Presentation is loading. Please wait.

Presentation is loading. Please wait.

University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group Agile Objects: Component-based Inherent Survivability.

Published byNickolas Ford Modified over 8 years ago

Similar presentations

Presentation on theme: "University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group Agile Objects: Component-based Inherent Survivability."— Presentation transcript:

1 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group Agile Objects: Component-based Inherent Survivability Andrew A. Chien achien@cs.ucsd.eduachien@cs.ucsd.edu, UC San Diego Riccardo Bettati bettati@cs.tamu.edubettati@cs.tamu.edu, Texas A&M http://www-csag.ucsd.edu/projects/agileO.html AFRL F30602-9-1-0534 OASIS PI Meeting, August 19, 2002

2 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/20022 Outline Motivation and Goals Agile Objects Project Agile Objects Recent Progress »Naming Services »Application for DDoS Tolerance

3 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/20023 Context Static Distributed Software Architectures (nearly) »Fixed points of access, deployment, resource dependence System/Firewall/Sandbox/Domain based Security »Resource and containment oriented Security Architecture based on Anticipated Deployment Structures => Flexibility and reconfiguration to enhance survivability Our Focus: Flexible Configuration of Distributed C 3 I Systems (Real- time, High Performance, Mission-Critical Online systems) »E.g. Aegis Battle Cruiser, Theatre Command/Information system, etc. »High bandwidth networks, rich resource environment

4 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/20024 Agile Objects Middleware for survivable component based distributed applications »Large number of distributed components, extensive communication via RPC »Ex: large distributed Java or.NET application Survivability to distributed applications based on »High performance RPC; Configuration independent performance »Agile configuration changes in response to resource loss or compromise

5 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/20025 Elusive Applications, Rapid Reconfiguration Resource loss due to compromise, physical damage, or change in security status Rapid Change of Location and Interface, “Elusiveness” »reconfiguration to increase survivability in response to attacks »preserving real-time performance Nasty Virus Attack Elevated Security Barrier Change of Protocol and Change of Interface

6 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/20026 Technical Objectives Elusive Distributed Applications Location Elusiveness »Seamless boundary between Component and Distributed Object applications »Real-time framework allows performance transparent distributed reconfiguration »Replication supports fault tolerance, rapid reconfiguration, multi-version assurance and survivability Interface Elusiveness »Integrates security mechanisms with traditional object interface marshalling to achieve high performance –An adaptive security mechanism (there are many) »Adaptive security required with rapidly changing application configuration –=> also rapidly changing surrounding resource and security environment Transparent reconfiguration maintains performance and security properties »Incorporate software components without major effort Respond to critical Assurance and Survivability events fast (<< seconds) Respond to noisy intrusion information without negative impact

7 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/20027 Assumptions and Scope What threats/attacks is your project considering? »Any that lead to compromise of nodes, networks, services »esp. object/component interface based attacks What assumptions does your project make? »Applications are component-based »Only some resources are compromised; segregation possible »Some warning (could be noisy) => Low impact techniques to respond What policies can your project enforce? »Application configuration Level of compromise of resources –Reflect Infocon level or resource status fast »Many that drive reconfiguration, decouple reconfiguration from complex analysis and performance

8 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/20028 Challenges Location Elusiveness: Support rapid application mobility with »Performance insensitivity »Uniform resource access »Continuous real-time performance »=> make this possible for distributed applications Interface Elusiveness: Integrate data security with RPC »Support very high speed networks »Characterize EI interface configuration spaces and cost of data permutation approaches »High performance RPC on very high speed networks while protecting data

9 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/20029 Previous Results Location Elusiveness »Low-latency RPC system (40 microseconds; as fast as local) »Multi-DCOM Prototype;Transparent replication; high performance Realtor Real-time Allocation Framework »Analytic Grounding »Implements rapid allocation while enforcing Real-time guarantees »Proactive resource allocation Interface Elusiveness »Analysis of interface space for sample distributed applications –Simple systems, 10 6 – 10 16 configurations »Elusive Interfaces prototype and evaluation Tolerating a DDOS attack »Applying Agile Objects technology »Distributed Proxy Network »Back-end Agile Object Application

