Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Andrew Hanushevsky - CHEP, February 7-11, 2000 Practical Security In Large Scale Distributed Object Oriented Databases

Published byJason Richardson Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Andrew Hanushevsky - CHEP, February 7-11, 2000 Practical Security In Large Scale Distributed Object Oriented Databases"— Presentation transcript:

1 1 Andrew Hanushevsky - CHEP, February 7-11, 2000 Practical Security In Large Scale Distributed Object Oriented Databases http://www.slac.stanford.edu/~abh/CHEP2000/Security/ Andrew Hanushevsky Stanford Linear Accelerator Center Produced under contract DE-AC03-76SF00515 between Stanford University and the Department of Energy

2 2 Andrew Hanushevsky - CHEP, February 7-11, 2000 Our Motivation & Challenge n Motivation u Protect data from unauthorized access or modification n Challenge u Supply security to an existing DBMS, Objectivity/DB F Authentication ( who am I ), Authorization ( what can I do ), Enforcement F Handle very large database collections ( tera-databases and peta-bytes ) u Support any authentication or authorization model F At least private (e.g., Kerberos) and public key models F Authentication and authorization models are independent F Sufficiently extensible to handle future protocols and models u Easily implementable an deployable F Ability to use existing security infrastructure F Package system in installation replaceable units

3 3 Andrew Hanushevsky - CHEP, February 7-11, 2000 Critical Solution Areas n Packaging u Determines ease of deployment F Replaceable shared libraries n Architecture u Determines ease of implementation F Layered object-oriented components n Protocol u Determines extensibility F Tunneled, single-challenge, optionally arbitrated protocol

4 4 Andrew Hanushevsky - CHEP, February 7-11, 2000 AMS Generic Authentication Protocol Architecture Security & Database Protocol libooseccl.so protocol oofs ooss Objectivity Kernel application Authentication and Authorization  Replaceable

5 5 Andrew Hanushevsky - CHEP, February 7-11, 2000 Effects of Architecture & Packaging n Security protocol is tunneled via database protocol u Protocols are effectively independent F Changes in one do not affect the other n Objectivity kernel mediates client interactions u Same security used by every application and objectivity tool n Replaceable oofs mediates server interactions u Can implement any kind of enforcement policy n Security “linked” in via replaceable shared library u Can implement any kind of authentication or authorization model F Standard authentication model is Kerberos F Standard authorization model is capability-based

6 6 Andrew Hanushevsky - CHEP, February 7-11, 2000 Generic Authentication Protocol n Extensible u Can accommodate diverse authentication models u Example follows F Private vs public key authentication

7 7 Andrew Hanushevsky - CHEP, February 7-11, 2000 Private Key (symmetric) Authentication Protocol Get tgs ticket for client c Ktgs, Ks1>Kc Get ticket for service x Ktgs Ks1 Kx, Ks2>Ks1 Kx Ks2 Perform action y Kservice Ksession TicketAuthenticator E -1 k-private (E k-private (text)) = text

8 8 Andrew Hanushevsky - CHEP, February 7-11, 2000 AMS Generic Authentication Protocol (Private Key) Get security information &P=krb5,amsserv@slac.stanford.edu,0f00 Database request Kx Ks2 libooseccl.so

9 9 Andrew Hanushevsky - CHEP, February 7-11, 2000 Public Key (asymmetric) Authentication Protocol Authenticate challenge Kx-prv Get public key x c Kc-prv Perform action y Kx-pub Get public key c Kc-pub E -1 k-public (E k-private (text)) = text = E -1 k-private (E k-public (text))

10 10 Andrew Hanushevsky - CHEP, February 7-11, 2000 AMS Generic Authentication Protocol (Public Key) Get security information Database request c Kc-prv &P-dass,challenge Kx-prv libooseccl.so Get public key x Kx-pub Get public key c Kc-pub

11 11 Andrew Hanushevsky - CHEP, February 7-11, 2000 Why is Generic Authentication Protocol Extensible? n Tunneling u GAP is simply a wrapper for an arbitrary authentication protocol u Database protocol forwards wrapped data without inspection F Wrapper added and removed by shared library code n GAP can support virtually any protocol u Allows out-of-band arbitration n CAP can support multiple protocols u Server determines which protocols are available

12 12 Andrew Hanushevsky - CHEP, February 7-11, 2000 AMS Generic Authentication Protocol (Arbitrary) Get security information Database request Authentication protocol specific information &P-krb5,  &P=dass,  &P=pgp2,  libooseccl.so Out of band communications Can be heterogenous

13 13 Andrew Hanushevsky - CHEP, February 7-11, 2000 Distributed Heterogeneous Environments Each object independent Object created based on “info” One per physical ams connection Handles credential generation Always ams-specific Interface Handles It

