MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites Jim Basney, Patrick Flanigan, Himanshu Khurana, Joe Muggli, Meenal Pant,

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

MyProxy: A Multi-Purpose Grid Authentication Service

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

Grid Security. Typical Grid Scenario Users Resources.

Fundamentals of Computer Security Geetika Sharma Fall 2008.

National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.

Chapter 7 HARDENING SERVERS.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

FIT3105 Smart card based authentication and identity management Lecture 4.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

University of Maryland I.T. Security Gerry Sneeringer IT Security Officer

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

Security Guidelines and Management

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Installing Samba Vicki Insixiengmay Jonathan Krieger.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites NCSA: Von Welch, Jim Basney, Himanshu Khurana NRL CCS: Ken Hornstein PNNL:

National Energy Research Scientific Computing Center (NERSC) Computer Security – The New Threats Stephen Lau NERSC Center Division, LBNL June 24, 2004.

COEN 252 Computer Forensics

Hands-On Microsoft Windows Server 2008

Scalable Security and Accounting Services for Content-based Publish/Subscribe Systems Himanshu Khurana NCSA, University of Illinois.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

TeraGrid Science Gateways: Scaling TeraGrid Access Aaron Shelmire¹, Jim Basney², Jim Marsteller¹, Von Welch²,

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

An Approach To Automate a Process of Detecting Unauthorised Accesses M. Chmielewski, A. Gowdiak, N. Meyer, T. Ostwald, M. Stroiński

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

National Computational Science National Center for Supercomputing Applications National Computational Science NCSA-IPG Collaboration Projects Overview.

Federated Environments and Incident Response: The Worst of Both Worlds? A TeraGrid Perspective Jim Basney Senior Research Scientist National Center for.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

One Platform, One Solution: eToken TMS 5.1 Customer Presentation November 2009.

Application Services COM211 Communications and Networks CDA College Theodoros Christophides

Tutorial: Building Science Gateways TeraGrid 08 Tom Scavo, Jim Basney, Terry Fleury, Von Welch National Center for Supercomputing.

NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.

Chapter 2 Securing Network Server and User Workstations.

National Computational Science National Center for Supercomputing Applications National Computational Science GSI Online Credential Retrieval Requirements.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

1 Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise your system.

Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.

1 Flexible, High-Speed Intrusion Detection Using Bro Vern Paxson Computational Research Division Lawrence Berkeley National Laboratory and ICSI Center.

Office of Science U.S. Department of Energy Grid Security at NERSC/LBL Presented by Steve Chan Network, Security and Servers

2/19/2016clicktechsolution.com Security. 2/19/2016clicktechsolution.com Threats Threats to the security of itself –Loss of confidentiality.

Role Of Network IDS in Network Perimeter Defense.

Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis  Match the technologies used with the security need  Spend time and resources covering the most.

An Active Security Infrastructure for Grids Stuart Kenny*, Brian Coghlan Trinity College Dublin.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

SELS: A Secure List Service Himanshu Khurana, Adam Slagell, Rafael Bonilla NCSA, University of Illinois Appeared in the ACM Symposium of Applied.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

1 Example security systems n Kerberos n Secure shell.

Grid Computing Security Mechanisms: the state-of-the-art

Von Welch Emerging NCSA Security R&D NSF CyberSecurity Summit September 28th, 2004 Von Welch

Configuring Windows Firewall with Advanced Security

Radius, LDAP, Radius used in Authenticating Users

Federated Environments and Incident Response: The Worst of Both Worlds

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites Jim Basney, Patrick Flanigan, Himanshu Khurana, Joe Muggli, Meenal Pant, Adam Slagell, Von Welch National Center for Supercomputing Applications

Mithril  ONR-funded project under the National Center for Advaced Secure Systems Research  Mithril is a fictional material from J.R.R. Tolkien's universe, Middle-earth. It is a precious silvery metal, stronger than steel but much lighter in weight. (from Wikipedia)  A mithril coat of mail provides strong protection but is light and flexible  Our project will develop adaptable site security mechanisms that maintain usability

Mithril Goals  Adaptable Security for Survivability Maintain high-level of openness and usability during normal operation Allow response by applying security counter-measures and adjusting level of service during heavy attack  In Collaborative Computing Sites Examples: NRL Center for Computational Science (CCS), NSF centers (NCSA, SDSC, PSC, NCAR), DOE Labs (NERSC, LBNL)

Collaborative Computing Sites  Support large, geographically distributed user communities NCSA has users from all over the world  Enable pooling of distributed resources Intra and inter site Single sign-on Open networks  Provide a variety of general-purpose and specialized computing services

