Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood, K. Jayaram School of Electrical and Computer Engineering.

Slides:

Advertisements

Similar presentations

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Advertisements

Seyedehmehrnaz Mireslami, Mohammad Moshirpour, Behrouz H. Far Department of Electrical and Computer Engineering University of Calgary, Canada {smiresla,

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

Testing Concurrent/Distributed Systems Review of Final CEN 5076 Class 14 – 12/05.

1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)

1 On the Limitations of Finite State Models as Sources of Tests for Access Control and Authentication Aditya Mathur Professor of Computer Science Purdue.

Deeper Security Analysis of Web-based Identity Federation Apurva Kumar IBM Research – India.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Grid Security. Typical Grid Scenario Users Resources.

CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.

1 Ivan Lanese Computer Science Department University of Bologna Roberto Bruni Computer Science Department University of Pisa A mobile calculus with parametric.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

WPDRTS ’05 1 Workshop on Parallel and Distributed Real-Time Systems 2005 April 4th and 5th, 2005, Denver, Colorado Challenge Problem Session Detection.

A General approach to MPLS Path Protection using Segments Ashish Gupta Ashish Gupta.

Computer Science 162 Section 1 CS162 Teaching Staff.

1 of 20 Octopus: document handling Document handling: three modeling approaches Marc Voorhoeve Venkatesh Kannan TUE.

Software Testing and Reliability Testing Real-Time Systems Aditya P. Mathur Purdue University May 19-23, Corporation Minneapolis/St Paul,

1 Scalable and Effective Test Generation for Access Control Systems Ammar Masood School of Electrical & Computer Engineering Purdue University 11 th September,

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Real-Time System Requirements & Design Specs Shaw - Chapters 3 & 4 Homework #2: 3.3.1, 3.4.1, Add Error states to Fig 4.1 Lecture 4/17.

Introduction. Contents  Network Management Overview Sample Scenario where NM is Applied 5 Management Functions Importance to Business Processes  Network.

Configuration Management

Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.

Complex Security Policies Dave Andersen Advanced Operating Systems Georgia State University.

Timing and Race Condition Verification of Real-time Systems Yann–Hang Lee, Gerald Gannod, and Karam Chatha Dept. of Computer Science and Eng. Arizona State.

Bradley Cowie Supervised by Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING AND.

GrIDS -- A Graph Based Intrusion Detection System For Large Networks Paper by S. Staniford-Chen et. al.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 1.

1 CS 456 Software Engineering. 2 Contents 3 Chapter 1: Introduction.

Veriﬁcation of Information Flow Properties in Cyber-Physical Systems Ravi Akella, Bruce McMillin Department of Computer Science Missouri University of.

Michael Ernst, page 1 Collaborative Learning for Security and Repair in Application Communities Performers: MIT and Determina Michael Ernst MIT Computer.

L. Dillon Software Engineering & Network Systems Laboratory Michigan State University 1 Getting Results From Testing Laura K. Dillon Software Engineering.

Supporting Object Mobility Wouter Joosen, Frank Matthijs, Bert Robben, Eddy Truyen, Bart Vanhaute DistriNet Lab ~xenoops/CORRELATE.

Programming Models & Runtime Systems Breakout Report MICS PI Meeting, June 27, 2002.

11 World-Leading Research with Real-World Impact! Risk-Aware RBAC Sessions Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security.

Reliable Communication in the Presence of Failures Based on the paper by: Kenneth Birman and Thomas A. Joseph Cesar Talledo COEN 317 Fall 05.

Next-generation databases Active databases: when a particular event occurs and given conditions are satisfied then some actions are executed. An active.

1 Hybrid-Formal Coverage Convergence Dan Benua Synopsys Verification Group January 18, 2010.

Advanced Computer Networks Topic 2: Characterization of Distributed Systems.

Security Issues in Distributed Heterogeneous Systems Somesh Jha Computer Sciences Department University of Wisconsin Madison, WI

CS ST0 Software Testing Spring 2011 Review Last updated: April 26, 2011 Aditya P. Mathur Purdue University.

1 Qualitative Reasoning of Distributed Object Design Nima Kaveh & Wolfgang Emmerich Software Systems Engineering Dept. Computer Science University College.

Secure Systems Research Group - FAU SW Development methodology using patterns and model checking 8/13/2009 Maha B Abbey PhD Candidate.

Department of Computing, School of Electrical Engineering and Computer Sciences, NUST - Islamabad KTH Applied Information Security Lab Secure Sharding.

Towards Interoperability Test Generation of Time Dependent Protocols: a Case Study Zhiliang Wang, Jianping Wu, Xia Yin Department of Computer Science Tsinghua.

HACNet Simulation-based Validation of Security Protocols Vinay Venkataraghavan Advisors: S.Nair, P.-M. Seidel HACNet Lab Computer Science and Engineering.

DESIGN OF SOFTWARE ARCHITECTURE

Policy Evaluation Testbed Vincent Hu Tom Karygiannis Steve Quirolgico NIST ITL PET Report May 4, 2010.

