1 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Toolkit for Creating Adaptable Distributed Applications Joe Loyall www.dist-systems.bbn.com/projects/OIT.

Slides:



Advertisements
Similar presentations
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Distributed Systems Architectures Slide 1 1 Chapter 9 Distributed Systems Architectures.
Advertisements

Applications that Participate in their Own Defense (APOD) A BBN Technologies Project Sponsored by DARPA Under the FTN Program (Dr. Douglas Maughan) Monitored.
Distributed Systems 1 Topics  What is a Distributed System?  Why Distributed Systems?  Examples of Distributed Systems  Distributed System Requirements.
1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,
Distributed Systems Architectures
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
1 12/10/03CCM Workshop QoS Engineering and Qoskets George Heineman Praveen Sharma Joe Loyall Richard Schantz BBN Technologies Distributed Systems Department.
1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
1 8/99 IMIC Workshop 6/22/2015 New Network ServicesJohn Zinky BBN Technologies The Need for A Network Resource Status Service IMIC Workshop 1999 Boston.
A Mobile Agent Infrastructure for QoS Negotiation of Adaptive Distributed Applications Roberto Speicys Cardoso & Fabio Kon University of São Paulo – USP.
1 5/4/99ISORC ‘99 BBN Technologies An Object-level Gateway Supporting Integrated Property Quality of Service Rick Schantz John Zinky, David Karr, Dave.
OPX PI Meeting 2002 February page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.
TENA Test and Training Enabling Architecture. TENA TENA is used in range environments, often in the L portion of LVC Slightly different emphasis; small.
16: Distributed Systems1 DISTRIBUTED SYSTEM STRUCTURES NETWORK OPERATING SYSTEMS The users are aware of the physical structure of the network. Each site.
1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.
.NET Mobile Application Development Introduction to Mobile and Distributed Applications.
.NET Mobile Application Development Remote Procedure Call.
QoS-enabled middleware by Saltanat Mashirova. Distributed applications Distributed applications have distinctly different characteristics than conventional.
Securing Legacy Software SoBeNet User group meeting 25/06/2004.
1 4/20/98ISORC ‘98 BBN Technologies Specifying and Measuring Quality of Service in Distributed Object Systems Joseph P. Loyall, Richard E. Schantz, John.
1 05/01/02ISORC 2002 BBN Technologies Joe Loyall Rick Schantz, Michael Atighetchi, Partha Pal Packaging Quality of Service Control Behaviors for Reuse.
Database System Concepts and Architecture Lecture # 3 22 June 2012 National University of Computer and Emerging Sciences.
Design Patterns.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 12 Slide 1 Distributed Systems Architectures.
Understanding the CORBA Model. What is CORBA?  The Common Object Request Broker Architecture (CORBA) allows distributed applications to interoperate.
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
BBN Technologies Craig Rodrigues Gary Duzan QoS Enabled Middleware: Adding QoS Management Capabilities to the CORBA Component Model Real-time CCM Meeting.
ACM 511 Chapter 2. Communication Communicating the Messages The best approach is to divide the data into smaller, more manageable pieces to send over.
1 21 July 00 Joint PI Meeting FTN Applications that Participate in their Own Defense (APOD) BBN Technologies Franklin Webber, Ron Scott, Partha Pal, Michael.
1 APOD 10/5/2015 NCA 2003Christopher Jones APOD Network Mechanisms and the APOD Red-team Experiments Chris Jones Michael Atighetchi, Partha Pal, Franklin.