10 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200210 Recent Progress Completion implementation of Elusive Interfaces Complete implementation of Realtor RT Allocator Analytical Performance Requirements for Naming and Migration Modeling of Distributed Denial of Service Attack and Survivability Demonstration

11 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200211 AO Naming Performance Requirements High Performance RPC and Migration enable rapid application reconfiguration »Major costs: state movement, naming updates How fast do the naming services have to be? »Support “continuous execution” »Support enable acceptable portion of time for “real computation” Range of analysis, synthetic benchmarks »Derive performance requirements, tradeoffs »Determine acceptable naming services performance (dramatically higher) => later combine with application structure Object Migration Naming Update Name Lookup RPC Overhead Application Work Traditional System Agile Objects ? ?

12 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200212 How much work can a migrating application get done? Vary Call Frequency »# calls/migration Vary name server performance Vary Migration cost => both are critical to getting reasonable efficiencies Ex: 100 null calls/migration Lookup 10 mics, migration cost 100 mics »~25% efficiency => Need very fast name servers and significant work for AO to work well

13 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200213 How does migration cost affect efficiency? Fast migration directly enables distribution at a finer object granularity

14 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200214 How does naming lookup cost affect efficiency? Low lookup overhead is critical for achieving high efficiency High name lookup overhead prohibits flexible application distribution (and more components/application)

15 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200215 Naming Services Summary Low migration and RPC cost enable flexible deployment and application reconfiguration Use of migration for Location Elusiveness imposes stresses on the system »Naming lookup »Naming update => these services must be low-cost, scalable with ~10-100 microsecond overheads to support rapid reconfiguration => we are evaluating approaches to achieve these performance requirements

16 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200216 Proxy User Location Elusive Application AO Tolerating DDoS Attack Location Elusiveness uses reconfiguration to tolerate infrastructure-level attacks Proxies know application location Users do not know application location

17 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200217 Modeling DDoS Attack Tolerance Detailed Approach (Location Elusiveness): »Applications live in Proxy Network name space »Users (including attackers) live in the IP name space »Proxies secure the mapping between name spaces –Indirection prevents direct infrastructure level attacks on applications »Dynamically reconfigure (proactively or reactively) – proxy network, migrate applications User Proxy Network Name Space Edge Proxy User App1 App2 App3 IP Name Space Sensor

18 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200218 Multi-level Proxy Networks Location: mapping from IP to Proxy Name Spaces (Location Elusiveness) »Application can change its location due to security threat Location hiding in multiple levels »Distance to the edge corresponds to the chance of exposure (# of levels) »Distance can be changed dynamically (overhead vs. security) »Reconfiguration to contain the impact of attack Dynamic location – mapping from IP to Proxy namespace is dynamic => Model Analysis determines the key factors/issues proxy App Distance to edge Attackers Proxy Name Space IP Name Space Clients

19 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200219 Modeling and Analysis Formalize DoS attack and delivered Application service Models for: »System –Proxy network (topology, scale, reconfiguration) –Application (migration) –Sensor (accuracy, performance) »Simple Attack model (scale, rate/prob. compromise, cost) »Cost model (cost of damage, reconfiguration) A cost-oriented analysis for DoS tolerance »Investment vs. attackers capabilities, likely attacks »Develop a system analysis, based on a set of models »Open to allow others to use different assumptions

20 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200220 Key Factors Application Agility (cost of reconfig) Proxy network Complexity/Overhead Proxy network reconfiguration cost Application Performance Damage to Applications by attackers Attackers’ Capability/cost to compromise X Investment & Expected tolerance

21 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200221 Summary Recent Progress »Location Elusiveness: High Performance RPC and Migration –Naming: Analytical performance requirements, initial implementations »Interface Elusiveness: framework and empirical evaluation, full implementation »Real-time Resource Framework: proactive, fast, implemented »Exploration of capabilities: Tolerating DDoS using AO, analytical modelling of attacker/defender tradeoffs Next Steps »Evaluation of multiple Naming/migration implementations »Continue to explore Elusive Interfaces tradeoffs/capabilities »System Experiments »Continue to explore AO capabilities to tolerate DDOS attacks

22 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200222 Agile Objects Demo: Location Elusiveness Back-end Agile Objects application Migrates in AO resource pool Provides continuous service Front End Agile Objects Client, accesses Agile File Server Agile Object Applications Migrating AO Resource Pool Agile Object Clients

23 University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group OASIS PI Meeting – 8/19/200223

Download ppt "University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group Agile Objects: Component-based Inherent Survivability."

