“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 Status and Challenges of Security in Distributed Computing Stefan.

Slides:



Advertisements
Similar presentations
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Advertisements

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.
Middleware technology and software quality issues Andrew McNab Grid Security Research Fellow University of Manchester.
HEPiX Virtualisation Working Group Status, July 9 th 2010
Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Virtual Machine Security Summer 2013 Presented by: Rostislav Pogrebinsky.
5205 – IT Service Delivery and Support
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep
Additional SugarCRM details for complete, functional, and portable deployment.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
Key Accomplishments and Work Plans OSG Security Team July 11, 2012.
© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Customized cloud platform for computing on your terms !
1 All Your iFRAMEs Point to Us Mike Burry. 2 Drive-by downloads Malicious code (typically Javascript) Downloaded without user interaction (automatic),
CERN’s Computer Security Challenge
Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.
Architecture Planning and designing a successful system Use tried and tested techniques Easy to maintain Robust and long lasting.
Virtual Machine Security Systems Presented by Long Song 08/01/2013 Xin Zhao, Kevin Borders, Atul Prakash.
| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud F2F Security Issues in the cloud Introduction Linda Cornwall,
1 CERN’s Computer Security Challenges Denise Heagerty CERN Computer Security Officer Openlab Security Workshop, 27 Apr 2004.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments.
Virtual Workspaces Kate Keahey Argonne National Laboratory.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
Bart Miller – October 22 nd,  TCB & Threat Model  Xen Platform  Xoar Architecture Overview  Xoar Components  Design Goals  Results  Security.
1 Linux Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise.
Securing Your Enterprise with Enterprise Manager 10g Amir Najmi Principal Member of Technical Staff System Management Products Oracle Corporation Session.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud Security - what is needed Linda Cornwall (STFC) and the.
Trusted Virtual Machine Images a step towards Cloud Computing for HEP? Tony Cass on behalf of the HEPiX Virtualisation Working Group October 19 th 2010.
Security Policy Update David Kelsey UK HEP Sysman, RAL 1 Jul 2011.
Security Vulnerabilities in A Virtual Environment
Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.
Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Tools and techniques for managing virtual machine images Andreas.
| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.
Problems to Overcome Implementation Issues at CERN Dr. Stefan Lüders (CERN Computer Security Officer) (CS) 2 /HEP Workshop, Kobe (Japan) October 11th 2009.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Privilege Escalation Two case studies. Privilege Escalation To better understand how privilege escalation can work, we will look at two relatively recent.
Computer Security Status C5 Meeting, 2 Nov 2001 Denise Heagerty, CERN Computer Security Officer.
Evolving Security in WLCG Ian Collier, STFC Rutherford Appleton Laboratory Group info (if required) 1 st February 2016, WLCG Workshop Lisbon.
Microsoft Virtual Academy Module 12 Managing Services with VMM and App Controller.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Ian Collier, STFC, Romain Wartel, CERN Maintaining Traceability in an Evolving Distributed Computing Environment Introduction Security.
1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud and Software Vulnerabilities Linda Cornwall, STFC 20.
Claudio Grandi INFN Bologna Virtual Pools for Interactive Analysis and Software Development through an Integrated Cloud Environment Claudio Grandi (INFN.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Questionnaires to Cloud technology providers and sites Linda Cornwall, STFC,
Trusted Virtual Machine Images the HEPiX Point of View Tony Cass October 21 st 2011.
Logging and Monitoring. Motivation Attacks are common (see David's talk) – Sophisticated – hard to reveal, (still) quite limited in our environment –
INFSO-RI Enabling Grids for E-sciencE Grid & Cloud Computing Introduction
Stuff to memorise… "A method tells an object to perform an action. A property allows us to read or change the settings of the object."
LCG Introduction John Gordon, STFC GDB December 7 th 2010.
INFSO-RI Enabling Grids for E-sciencE Workshop WLCG Security for Grid Sites Louis Poncet System Engineer SA3 - OSCT.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Botnets A collection of compromised machines
Dag Toppe Larsen UiB/CERN CERN,
Dag Toppe Larsen UiB/CERN CERN,
LCG Security Status and Issues
WLCG Collaboration Workshop;
Botnets A collection of compromised machines
Nessus Vulnerability Scanning
Managing Services with VMM and App Controller
Presentation transcript:

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 Status and Challenges of Security in Distributed Computing Stefan Lüders CHEP 2010 Taipei (TW), October 20 th 2010

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 Benefits of Distributed Computing Distributed computing is valuable to attackers: ► Large number of distributed hosts & users ► High availability ► High inter-connectivity & throughput networks Shared users: Fast attack propagation across different sites Shared resources: Only one compromised user can affect others Transparent access: One malicious user can run malicious code across different sites NEW! Shared VM images: An attacker might bring a complete tool suite with him!

