Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.

Slides:



Advertisements
Similar presentations
Operating System Security
Advertisements

Access Control Chapter 3 Part 3 Pages 209 to 227.
Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.
1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec.
Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.
Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002.
Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
Multimedia Security Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Nov 20, 2002 Department of Computer.
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum
A Survey on Interfaces to Network Security
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Public Key Infrastructure Ammar Hasayen ….
A Methodology for Evaluating Wireless Network Security Protocols David Rager Kandaraj Piamrat.
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
Sindhuri Juturu Department of Computer Science Texas Tech University
Bill Gates’ RSA 2006 Keynote presentation Questions and answers.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
Joseph Ferracin Director IT Security Solutions Managing Security.
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
Dynamic Firewalls and Service Deployment Models for Grid Environments Gian Luca Volpato, Christian Grimm RRZN – Leibniz Universität Hannover Cracow Grid.
Web-based E-commerce Architecture
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Module 14: Configuring Server Security Compliance
Chapter 6 of the Executive Guide manual Technology.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.
Active Directory Harikrishnan V G 18 March Presentation titlePage 2 Agenda ► Introduction – Active Directory ► Directory Service ► Benefits of Active.
1 Windows 2008 Configuring Server Roles and Services.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.
Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
Security Engineering Assurance & Control Objectives Priyanka Vanjani ASU Id #
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Current Security Threats and Prevention Measures Relating to Cloud Services, Hadoop Concurrent Processing, and Big Data ATHER SHARIF, SARAH COONEY, SHENGQI.
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
Sources of Network Intrusion Security threats from network intruders can come from both internal and external sources.  External Threats - External threats.
KERBEROS. Introduction trusted key server system from MIT.Part of project Athena (MIT).Developed in mid 1980s. provides centralised private-key third-party.
CSE 5810 Biomedical Informatics and Cloud Computing Zhitong Fei Computer Science & Engineering Department The University of Connecticut CSE5810: Introduction.
FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.
Data Communications I & Computer Security I Faculty currently includes: G. Chen, Costello, Elbirt, Liu, D. Martin, Wang.
Importance of IT security ->protects data ->ensures authentication and confidentiality ->preevents data theft.
Securing Information Systems
High Performance Computing Lab.
Module 8: Securing Network Traffic by Using IPSec and Certificates
LAND RECORDS INFORMATION SYSTEMS DIVISION
Securing Information Systems
Download Cisco Exam Dumps - Valid Cisco Question Answers - Dumpsprofessor.com
LINUX SECURITY Dongmei Wu ID: /25/00.
Figure 1-7: Eavesdropping on a Dialog
Identity & Access Management
An Introduction to Cloud Computing
CLIENT/SERVER COMPUTING ENVIRONMENT
Unit 36: Internet Server Management
Module 8: Securing Network Traffic by Using IPSec and Certificates
Module 2 OBJECTIVE 14: Compare various security mechanisms.
16. Account Monitoring and Control
Presentation transcript:

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA 1 Location Based Access Control Progress Report Joshua Schiffman

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage 2 Motivation Typical file access control ‣ Roles, usernames, types Authentication of a user does not necessarily mean they should have access to data ‣ Location is important ‣ Difficult to prove ‣ Even harder to manage

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage 3 Experiment Goals Utilize locating technology to provide a location guarantee ‣ Part of current research Provide a policy that gives hierarchical location- based roles Create a proof of concept implementation that is intuitive and minimally intrusive

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage 4 Design Goals Access to files should be entirely mediated by the access control daemon ‣ Encryption to prevent offline attack [eCryptfs] ‣ Authenticated access to the system [Pam-mount] ‣ Locality locking / unlocking is automatic [Location LSM]

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage 5 Policy Goals The policy should be intuitive and flexible ‣ Hierarchical structure ‣ Logical representation

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage 6 Methodology

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage 7 Evaluation To test the system, I will ‣ Implement the LSM ‣ Show performance metrics Timing to access files ‣ Analyze the trust model

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.