14 14 Andrew Hanushevsky - CHEP, February 7-11, 2000 Client Security Interface oofsAMSClientSecurity *oofs_createSecurityContext( const struct sock_addr_in &netaddr_of_ams, const oofsAMSSecurityIdentifiers &ams_security_info); createSecurityContext() creates an ams-specific security object: class oofsAMSClientSecurity { public: int getCredentials(ooUInt32 operation. const char *pathname, oofsAMSSecurityCredentials &cred); oofsAMSClientSecurity.getCredentials() called by the ams client-side kernel prior to each ams interaction based on indicated operation & path: void oofs_deleteSecurityContext(oofsAMSClientSecurity *security_object); deleteSecurityContext() delete the security object when connection closed:

15 15 Andrew Hanushevsky - CHEP, February 7-11, 2000 Server Authentication Interface getSecurityToken() provides ams-specific security information sent to client: class oofsAMSAuthentication { public: oofsClientInfo *getClientInfo(oofsCredentials *credentials, oofsErro &error_object); int Authenticate(oofsCredentials *credentials, oofsClientInfo *information); oofsAMSAuthentication.getClientInfo() called by the oofs at open time and cretain file meta-data operations (e.g., deletion) while Authenticate() is called on subsequent operations: class oofsFileSystemDesc { public: int getSecurityToken(oofsSecurityToken &buffer. struct sock_addr_in &netaddr_of_client, oofsError &error_object);

16 16 Andrew Hanushevsky - CHEP, February 7-11, 2000 Authorization Challenge n Unencumbered AMS u Can only protect what AMS understands F Database files n Size of all federations u Billions and billions of databases F Amount of data is a moot point n Access control list model unmanageable u Too many databases to protect F Don’t want to record usernames in many places n Capability model is manageable u Few users relative to number of databases F Usernames recorded only once F Each user given access to arbitrary regions of any federation

17 17 Andrew Hanushevsky - CHEP, February 7-11, 2000 Standard Capability Model libooseccl.so u abh rw /objy/databases/usr/abh r /objy/databases access()yes or no client database request

18 18 Andrew Hanushevsky - CHEP, February 7-11, 2000 Server Authorization Interface oofsClientInfo class provides username, instance, and security realm: class oofsAMSAuthorization { public: int Access(oofsClientInfo *information, char *path, int operation); oofsAMSAuthorization.Access() called by the oofs at open time and certain file meta-data operations (e.g. deleteion): class oofsClientInfo { public: char *Id(); char *Instance(); char *Realm(); char *User();

19 19 Andrew Hanushevsky - CHEP, February 7-11, 2000 Summary n Scalable u Standard is Kerberos & capabilities n Extensible u Can support virtually any authentication & authorization model n Replaceable u Packaging allows installation to easily use existing infrastructure n Automatic u Applications and Objectivity tools automatically use supplied security u Circumvention detected and rejected

Download ppt "1 Andrew Hanushevsky - CHEP, February 7-11, 2000 Practical Security In Large Scale Distributed Object Oriented Databases"

Similar presentations

Andrew Hanushevsky7-Feb-2000 1 Andrew Hanushevsky Stanford Linear Accelerator Center Produced under contract DE-AC03-76SF00515 between Stanford University.

Andrew Hanushevsky7-Feb Andrew Hanushevsky Stanford Linear Accelerator Center Produced under contract DE-AC03-76SF00515 between Stanford University.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
ICS 434 Advanced Database Systems

ICS 434 Advanced Database Systems
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
How did we get here? (CMIS v0.5) F2F, January 2009.

How did we get here? (CMIS v0.5) F2F, January 2009.
Kerberized Credential Translation Olga Kornievskaia Peter Honeyman Bill Doster Kevin Coffman Center for Information Technology Integration University of.

Kerberized Credential Translation Olga Kornievskaia Peter Honeyman Bill Doster Kevin Coffman Center for Information Technology Integration University of.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.

Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
8.

8.
6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.

6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.
A Model for Grid User Management Rich Baker Dantong Yu Tomasz Wlodek Brookhaven National Lab.

A Model for Grid User Management Rich Baker Dantong Yu Tomasz Wlodek Brookhaven National Lab.
Chapter 13 Physical Architecture Layer Design

Chapter 13 Physical Architecture Layer Design
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
1 Lecture 13: Database Heterogeneity Debriefing Project Phase 2.

1 Lecture 13: Database Heterogeneity Debriefing Project Phase 2.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
NFS. The Sun Network File System (NFS) An implementation and a specification of a software system for accessing remote files across LANs. The implementation.

NFS. The Sun Network File System (NFS) An implementation and a specification of a software system for accessing remote files across LANs. The implementation.

Similar presentations

Ads by Google