presentations

Ads by Google