Similar presentations

Connected Health Framework

Connected Health Framework
-Grids and the OptIPuter Software Architecture Andrew A. Chien Director, Center for Networked Systems SAIC Chair Professor, Computer Science and Engineering.

-Grids and the OptIPuter Software Architecture Andrew A. Chien Director, Center for Networked Systems SAIC Chair Professor, Computer Science and Engineering.
All rights reserved © 2006, Alcatel Grid Standardization & ETSI (May 2006) B. Berde, Alcatel R & I.

All rights reserved © 2006, Alcatel Grid Standardization & ETSI (May 2006) B. Berde, Alcatel R & I.
Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.
DARPA OASIS PI Meeting – Santa Fe – July 24-27, 2001Slide 1 Aegis Research Corporation Not for Public Release Survivability Validation Framework for Intrusion.

DARPA OASIS PI Meeting – Santa Fe – July 24-27, 2001Slide 1 Aegis Research Corporation Not for Public Release Survivability Validation Framework for Intrusion.
Distributed Systems 1 Topics  What is a Distributed System?  Why Distributed Systems?  Examples of Distributed Systems  Distributed System Requirements.

Distributed Systems 1 Topics  What is a Distributed System?  Why Distributed Systems?  Examples of Distributed Systems  Distributed System Requirements.
Presented by: Thabet Kacem Spring 2010. Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
CS 795 – Spring 2010.  “Software Systems are increasingly Situated in dynamic, mission critical settings ◦ Operational profile is dynamic, and depends.

CS 795 – Spring  “Software Systems are increasingly Situated in dynamic, mission critical settings ◦ Operational profile is dynamic, and depends.
Using DSVM to Implement a Distributed File System Ramon Lawrence Dept. of Computer Science

Using DSVM to Implement a Distributed File System Ramon Lawrence Dept. of Computer Science
Objektorienteret Middleware Presentation 2: Distributed Systems – A brush up, and relations to Middleware, Heterogeneity & Transparency.

Objektorienteret Middleware Presentation 2: Distributed Systems – A brush up, and relations to Middleware, Heterogeneity & Transparency.
ICT 1 “Putting Context in Context: The Role and Design of Context Management in a Mobility and Adaptation Enabling Middleware” Marius Mikalsen Research.

ICT 1 “Putting Context in Context: The Role and Design of Context Management in a Mobility and Adaptation Enabling Middleware” Marius Mikalsen Research.
1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson

1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson
Azad Madni Professor Director, SAE Program Viterbi School of Engineering Platform-based Engineering: Rapid, Risk-mitigated Development.

Azad Madni Professor Director, SAE Program Viterbi School of Engineering Platform-based Engineering: Rapid, Risk-mitigated Development.
1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.
Software Engineering and Middleware: a Roadmap by Wolfgang Emmerich Ebru Dincel Sahitya Gupta.

Software Engineering and Middleware: a Roadmap by Wolfgang Emmerich Ebru Dincel Sahitya Gupta.
Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.

Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”

OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.

Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.
Managing Agent Platforms with the Simple Network Management Protocol Brian Remick Thesis Defense June 26, 2015.

Managing Agent Platforms with the Simple Network Management Protocol Brian Remick Thesis Defense June 26, 2015.
SensIT PI Meeting, April 17-20, 2001 1 Distributed Services for Self-Organizing Sensor Networks Alvin S. Lim Computer Science and Software Engineering.

SensIT PI Meeting, April 17-20, Distributed Services for Self-Organizing Sensor Networks Alvin S. Lim Computer Science and Software Engineering.

Similar presentations

Ads by Google