Motivator: Cyber Attacks of 2004  Series of attacks against a number of sites - DOE, NSF, commercial, Universities  Attacker compromised a large number of hosts and installed SSH Trojans to collect usernames and passwords Was careful not to otherwise disturb system so when undetected to a large degree  Used usernames and password to gain access to NCSA and other places, then other vulnerabilities to escalate privileges, install SSH trojan and repeat

Problem Statement  Site security mechanisms cannot change quickly to respond to emerging threats Handle a small number of compromised accounts as a matter of course  Leads to service interruptions when serious attacks occur Only defense is to take yourself off of the network  Need mechanisms for adaptable site security

Challenges  Must maintain usability and openness  Off-site users Vulnerabilities outside local site control  Leading-edge Research systems Heterogeneity Special-purpose platforms Obstacles to software roll-out

Bridging the Gap Computer Science Research Enterprise Security Management Systems

Approach preventiondetection response SURVIVABILITY

Approach preventiondetection response SURVIVABILITY Survivability Research Enterprise Security Management Systems Intrusion Detection Systems NCASSR Research

Existing Work  Survivable systems research: SABER, Willow, SITAR, APOD How can we bring survivability research into production?  Enterprise Security Management Systems SSH Tectia: Enterprise management of SSH services Doesn’t support unique site platforms (ex. IA64 Linux) Can we replicate this functionality for OpenSSH? ArcSight ESM, Symantec ESM, Lightning Console, etc. Are these systems applicable to our environments? cfEngine  Alert Correlation: TIAA  Intrusion Detection Systems: Prelude, Snort, Tripwire, etc. Mithril should integrate with these as possible Previous prelude automatic intrusion response work

Mithril Organization  SSH-based Key Management Lead: Jim Basney  Adaptable IDS for Survivability Lead: Von Welch  Secure for Incident Response Lead: Himanshu Khurana preventiondetection response SURVIVABILITY

Mithril Technology Choices  Prelude IDS Open source, extensible Extend with applied survivability and alert correlation research  SSH Ubiquitous Extend to add key management  SELS Prior NCASSR work in secure group communication

Mithril Architecture

Managing Remote Login Services  Remote login is arguably the most essential service provided by collaborative computing sites today  SSH is very configurable Wide variety of authentication mechanisms Many options for security restrictions  SSH can be an effective site access control point  Plans: Develop an OpenSSH key management subsystem and ssh-remote-agent Develop management system for Kerberos Telnet

SSH Key Management  SSH public key authentication provides single sign-on  SSH keys can be difficult to manage Keys scattered onto multiple machines Unencrypted or encrypted with poor passwords No lifetime restrictions, no revocation capability  OpenSSH credential management service Private keys generated and stored on locked-down key server, public keys distributed Authentication uses ssh-agent protocol link to key server that retains private key Provides revocation capabilities

SSH Key Management SSH Key Server Maintains private RSA keys Client Authenticates via site mechanisms e.g. Kerberos, OTP Client accesses private RSA key via ssh-agent Public Key Distribution RSA-authenticated access Compute Resource

Adaptability: OTP Deployment  One Time Password tokens are costly and inconvenient for routine use by NCSA users  In case of sustained, large-scale attack, transition resources to high-security mode Update SSH configurations to temporarily require OTP hardware token authentication Distribute tokens to priority users via overnight mail  Keep serving small number of high-priority users during intrusion response / clean-up

Adaptable/Reactive IDS  Match monitoring precision with current threat level Host-based IDS competes for cycles with high performance computing jobs  Detect violations of current policy Sites like NCSA are flooded with scans, brute-force attacks, buffer overflow attempts, etc. Apply correlation of events to detect the “real attackers” and filter out the script kiddies  Activate OTP-only policy -> kill non-OTP processes

Secure Services  Needed for intrusion detection and coordinating intrusion response Monitoring and IDS processes send alerts via Need for system administrators to communicate securely (signed, encrypted) across-site when under ongoing attack Need intrusion tolerant system so attackers can’t eavesdrop  SELS: Secure List Services Solution developed under NCASSR program with deployability and usability in mind Provide encryption and signature support for Mailing Lists Use GPG at client, Mailman plug-in at List Server

SELS  SELS provides intrusion tolerance by using proxy encryption techniques Enables the List Server to transform encrypted messages exchanged between list subscribers without requiring access to the message contents.  We have developed proxy encryption techniques using the El Gamal crypto-system that allow us use standard ElGamal public/private keys and encryption/decryption algorithms.  Integrated with GPG toolkit to facilitate client deployment.  Mailman plug-in on server side

Thank you  Questions?   Project URL:  Work funded by ONR as part of NCASSR  This material is based upon work supported by the Office of Naval Research under Award No. N Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the author(s) and do not necessarily reflect the views of the Office of Naval Research.