Enhancing Survivability of Security Services using Redundancy Presented by:Zijian Cao Joe Ondercin Based on a paper by Matti Hiltunen, Richard D. Schlichting,

Slides:



Advertisements
Similar presentations
IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Advertisements

An Alternative Approach for Enhancing Security of WMANs using Physical Layer Encryption By Arpan Pal Wireless Group Center of Excellence for Embedded Systems.
Introduction Why do we need Mobile OGSI.NET? Drawbacks:
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
DARPA OASIS PI Meeting – Santa Fe – July 24-27, 2001Slide 1 Aegis Research Corporation Not for Public Release Survivability Validation Framework for Intrusion.
Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
TAC Vista Security. Target  TAC Vista & Security Integration  Key customer groups –Existing TAC Vista users Provide features and hardware for security.
Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Ariel Eizenberg PPP Security Features Ariel Eizenberg
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
1 ECE453 – Introduction to Computer Networks Lecture 19 – Network Security (II)
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Secure Encounter-based Mobile Social Networks: Requirements, Designs, and Tradeoffs.
Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.
Computer Science and Engineering 1 Service-Oriented Architecture Security 2.
Information Security Lab. Dept. of Computer Engineering 182/203 PART I Symmetric Ciphers CHAPTER 7 Confidentiality Using Symmetric Encryption 7.1 Placement.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
INFORMATION MANAGEMENT Unit 2 SO 4 Explain the advantages of using a database approach compared to using traditional file processing; Advantages including.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
Security Requirements of NVO3 draft-hartman-nvo3-security-requirements-01 S. Hartman M. Wasserman D. Zhang 1.
Chapter 7 – Confidentiality Using Symmetric Encryption.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE
Chapter 8 IP Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
Wireless and Mobile Security
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
m-Privacy for Collaborative Data Publishing
Emerging Infectious Program (EIP) Web Service CHIIC Update May 12, 2015 Jason Hall – NCEZID, CDC Sreeni Kothagundu, Northrop Grumman – NCEZID, CDC National.
Chapter 40 Network Security (Access Control, Encryption, Firewalls)
Aspect Oriented Security Tim Hollebeek, Ph.D.
Chapter 9 Networking & Distributed Security (Part C)
Wireless Security Presented by Colby Carlisle. Wireless Networking Defined A type of local-area network that uses high-frequency radio waves rather than.
CSI-09 COMMUNICATION TECHNOLOGY SECURITY MECHANISMS IN A NETWORK AUTHOR - V. V. SUBRAHMANYAM.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
Security Review Q&A Session May 1. Outline  Class 1 Security Overview  Class 2 Security Introduction  Class 3 Advanced Security Constructions  Class.
Network Layer Security Network Systems Security Mort Anvari.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Computer Security Course Syllabus 1 Computer Security Lecturer : H.Ben Othmen.
A Security Framework for ROLL draft-tsao-roll-security-framework-00.txt T. Tsao R. Alexander M. Dohler V. Daza A. Lozano.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
1 Cryptography CSS 329 Lecture 12: Kerberos. 2 Lecture Outline Kerberos - Overview - V4 - V5.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography Deffie hellman. organization Foundations Symmetric key Symmetric key weaknesses Assymmetric key Deffie hellman – key exchange RSA – public.
Message Authentication Code
IS4680 Security Auditing for Compliance
Security in Network Communications
Presentation transcript:

Enhancing Survivability of Security Services using Redundancy Presented by:Zijian Cao Joe Ondercin Based on a paper by Matti Hiltunen, Richard D. Schlichting, and Carlos A. Ugarte

Overview  Traditional security services –Single method to guarantee security attributes –Single point of vulnerability  Use redundancy to increase survivability –Implement using multiple methods –Implement in ways that can vary unpredictably

Requirements  Appropriate techniques  System support

Techniques  Use multiple methods to enforce security attribute –If one method remains intact, attribute remains uncompromised  Methods need to be independent –Use of same key by different methods can result in both being defeated

Example - Secure Messaging  Encrypt messages with different methods –Use DES, then IDEA –Alternate the sequence of applying DES and IDEA for different messages –Apply different methods to different parts of message  Both methods would have to be identified and broken to compromise data

System Support  Simplifies redundancy based survivability techniques using the appropriate software customization framework.  Automation of techniques

Example - SecComm  SecComm –A highly configurable secure communicate service –Implemented using Cactus  Cactus –A framework for software customization –Constructs configurable network protocols and services –Implements each service property as a separate software module (called a micro-protocol)

Security Properties  Basic –Authenticity –Privacy –Integrity –Non-repudiation  Attack Specific –Replay prevention –Known plain text attack prevention

Basic Security Micro-protocols (MPs)  Individual methods that can be utilized  Addresses security properties  Allows different abstract service properties and their variants to be implemented as independent modules

Meta-security MP’s  Applying multiple or alternating basic security micro-protocols  Selected based on the desired properties  Creates a complex protocol –Key feature to enabling redundancy for survivability

Examples of Meta-security MP’s  MultiSecurity –Applies multiple basic security MP’s to a message in sequence  AltSecurity –Applies one MP to each message, sequentially from a predetermined list  RandomAltSecurity –Randomly chooses the method for each message

Trade-offs  Performance  Configuration constraints

Why is this important?  Needs to be considered when designing architecture  Can reduce the potential for compromise –Security through obscurity –Use of available technology

Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.