Reachability Testing of Concurrent Programs1 Reachability Testing of Concurrent Programs Richard Carver, GMU Yu Lei, UTA.

Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Conclusion.

Page 1 2P13 Week 1. Page 2 Page 3 Page 4 Page 5.

May 7-8, 2007ICVCI 2007 RTP Autonomic Approach to IT Infrastructure Management in a Virtual Computing Lab Environment H. Abdel SalamK. Maly R. MukkamalaM.

Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.

Chapter 29: Program Security Dr. Wayne Summers Department of Computer Science Columbus State University

1 Testing Implementations Of Access Control Systems (New Proposal) Ammar Masood: Graduate Student Arif Ghafoor (ECE) and Aditya Mathur (CS) Purdue University,

Computer Science Least Privilege and Privilege Deprivation: Towards Tolerating Mobile Sink Compromises in Wireless Sensor Network Presented by Jennifer.

EEC 688/788 Secure and Dependable Computing Lecture 10 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

1 Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood K. Jayaram School of Electrical and Computer Engineering.

X10: Performance and Productivity at Scale

Internet of Things: Security Challenges

Athith Amarnath, graduate Student Database and Security Research Group

Towards Next Generation Panel at SAINT 2002

Jayaram KR Graduate Student - Computer Science Purdue University

EEC 688/788 Secure and Dependable Computing

Chapter 29: Program Security

EEC 688/788 Secure and Dependable Computing

EEC 688/788 Secure and Dependable Computing

Teach Parallelism Using Video Games

Presentation transcript:

Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood, K. Jayaram School of Electrical and Computer Engineering Department of Computer Science Purdue University Faculty: Arif Ghafoor (ECE), Aditya Mathur (CS) May 10, 2006 Oak Ridge National Lab, Oak Ridge, TN Cyber Security & Information Infrastructure Workshop

5/10/06Testing Access Control and Authentication2 Research Objective To develop and experiment with novel techniques for the generation of tests to test implementations of access control policies and authentication protocols.

5/10/06Testing Access Control and Authentication3 Target security mechanisms Role based access control (RBAC) with or without temporal constraints. Authentication protocols (e.g. TLS)

5/10/06Testing Access Control and Authentication4 Proposed Test Infrastructure (Access control) Access Control policy Policy verifier plugin Policy (internal representation) Policy model Policy tests Modeling plugin Test generator plugin Test harness IUT

5/10/06Testing Access Control and Authentication5 Challenges Modeling: Naïve FSM or timed automata models are prohibitively large even for policies with 10 users and 5 roles (and 3 clocks). How to reduce model size and the tests generated? Test generation: How to generate tests to detect (ideally) all policy violation faults that might lead to violation of the policy? Test execution: Distributed policy enforcement?

5/10/06Testing Access Control and Authentication6 Proposed Approach Express behavior implied by a policy as an FSM. Apply heuristics to scale down the model. Use the W- method, or its variant, to generate tests from the scaled down model. Generate additional tests using a combination of stress and random testing aimed at faults that might go undetected due to scaling.

5/10/06Testing Access Control and Authentication7 Sample model Two users, one role. Only one user can activate the role. Number of states≤3 2. AS: assign. DS: De-assign. AC: activate. DC: deactivate. X ij : do X for user i role j.

5/10/06Testing Access Control and Authentication8 Heuristics H1: Separate assignment and activation H2: Use FSM for activation and single test sequence for assignment H3: Use single test sequence for assignment and activation H4: Use a separate FSM for each user H5: Use a separate FSM for each role H6: Create user groups for FSM modeling.

5/10/06Testing Access Control and Authentication9 Fault model

5/10/06Testing Access Control and Authentication10 Tests generated

5/10/06Testing Access Control and Authentication11 Concurrency and Cryptographic protocols Cryptographic protocols are highly concurrent because they involve multiple principals (they may be synchronous or asynchronous) Man-in-the–middle attacks exploit concurrency-related aspects. Attackers can read/delete/modify messages between concurrent principals Concurrency is an in-alienable part of every protocol. A test case for testing a cryptographic protocol involves concurrent principals Formal models used to derive tests should therefore support concurrency! --> Statecharts is our choice.

5/10/06Testing Access Control and Authentication12 Other aspects of concurrency A server for example, has several sessions of a protocol running concurrently. The protocol implementation should be thread safe. Principals in one concurrent session should not be able to access parameters of a parallel session Protocol implementations may be required to satisfy performance requirements in a multi-session scenario – this is important for performance/stress testing

5/10/06Testing Access Control and Authentication13 What is next… Modeling: Handling timing constraints? (timed automata, fault model, heuristics) Handling authentication protocols? (Statecharts, insecure paths, test generation) Dealing with concurrency? Experimentation: With large/realistic policies and commercial authentication protocols to assess the efficiency and effectiveness of the test generation methods. Prototype tool development (Money???)