MILCOM 2001 October page 1 Defense Enabling Using Advanced Middleware: An Example Franklin Webber, Partha Pal, Richard Schantz, Michael Atighetchi,
1 06/00 Questions 10/6/2015 QoS in DOS ECOOP 2000John Zinky BBN Technologies ECOOP 2000 Workshop on Quality of Service in Distributed Object Systems
SAMANVITHA RAMAYANAM 18 TH FEBRUARY 2010 CPE 691 LAYERED APPLICATION.
Distributed Systems: Concepts and Design Chapter 1 Pages
1 10/20/01DOA Application of the QuO Quality-of-Service Framework to a Distributed Video Application Distributed.
WDMS 2002 June page 1 Middleware Policies for Intrusion Tolerance QuO Franklin Webber, Partha Pal, Chris Jones, Michael Atighetchi, and Paul Rubel.
Implementing a Port Knocking System in C Honors Thesis Defense by Matt Doyle.
BBN Technologies a part of page 118 January 2001 Applications that Participate in their Own Defense (APOD) BBN Technologies FTN PI Meeting January.
1 APOD 10/19/2015 DOCSEC 2002Christopher Jones Defense Enabling Using QuO: Experience in Building Survivable CORBA Applications Chris Jones Partha Pal,
1 06/ /21/2015 ECOOP 2000 Workshop QoS in DOSJohn Zinky BBN Technologies Quality Objects (QuO) Middleware Framework ECOOP 2000 Workshop QoS in DOS.
2001 July page 1 Applications that Participate in their Own Defense (APOD) BBN Technologies FTN PI Meeting 2001 July 30 Franklin Webber QuO.
Design and run-time bandwidth contracts for pervasive computing middleware Peter Rigole K.U.Leuven – Belgium
Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003)
Sunday, October 15, 2000 JINI Pattern Language Workshop ACM OOPSLA 2000 Minneapolis, MN, USA Fault Tolerant CORBA Extensions for JINI Pattern Language.
1 10/23/98Lunchtime Meeting BBN Technologies Toolkit for Creating Adaptable Distributed Applications Joe Loyall, Rick Schantz, Rodrigo Vanegas, James Megquier,
Architectural pattern: Interceptor Source: POSA II pp 109 – 140POSA II Environment: developing frameworks that can be extended transparently Recurring.
1 5/30/98LCR ‘98 BBN Technologies QoS Aspect Languages and their Runtime Integration Joseph P. Loyall, David E. Bakken, Richard E. Schantz, John A. Zinky,
CSC 480 Software Engineering Lecture 18 Nov 6, 2002.
2001 November13 -- page 1 Applications that Participate in their Own Defense (APOD) Project Status Review Presentation to Doug Maughan Presentation by.
Distribution and components. 2 What is the problem? Enterprise computing is Large scale & complex: It supports large scale and complex organisations Spanning.
CS 501: Software Engineering Fall 1999 Lecture 12 System Architecture III Distributed Objects.
Shuman Guo CSc 8320 Advanced Operating Systems
16/11/ Web Services Choreography Requirements Presenter: Emilia Cimpian, NUIG-DERI, 07April W3C Working Draft.
1 BBN Technologies Quality Objects (QuO): Adaptive Management and Control Middleware for End-to-End QoS Craig Rodrigues, Joseph P. Loyall, Richard E. Schantz.
1 010/02 Aspect-Oriented Interceptors Pattern 1/4/2016 ACP4IS 2003John Zinky BBN Technologies Aspect-Oriented Interceptors Pattern Dynamic Cross-Cutting.
Intrusion Tolerant Distributed Object Systems Joint IA&S PI Meeting Honolulu, HI July 17-21, 2000 Gregg Tally
Nguyen Thi Thanh Nha HMCL by Roelof Kemp, Nicholas Palmer, Thilo Kielmann, and Henri Bal MOBICASE 2010, LNICST 2012 Cuckoo: A Computation Offloading Framework.
1 Distributed Systems Architectures Distributed object architectures Reference: ©Ian Sommerville 2000 Software Engineering, 6th edition.
Design Patterns: MORE Examples
Joe Loyall, Rick Schantz, Gary Duzan
Middleware Policies for Intrusion Tolerance
Distribution and components
Advanced Operating Systems
Inventory of Distributed Computing Concepts
SAMANVITHA RAMAYANAM 18TH FEBRUARY 2010 CPE 691
Chapter 5 Architectural Design.
Presentation transcript:

