1 Bees: A Secure, Resource-Controlled, Java-Based Execution Environment Tim Stack Eric Eide Jay Lepreau University of Utah April 5, 2003.

Slides:



Advertisements
Similar presentations
NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)
Advertisements

Windows® Deployment Services
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
1 Semester 2 Module 4 Learning about Other Devices Yuda college of business James Chen
Impala: A Middleware System for Managing Autonomic, Parallel Sensor Systems Ting Liu and Margaret Martonosi Princeton University.
PlanetLab Operating System support* *a work in progress.
Routing Basics By Craig Lindstrom. Overview Routing Process Routing Process Default Routing Default Routing Static Routing Static Routing Dynamic Routing.
Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.
Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.
CS 268: Active Networks Ion Stoica May 6, 2002 (* Based on David Wheterall presentation from SOSP ’99)
CSE331: Introduction to Networks and Security Lecture 9 Fall 2002.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
OSMOSIS Final Presentation. Introduction Osmosis System Scalable, distributed system. Many-to-many publisher-subscriber real time sensor data streams,
Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.
Internet Networking Spring 2003
Rob Jaeger, University of Maryland, Department of Computer Science 1 Active Networking “ The active network provides a platform on which network services.
1 Janos Patrick Tullmann Flux Research Group University of Utah.
Announcements List Lab is still under construction Next session we will have paper discussion, assign papers,
DISTRIBUTED PROCESS IMPLEMENTAION BHAVIN KANSARA.
Maintaining and Updating Windows Server 2008
Objectives After completing this chapter you will be able to: Describe hierarchical routing in OSPF Describe the 3 protocols in OSPF, the Hello, Exchange.
CS 6401 IPv6 Outline Background Structure Deployment.
Layer 2 Switch  Layer 2 Switching is hardware based.  Uses the host's Media Access Control (MAC) address.  Uses Application Specific Integrated Circuits.
Distributed Process Implementation Hima Mandava. OUTLINE Logical Model Of Local And Remote Processes Application scenarios Remote Service Remote Execution.
Routing and Routing Protocols Dynamic Routing Overview.
Chapter 22 Network Layer: Delivery, Forwarding, and Routing
Dynamic Routing Protocols  Function(s) of Dynamic Routing Protocols: – Dynamically share information between routers (Discover remote networks). – Automatically.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Institute of Computer and Communication Network Engineering OFC/NFOEC, 6-10 March 2011, Los Angeles, CA Lessons Learned From Implementing a Path Computation.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,
Defense by Amit Saha March 25 th, 2004, Rice University ANTS : A Toolkit for Building and Dynamically Deploying Network Protocols David Wetherall, John.
1 22 August 2001 The Security Architecture of the M&M Mobile Agent Framework P. Marques, N. Santos, L. Silva, J. Silva CISUC, University of Coimbra, Portugal.
Cisco S2 C4 Router Components. Configure a Router You can configure a router from –from the console terminal (a computer connected to the router –through.
Programmable Networks: Active Networks + SDN. How to Introduce new services Overlays: user can introduce what-ever – Ignores physical network  perf overhead.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Introduction to HP Availability Manager.
Outline Overview Video Format Conversion Connection with An authentication Streaming media Transferring media.
Computing Infrastructure for Large Ecommerce Systems -- based on material written by Jacob Lindeman.
802.11n Sniffer Design Overview Vladislav Mordohovich Igor Shtarev Luba Brouk.
CCNA 2 Week 6 Routing Protocols. Copyright © 2005 University of Bolton Topics Static Routing Dynamic Routing Routing Protocols Overview.
Virtual Machines Created within the Virtualization layer, such as a hypervisor Shares the physical computer's CPU, hard disk, memory, and network interfaces.
Information-Centric Networks10b-1 Week 10 / Paper 2 Hermes: a distributed event-based middleware architecture –P.R. Pietzuch, J.M. Bacon –ICDCS 2002 Workshops.
Integrating Quality of Protection into Ad Hoc Routing Protocols Seung Yi, Prasad Naldurg, Robin Kravets University of Illinois at Urbana-Champaign.
1 Java-enable Network Devices Programmable Network Node: Applications 1 Technology Center, Enterprise Solutions, Nortel Networks 2 Department of Computer.
Centroute, Tenet and EmStar: Development and Integration Karen Chandler Centre for Embedded Network Systems University of California, Los Angeles.
15-744: Computer Networking L-19 Active Networks.
ECHO A System Monitoring and Management Tool Yitao Duan and Dawey Huang.
Role of Router. The Router as a Perimeter Device  Usually the main function of a router is considered as the forwarding of packets between two network.
Ad Hoc On-Demand Distance Vector Routing (AODV) ietf
1 Chapter 4: Internetworking (IP Routing) Dr. Rocky K. C. Chang 16 March 2004.
Anetd and the Abone SRI International Livio Ricciulli.
CS 6401 Intra-domain Routing Outline Introduction to Routing Distance Vector Algorithm.
Understanding IPv6 Slide: 1 Lesson 5 ICMPv6. Understanding IPv6 Slide: 2 Lesson Objectives Purpose of ICMPv6 and the structure of all ICMPv6 messages.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Single Area OSPF Module 2, Review How routing information is maintained Link-state routers apply the Dijkstra shortest path first algorithm against.
1 Server Business Logic & OAuth Beta Overview October 4, 2010 Alan Hantke Product Development Server Business Logic Intuit Partner Platform Diane Weiss.
Maintaining and Updating Windows Server 2008 Lesson 8.
SDN controllers App Network elements has two components: OpenFlow client, forwarding hardware with flow tables. The SDN controller must implement the network.
Zueyong Zhu† and J. William Atwood‡
MZR: A Multicast Protocol based on Zone Routing
Programming with ANTS ANTS facilitates protocols construction and deployment Demonstrate some examples using Mobility services Multicasting.
THE NETWORK LAYER.
ONOS Drake Release September 2015.
Mobile Agents.
The Active Node Transfer System By Chris McAnally & Manu Mittal
Computer Networks Protocols
Host and Small Network Relaying Howard C. Berkowitz
Control-Data Plane Separation
Presentation transcript:

1 Bees: A Secure, Resource-Controlled, Java-Based Execution Environment Tim Stack Eric Eide Jay Lepreau University of Utah April 5, 2003

2 What is Bees? Mobile code system that is –Realistically deployable because it addresses needs of node administrators –Realistically usable because it provides rich interface needed by service authors We believe may be the first such environment

3 Key Features Flexible security primitives Resource control Flexible protocol composition Flexible control of packet propagation Isolates interaction with end-user apps Bees integrates them all

4 A Motivating Application Motherboard sensor monitor –Spreads over network –Reports to server –Shuts down faulty nodes Ideal for active protocol –Flexible access to sensors –Not speed-critical Health Reports Node

5 ANTS: Implementation Capsule –Packet associated with Java class through MD5 hash Protocol –Collection of capsule classes Application –Includes copy of protocol –Source of all capsules

6 ANTS: Security Healthd Sensor.classFileOutputStream.class

7 ANTS: Security No security infrastructure –Can’t read sensors –Can’t log to file Healthd Sensor.class Not Found FileOutputStream.class Not Found

8 ANTS: Resource Control TTL controls resources TTL must be replenished Report Capsule Node

9 ANTS: Resource Control TTL controls resources TTL must be replenished –Server sends requests Problems –More network traffic –Topology not discovered Report Capsule Node Request Capsule

10 ANTS: Node Discovery Discover topology –Just send to neighbors Node Capsules

11 ANTS: Node Discovery Discover topology –Just send to neighbors Problems –Protocol containment –More TTL issues –Hard to reuse Node Capsules External Node Border Router

12 ANTS: Endpoint Node unhealthy –No shutdown permission –Tell application Healthd Temperature: 180°F Fan Speed: 0 rpm Node Shutter Downer Healthd

