Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enterprise Wrappers OASIS PI Meeting August 19, 2002 Bob Balzer Neil Legend: Green Changes from February 02 PI meeting.

Published byHarvey Scott Hancock Modified over 8 years ago

Similar presentations

Presentation on theme: "Enterprise Wrappers OASIS PI Meeting August 19, 2002 Bob Balzer Neil Legend: Green Changes from February 02 PI meeting."— Presentation transcript:

1 Enterprise Wrappers OASIS PI Meeting August 19, 2002 Bob Balzer Neil Goldman @Teknowledge.com Legend: Green Changes from February 02 PI meeting

2 Enterprise Wrappers Goals  Integrate host-based wrappers into scalable cyber-defense system  Create common multi-platform wrapper infrastructure  Populate this infrastructure with useful monitors, authorizers, and controllers

3 Enterprise Wrappers Objectives Common Network Wrapper Manager NWM Network Schema & Data Hardened System “Soft” System Manager Interface Other IA components, such as intrusion detection, sniffers, secure DNS, IDIP, etc. Boundary Controller... service WMI proxy Control Protocol Data Push/Pull Wrapper Network Interface –Off-board cyber-defense controllers –Off-board communication of wrapper data Host Controller –Manages dynamic insertion and removal of Wrappers –Multi-platform (Linux and NT) –Network-scalable Mutual protection/isolation of Host Controller & Wrappers from the system(s) being protected Linux or NT Wrapper Subsystem Data Base Hardened System(expanded) Host Controller M M M M MediationCocoon App M M M M MediationCocoon App Wrappers Policies Status Alerts

4 Active Available C++ Policy Editor Enterprise Wrapper APIs Deployable Version Available 12/31/01 Deployed Common Network Wrapper Manager Deploy Installed Host Controller (common API) Install Active Activate Sensed Deactivate Defined UndeployUninstall Define Host Controller (common API) Focus Wrappers Policies Enterprise Version Available 10/1/02

5 Enterprise Wrappers Current Implementation (as of 2/02) –Network Controller Starts and Terminates processes on controlled desktops Receives Events from controlled desktops –Host Controller Starts and Terminates processes for Network Controller Wraps started processes in accordance with local Wrapper Policy Forwards Events to Network Controller –Inter-Controller Communication via SSL Demo To Do –Deploy Policy to Host Controller

6 Existing NT Wrappers  Safe Email Attachments Document Integrity for MS Office  Executable Corruption Detector Protected Path (Keyboard  App.  SmartCard) Local/Remote Process Tracker  No InterProcess Diddling  Safe Web Brower  Safe Office Key:  Policy Driven Wrapper Planned  Single SafeExecution Wrapper Process specific policy

7 ByPass Prevention Module DLL Uniform mechanism for Intermodule Interactions OS Services Network Sockets CORBA...

8 ByPass Prevention Mediator added between Module & DLL component Mediator maintains DLL component API Module DLL Uniform mechanism for Intermodule Interactions OS Services Network Sockets CORBA...

9 OS Kernel Added Kernel Driver Driver ByPass Prevention NTDLL Kernel32 –Direct OS calls Need to Prevent –Direct NTDLL calls Module –Only allows mediated OS calls while in mediator Wrapper registers mediated OS calls Wrapper signals Entering/Leaving

Download ppt "Enterprise Wrappers OASIS PI Meeting August 19, 2002 Bob Balzer Neil Legend: Green Changes from February 02 PI meeting."

Similar presentations

NGAS – The Next Generation Archive System Jens Knudstrup NGAS The Next Generation Archive System.

NGAS – The Next Generation Archive System Jens Knudstrup NGAS The Next Generation Archive System.
Why do current IP semantics cause scaling issues? −Today, “addressing follows topology,” which limits route aggregation compactness −Overloaded IP address.

Why do current IP semantics cause scaling issues? −Today, “addressing follows topology,” which limits route aggregation compactness −Overloaded IP address.
SQL Based Data Access Bodo Bachmann.

SQL Based Data Access Bodo Bachmann.
Chapter 6 Security Kernels.

Chapter 6 Security Kernels.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
INTRODUCTION OS/2 was initially designed to extend the capabilities of DOS by IBM and Microsoft Corporations. To create a single industry-standard operating.

INTRODUCTION OS/2 was initially designed to extend the capabilities of DOS by IBM and Microsoft Corporations. To create a single industry-standard operating.
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.

Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
A Survey on Interfaces to Network Security

A Survey on Interfaces to Network Security
Understanding Active Directory

Understanding Active Directory
SP2 Mikael Nystrom. Agenda Översikt Installation.

SP2 Mikael Nystrom. Agenda Översikt Installation.
JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.

JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.
Why Interchange?. What is Interchange? Interchange Capabilities: Offers complete replacement of CommBridge point-to-point solution with a hub and spoke.

Why Interchange?. What is Interchange? Interchange Capabilities: Offers complete replacement of CommBridge point-to-point solution with a hub and spoke.
Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.
OASIS V2+ Next Generation Open Access Server CSD 2006 / Team 12.

OASIS V2+ Next Generation Open Access Server CSD 2006 / Team 12.
S E C U R E C O M P U T I N G Intrusion Tolerant Server Infrastructure Dick O’Brien, Tammy Kappel, Clint Bitzer OASIS PI Meeting March 14, 2002.

S E C U R E C O M P U T I N G Intrusion Tolerant Server Infrastructure Dick O’Brien, Tammy Kappel, Clint Bitzer OASIS PI Meeting March 14, 2002.
Intelligent Shipping Container Project IMPACT & INTEL.

Intelligent Shipping Container Project IMPACT & INTEL.
Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.

Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.

Similar presentations

Ads by Google