1 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Toolkit for Creating Adaptable Distributed Applications Joe Loyall “Adapt or perish, now as ever, is nature's inexorable imperative.” – H. G. Wells DARPA Intrusion Detection PI Meeting December 15-17, 1998

2 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Motivation for developing the QuO toolkit for survivable systems Large scale information systems are vulnerable to attack –increasingly so because of their distributed, networked nature –Distributed object systems and wide-area networks offer increased chances of failure or attack Most applications do not participate in their own defense, i.e., –they rely on intrusion detection systems, security systems, firewalls, etc. –they are blissfully unaware of ongoing attacks Most large scale systems rely on a single implementation –they are unable to adapt to changes in their environment –they have little alternative to complete failure in the face of attacks or loss of service

3 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Our goal: adaptable, intrusion-aware applications Provide means for applications to specify their normal operating behavior Provide means to recognize when an application is operating outside its normal range –Indicating a potential failure, intrusion, or attack Provide alternate implementation and adaptation strategies –The application can reconfigure to avoid an attack or to proceed in the face of loss of service –Such an application would be more likely to survive hostile situations Current distributed object systems do not provide the mechanisms and infrastructure necessary to support this –Any survivability is often ad hoc and intertwined throughout the application’s code

4 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Examples of applications detecting intrusions and responding by adaptation Example problems that could indicate intrusions and attacks –Responses from a server object become slower Flooding of the network Attacks on routers Host attack, flooding or other denial of service Virus in the object’s implementation or the host OS –An object starts returning incorrect responses, performing incorrect functionality, extra information, or less precision or accuracy Virus in the object’s implementation or the host OS Interception of data between the client and the object Intrusion affecting a service used by the object Example application responses: –Break connection and try to reestablish with reservation, different path –Reconfigure to use a server object which provides similar or identical service, but on a different host or with a different implementation –Continue with degraded service

5 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Characteristics of an adaptable, intrusion-aware application Specification –Normal operating behavior or ranges –Behavior or implementation alternatives and adaptation strategies Measurement and control –Recognize when the application or environment is operating outside normal ranges –Interact with intrusion detection systems, resource managers, etc. operating on its behalf Adaptation –Change operating modes to proceed despite loss of service, perhaps with degraded performance or functionality –Dynamically reconfigure to avoid further attacks or to restore service

6 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies The Toolkit for Creating Adaptable Distributed Applications Two main goals –Develop a general Toolkit for building adaptable, intrusion aware applications –Apply the Toolkit to and demonstrate in the area of survivability, e.g., intrusion detection, response, security This builds on the QuO technology developed under the Quorum program –Developed to support QoS-aware, adaptive applications –Applied to the areas of managed bandwidth and dependability –We are extending the concepts and applying them to survivability

7 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies System condition objects monitor QoS in the system system condition objects recognize changes in the system and notify the contracts that observe them QuO contracts notify client programs, users, managers, and other system condition objects through transition behavior System Condition Objects QuO applications specify, control, monitor, and adapt to QoS in the system Application Alternate Implementations Contract (operating regions) Servers Network ORB Replication Mgr Resource Reservation Manager IDS Specification of normal and abnormal operating states, alternate implementations, and reconfiguration strategies using QuO’s QDL Multiple layers of reconfiguration managers and mechanisms can adapt to changes in the system QuO contracts provide another layer of adaptation Client and user can also adapt Mechanisms and managers control QoS in the system a layer below QuO that provides ORB-level services, such as security, replication, or managed communication contracts and delegates interface to these services through system condition objects

8 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies QuO adds specification, measurement, and adaptation into the distributed object model ClientNetworkServer Application Developer QuO Developer Mechanism Developer Logical Method Call Client Delegate ORB Proxy Specialized ORB Contract SysCond Object Delegate ORB Proxy Specialized ORB Contract Network Mechanism/Property Manager SysCond

9 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies We are extending the QuO components to develop the survivability toolkit Contracts summarize the possible states of QoS in the system and behavior to trigger when QoS changes –Contract regions represent ranges of normal operating behavior –We have extended the region predicate language to permit the description of broader ranges of behavior –Transitions specify behavior to trigger when the active regions change Have developed a specification language for describing adaptive behavior alternative and adaptation strategies –Supports runtime decision making, e.g., the selection between methods or remote objects –Enables runtime reconfiguration, e.g., bindings to remote objects to be severed and new ones (to different objects or through different paths) to be established System condition objects are used to measure and control system resources and managers –Can interface to intrusion detection systems, mechanisms, and resources

10 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies The QuO Toolkit provides tools for building QuO applications Description Languages (QDL) –Support the specification of contracts (CDL), delegates and their adaptive behaviors (SDL), connection, creation, and initialization of application components (ConnDL) –The toolkit includes code generators that parse QDL descriptions and generate Java and C++ code for contracts, delegates, creation, and initialization QuO Runtime Kernel –Contract evaluator –Factory object which instantiates contract and system condition objects System Condition Objects, implemented as CORBA objects CORBA IDL Code Generators Code Generators Contract Description Language (CDL) QuO Runtime Structure Description Language (SDL) Delegates Contracts