13 ANTS: Endpoint Node unhealthy –No shutdown permission –Tell application Version change –Capsule hash mismatch –Application must be updated manually Healthd v2.0 Temperature: 180°F Fan Speed: 0 rpm Node Shutter Downer Healthd Drop

14 ANTS: Assessment Reality intervenes What is wrong? Wrong type of EE Richer EE needed

15 Lean vs. Rich Rich Node resident state Threads, timer events General language Complex resource control/accounting Example: Bees Lean Little to no state Forwarding loop only Specialized language Simple resource control/accounting Example SNAP/ANTS

16 Overview Bees –Security –Resource control –Protocol composition –Application interaction –Details of code migration Related work Conclusion

17 JanosVM Security: Isolation Multi-process JVM –Isolates active code –Process holds state, privileges Process is unit of resource control Auth Agent creates and terminates Healthd Auth Agent Protocol A

18 Security: Capabilities Capability-based security mechanism Examples –Files –Cryptographic keys –Neighbors Distributed by Auth Agent Sensor Sensor Log File Healthd Auth Agent

19 Example: Node Discovery Border neighbor withheld Privileges needed to escape Node Capsules External Node Border Router

20 Resource Control Janos infrastructure –CPU, network, and memory Process is unit of control Termination reclaims resources Network controls –Bandwidth limits not enough –TTL too restrictive

21 Network Control Allow only solicited forwarding External stimuli –Timer, capsule receipt, application, … Fine grained operations –Forward to neighbor –Return to source –Multicast to neighborhood –Transform to another capsule type

22 Capsule Operations Capsule operation counters –Protocol author defines initial values –Stimuli replenishes values –Decremented on use –Operations disallowed when zero Initial values limited by Auth Agent

23 Example: Resource Control Report capsule –Replenished by timer –Sent –Further use stopped Forwarding is similar –Replenished by receive Report Capsule Node

24 Protocol Composition No protocol is an island –Protocols depend on each other Protocol is the unit of composition –Primary paired with companions Protocols form a hierarchy System provided –Code downloader

25 Pathfinder Primitive routing protocol Routing scenarios: –Client to server –Server to all clients –Server response to client request Implementation –Spanning tree behavior –No addresses

26 Example: Node Discovery Periodic broadcast –Finds path to server –Spreads code Client Node Discovered Path Server Node

27 Application Interaction Protocol Session provides application interface Trust barrier –Only byte arrays are exchanged Abstracts raw protocol –Insulation from versioning issues Similar to standard socket interfaces

28 Example: Endpoint Node unhealthy –Tell application Other protocols can use same interface Temperature: 180°F Fan Speed: 0 rpm Cluster Scheduler Node Shutter Downer Healthd

29 Code Migration Unknown capsule Healthd Auth App DLID AD

30 Code Migration Unknown capsule Map capsule to Healthd Healthd Auth App DLID AD

31 Code Migration Unknown capsule Map capsule to Healthd Download auth data Healthd Auth App DLID AD ID

32 Code Migration Unknown capsule Map capsule to Healthd Download auth data Check auth data Healthd Auth App DLIDAD IDAD

33 Code Migration Unknown capsule Map capsule to Healthd Download auth data Check auth data Create process Healthd Auth App DLIDAD IDAD Healthd DL

34 Code Migration Unknown capsule Map capsule to Healthd Download auth data Check auth data Create process Start download Healthd DLIDAD IDAD Healthd DL Auth App

35 Code Migration Unknown capsule Map capsule to Healthd Download auth data Check auth data Create process Start download Finish download Healthd DLIDAD IDAD Healthd Auth App DL

36 Related Work Resource control –RCANE[Menage00], SNAP[Moore01] Security –SANE[Alexander98], SANTS[Murphy01] Protocol composition –CANES[Bhattacharjee99]

37 Bees v ,000+ Lines of Code 30-page manual Example application Available at:

38 Conclusion Rich environment –Support for node administrators –Support for protocol authors Key Features –Security and resource control –Protocol composition –Isolates interaction with end-user apps

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.