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 Overview

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 GRID Security Philosophy WLCG/EGI security governed through policies: ► High-level “Grid Security Policy” ► For users: “Grid Acceptable Use Policy” (AUP) ► For sites: “Grid Site Operations Policy” ►...plus many more Foster collaboration: ► …between users and security people ► …between all Grid sites: EGI/NGIs, WLCG, TeraGrid, OSG,… ► Information sharing essential! (incident forensics, vulnerabilities, good practises, policies) EGI Policy Group:

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 Security incidents affecting WLCG sites: An attack against the academic community since 2008: ► Exploitation of vulnerable (unpatched) hosts somewhere in the community → Installation of a rootkit (hidden code) → Compromised account(s), i.e. stolen passwords, keys, certificates ► Attack against other hosts, also at other sites → SSH into other sites e.g. listed in known_hosts file → Trying for root privilege escalation via known vulnerabilities → Also checking for traditional injection techniques e.g. through /dev/mem or via loadable kernel modules (LKM) → More compromised hosts & accounts ► Periodic rootkit updates and new versions ► Difficult to contain since this requires all sites to be clean & patched  ► Difficult to detect (but we learn, too ) 1. Exploiting Trust: SSH attacks

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 Several critical vulnerabilities published recently, e.g.: ► CVE (2009/8): bug in SOCKOPS_WRAP macro ► CVE (2009/8): bug in udp_sendmsg() ► CVE (2009/11): kernel NULL pointer dereference ► CVE (2010/9): possibility to stack underflow ► All allowed for privilege escalation (i.e. becoming root owning the host) ► Exploits out quickly after CVE announcement → Need to patch immediately #3081 took two days to patch: ► ~60 LXPLUS nodes: kick-off & patch ► ~2800 LXBATCH nodes: drain/kill & patch ► …and then are there all the Linux-based control systems for the LHC 2. Defence!!! “Thou shall patch!” Pakiti:

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 Multi-Tier architecture: ► 11 Tier-1s, >100 Tier-2s,... ► Traffic & firewalls easy to control; #connected sites known & constant Tendency to move to P2P: ► Direct access between Tier’s and to Tier-0 from Tier-2s/Tier-3s ► Increasing firewall complexity ► Frequent changes (“dynamic firewall punching”) ► Traffic load spikes amplified 3. Go Cloud: From Tier to P2P

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 4a. Virtualization: Inherent Risks Increasing the attack surface & enabling new attack vectors: ► Additional abstraction layer: new code, new interfaces, new challenges ► New things to worry about (break out of VM, …into hypervisor, …into host OS, …into other VMs) ► Lots of new complexity: Nothing fundamentally challenging, but many issues to consider. There are lots of benefits from virtualization, too: ► Security perhaps isn't the strongest. ► In the end, no big difference for security: if you have one server with ten virtual instances or ten servers… J. Iven Hepix2009

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 4b. Virtualization: Image Distro Submit complete VM images and pull in analysis jobs: ► Stripped-down O/S plus analysis code ► Functionality & stability: Need of frozen releases Security, anyone? ► How to enforce patching? ► How to deploy “syslogging”? What about tight local firewall rules? ► How to keep local (root) credentials unique/secret? ► How to do forensics??? Can I run random VMs at your home? ► Do we need image certification, tracking, revoking & inventory? → Slow certification and even slower patching…? ► Or do we need to change our security model? HEPiX Virtualisation Working Group “Policy on the Endorsement of Virtual Machine Images”

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP One step more? Go Amazon! S. Bradshaw, C. Millard, I. Walden “Contracts for Clouds: Comparison and Analysis of the Terms and Conditions for Cloud Computing Services” Loss of ownershipLoss of availabilityLoss of guaranteesStill 100% responsible for security

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 Summary Grid/Cloud Computing comes with lots of functional benefits and users conveniences. Security must not be neglected… …but remain inherent part of it. ► This is not you or me: It is us together !!! ► Enable controlling the network of trust ► Enforce fast patching mechanisms ► Keep it simple (the “KISS”-principle) ► Understand the risks of virtualization… ► …and of fully outsourcing into the cloud! 谢谢

“Status and Challenges of Security in Distributed Computing” — Stefan Lüders — CHEP2010 A little bit of password phishing Which URL leads you to ? %2e%31%33%38%2e%31%33%37%2e%31%37%37/p?uh3f223d ► ► co_partnerid=2&usage=0&ru=http%3A%2F%2Fwww.ebay.com&rafId=0 &encRafId=default ►