11 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies The QuO Toolkit provides tools for building adaptive applications Quality Description Languages (QDL) –Analogous to CORBA’s Interface Description Language (IDL) –Support the specification of QoS contracts delegates and their adaptive behaviors connection, creation, and initialization of QuO application components –QuO includes code generators that parse QDL descriptions and generates Java and C++ code for contracts, delegates, creation, and initialization QuO Runtime Kernel –Contract evaluator –Factory object which instantiates contract and system condition objects System Condition Objects –Implemented as CORBA objects –We have a growing library of system condition objects for reuse

12 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies CDL contract to recognize problems in a banking system contract BankContract( syscond FileCounterSC FileCounterSCImpl fileAddedOrDeleted, callback ClientCB clientCallBack ) is syscond probe TimeProbeSCImpl TimeToCompleteTransaction(); active regions are region NORMAL : // Transactions are taking normal time and records have not been changed when TimeToCompleteTransaction region SUSPECT : // Transactions are taking a little long, but records have not been changed when (fileAddedOrDeleted == False) and ((TimeToCompleteTransaction > minTime) and (TimeToCompleteTransaction region INTRUSION: // Transactions are taking much too long or records have been changed when (TimeToCompleteTransaction >= maxTime) or (fileAddedOrDeleted == True) => transitions are transition any->NORMAL : clientCallBack.toNormal(); transition any->SUSPECT : clientCallBack.toSuspect(); transition any->INTRUSION : clientCallBack.toIntrusion(); end transitions; end active regions; end BankContract;

13 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies SDL code that chooses behavior based upon whether an intrusion is suspected delegate behavior for Bank and BankContract is call withdraw : region NORMAL : pass_through; region SUSPECT : pass to withdraw_with_logging_on; region INTRUSION : throw BANK_SERVER_COMPROMISED; default : pass_through; call deposit : region NORMAL : pass_through; region SUSPECT : pass to deposit_with_logging_on; region INTRUSION : throw BANK_SERVER_COMPROMISED; default : pass_through; call identify : default : pass_through; call balance : default : pass_through; return withdraw : default : pass_through; return deposit : default : pass_through; default : pass_through; end delegate behavior; SDL currently supports choosing between methods, run-time binding, and embedded Java or C++ code.

14 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies The QuO toolkit provides an interface between applications and mechanisms, e.g., IDSs The QuO toolkit provides a standard interface, i.e., contracts, delegates, and system condition objects, between applications and the mechanisms working on their behalf –IDSs and other mechanisms often have proprietary interfaces and different data formats –The QuO toolkit middleware can present a common interface to all the different IDS interfaces –QuO supports the building of applications that run in different survivability modes, from paranoid to intrusion unaware, and can switch among these at runtime This is complementary and consistent with other DARPA efforts, e.g., CIDF –CIDF provides a standard interface between IDS components (which lie below the middleware layer) –The QuO Toolkit provides a standard interface between applications and the components at the CIDF layer

15 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Interfacing with intrusion detection mechanisms We are working with the University of Illinois to apply fault detection mechanisms to intrusion detection and response within the QuO toolkit –UI has a dependability manager, Proteus, that provides replication, fault detection, and recovery (i.e., restarting replicas) –Proteus’s fault detection and recovery occurs without the awareness of the application –Many of the faults that Proteus detects could be indications of attacks, e.g., timing faults, host failure, value faults –UI and BBN are working to “open up” Proteus’s implementation Proteus will report faults to the middleware Proteus will try to gather information about fault patterns and causes Application and middleware (the QuO toolkit layer) will provide input to Proteus to control its recovery

16 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Other interface possibilities Odyssey Research Associates –Performing research in computer immunology –Identify patterns of normal usage and recognize when a system is operating outside normal regions MIT –Model Based Troubleshooting TIS/Network Associates –DTEL++ and OO-DTE

17 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Summary Intrusion-aware, adaptable applications can participate in their own defense –Can proceed in the face of intrusions or denial of service –Can provide inputs to aid intrusion detection mechanisms –Can run in different survivability modes and can switch among these at runtime The QuO Toolkit is providing an environment for developing intrusion-aware, adaptable applications –Standard, reusable components instead of ad hoc and intertwined code –Standard interfaces to a variety of mechanisms –Hides heterogeneity and distribution problems; application can adapt and reconfigure for changing system conditions

18 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Where to find more information The Toolkit project To get the QuO Toolkit v.1.0 software, send mail to

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.