1 1 Vulnerability Assessment of Grid Software Jim Kupsch Associate Researcher, Dept. of Computer Sciences University of Wisconsin-Madison Condor Week 2006.

Slides:



Advertisements
Similar presentations
Current methods for negotiating firewalls for the Condor ® system Bruce Beckles (University of Cambridge Computing Service) Se-Chang Son (University of.
Advertisements

August 1, 2006 Software Security. August 1, 2006 Essential Facts Software Security != Security Features –Cryptography will not make you secure. –Application.
Workload Management Workpackage Massimo Sgaravatto INFN Padova.
GRID Workload Management System Massimo Sgaravatto INFN Padova.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
1 Security Risks in Clouds and Grids Condor Week May 5, 2011 Barton P. Miller James A. Kupsch Computer Sciences Department University of Wisconsin
Workload Management Massimo Sgaravatto INFN Padova.
Course Technology Chapter 3: Project Integration Management.
Vulnerability Assessments
Loupe /loop/ noun a magnifying glass used by jewelers to reveal flaws in gems. a logging and error management tool used by.NET teams to reveal flaws in.
Jaeyoung Yoon Computer Sciences Department University of Wisconsin-Madison Virtual Machines in Condor.
Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.
Distributed Systems Early Examples. Projects NOW – a Network Of Workstations University of California, Berkely Terminated about 1997 after demonstrating.
Copyright Course Technology 1999
Test Organization and Management
1 Todd Tannenbaum Department of Computer Sciences University of Wisconsin-Madison
Information Systems Security Computer System Life Cycle Security.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
1 Security Risks in the Grid UW-Madison July 22, 2010 Barton P. Miller James A. Kupsch Computer Sciences Department University of Wisconsin
ISA 562 Internet Security Theory & Practice
Workload Management WP Status and next steps Massimo Sgaravatto INFN Padova.
PCGRID ‘08 Workshop, Miami, FL April 18, 2008 Preston Smith Implementing an Industrial-Strength Academic Cyberinfrastructure at Purdue University.
Chapter 3: Software Maintenance Process Omar Meqdadi SE 3860 Lecture 3 Department of Computer Science and Software Engineering University of Wisconsin-Platteville.
Medium Size Software, Inc. SQA Plan: The Batch Processing Application.
CMS Security Justin Klein Keane CMS Working Group March 3, 2010.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
Hao Wang Computer Sciences Department University of Wisconsin-Madison Security in Condor.
EGEE is a project funded by the European Union under contract IST Testing processes Leanne Guy Testing activity manager JRA1 All hands meeting,
1.  Describe an overall framework for project integration management ◦ RelatIion to the other project management knowledge areas and the project life.
Grid Resource Allocation and Management (GRAM) Execution management Execution management –Deployment, scheduling and monitoring Community Scheduler Framework.
Database Administration COMSATS INSTITUTE OF INFORMATION TECHNOLOGY, VEHARI.
1 Vulnerability Assessment of Grid Software James A. Kupsch Computer Sciences Department University of Wisconsin Condor Week 2007 May 2, 2007.
Grid Workload Management Massimo Sgaravatto INFN Padova.
INFO 637Lecture #101 Software Engineering Process II Review INFO 637 Glenn Booker.
L8 - March 28, 2006copyright Thomas Pole , all rights reserved 1 Lecture 8: Software Asset Management and Text Ch. 5: Software Factories, (Review)
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
Software Engineering Prof. Ing. Ivo Vondrak, CSc. Dept. of Computer Science Technical University of Ostrava
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Project Management All projects need to be “managed” –Cost (people-effort, tools, education, etc.) –schedule –deliverables and “associated” characteristics.
Todd Tannenbaum Computer Sciences Department University of Wisconsin-Madison Quill / Quill++ Tutorial.
1 Vulnerability Assessment Elisa Heymann Computer Architecture and Operating Systems Department Universitat Autònoma de Barcelona
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Greg Thain Computer Sciences Department University of Wisconsin-Madison Configuring Quill Condor Week.
Ian D. Alderman Computer Sciences Department University of Wisconsin-Madison Condor Week 2008 End-to-end.
First Principles Vulnerability Assessment Computer Architecture & Operating Systems Department Universitat Autònoma de Barcelona Elisa Heymann Manuel Brugnoli.
Software Testing Process
Chapter 19: Building Systems with Assurance Dr. Wayne Summers Department of Computer Science Columbus State University
1 Update on the Vulnerability Assessment Effort Elisa Heymann Computer Architecture and Operating Systems Department Universitat Autònoma de Barcelona.
~ pertemuan 4 ~ Oleh: Ir. Abdul Hayat, MTI 20-Mar-2009 [Abdul Hayat, [4]Project Integration Management, Semester Genap 2008/2009] 1 PROJECT INTEGRATION.
Mark Shtern.  Our life depends on computer systems  Traffic control  Banking  Medical equipment  Internet  Social networks  Growing number of.
Design and implementation Chapter 7 – Lecture 1. Design and implementation Software design and implementation is the stage in the software engineering.
Grid Workload Management (WP 1) Massimo Sgaravatto INFN Padova.
Project management Topic 8 Configuration Management.
1 Security Architecture and Designs  Security Architecture Description and benefits  Definition of Trusted Computing Base (TCB)  System level and Enterprise.
Condor Week May 2012No user requirements1 Condor Week 2012 An argument for moving the requirements out of user hands - The CMS experience presented.
In-Depth Vulnerability Assessment of Middleware Computer Architecture & Operating Systems Department Universitat Autònoma de Barcelona Elisa Heymann.
Botnets A collection of compromised machines
Manuel Brugnoli, Elisa Heymann UAB
Evaluating Existing Systems
Evaluating Existing Systems
Building Grids with Condor
Maintaining software solutions
Botnets A collection of compromised machines
Chapter 19: Building Systems with Assurance
Leigh Grundhoefer Indiana University
Lecture 09:Software Testing
Basic Grid Projects – Condor (Part I)
Upgrading Condor Best Practices
Chapter 3: Project Integration Management
Presentation transcript:

1 1 Vulnerability Assessment of Grid Software Jim Kupsch Associate Researcher, Dept. of Computer Sciences University of Wisconsin-Madison Condor Week 2006 April 24, 2006

2 2 Security Problems Are Real Everyone with a computer knows this We’ve been lucky (security through obscurity) If you’re not seeing vulnerability reports and fixes for a piece of software, it doesn’t mean that it is secure. It probably means the opposite; they aren’t looking or aren’t telling.

3 3 Security Requires Independent Assessment Software engineers have long known that testing groups must be independent of development groups Designing for security and the use of the secure practices and standards does not guarantee security

4 4 Security Requires Independent Assessment (cont.) You can have the best design in the world, but can be foiled by… –Coding errors –Interaction effects –Human factors –Installation errors –Configuration errors –…

5 5 Project Goals Develop techniques, tools and procedures for vulnerability assessment Apply these to real software: Condor and recently SDSC’s SRB Improve the security of this software Educate developers about best practices in coding and design for security

6 6 Project Goals (cont.) Increase awareness in the grid and distributed systems community about the need for vulnerability assessments Build a community of security specialists We consider the Condor team to be a leader in this effort to increase security.

7 7 Who We Are Professor Barton Miller Jim Kupsch, Associate Researcher –September to 2005 to present Mike Ottum, Research Assistant –January 2005 to August 2005

8 8 Security Evaluation Process Architectural analysis Resource and privilege analysis Component analysis Codification of techniques and dissemination

9 9 Architectural Analysis Create a detailed big picture view of the system Document and diagram –What executables exist and their function –How users interact with them –How executables interact with each other –What privileges they have –What resources they control and access –Trust relationships

10 Architectural Analysis (cont) Created by looking at existing documentation, talking to developers, experimenting with the application, and occasionally looking at the code Usually not well documented, or is spread across multiple documents Long time members of the Condor team learned things when presented with the diagrams

11 Resource and Privilege Analysis Document and diagram –Resources in the system such as files, user jobs, execution hosts, logs, etc –Operations allowed to be performed on a resource –Privileges required for an operation on a resource

12 Component Analysis Audit the source code of a component Look for vulnerabilities in a component

13 What Is a Vulnerability? A defect or weakness in system security procedures, design, implementation, or internal controls that can be exercised and result in a security breach or violation of security policy. - Gary McGraw, Software Security Examples include insecure file permissions, buffer overflows, and SQL injection

14 How To Find Vulnerabilities Design level flaws: –Use the architectural, resource and privilege analysis as a guide Implementation bugs: –Look at uses of suspect calls, such as strcpy and popen –Look at array accesses to verify they are within the boundaries of the array –Use automated analysis tools

15 Vulnerability Disclosure Process Vulnerability report is created Disclosed to developers Allow developers to mitigate problem in a release Release abstracted report or information along with a release Publish full disclosure reports in cooperation with developers

16 Expected Project Results Produce architecture, resource and privilege documentation Find real vulnerabilities, and produce vulnerability reports and disclosures Codify methodology and techniques Disseminate methodology and techniques to others

17 Condor Evaluation Status Currently in the component analysis stage of the evaluation process Still on-going We’re very happy with the cooperation of the Condor team with our project and their response to our reports

18 Submit Host Central Manager User submit startd schedd shadow Execute Host startd schedd starter User Job collectornegotiator 1. Job Description File 2. Job ClassAd 3. Job ClassAd 1. Machine ClassAd 5. Report Match 6. Claim Host 7. fork Shadow 8. Establish Communication Path 9. Set policy and fork User Job 4. Negotiation Cycle 7. fork Starter Privileges - Root Install root condor user Real UIDs nobody 4.Negotiation Cycle 5. Report Match

19 Condor Vulnerabilities Condor vulnerability fix process: –Create a new release containing a security fix and announce an abstracted version of the vulnerability –Wait 4 weeks, to allow sites to upgrade –Publish a report with full disclosure at Some reported vulnerabilities have been fixed and released. First fixes released in and Full disclosure reports available after April 24, 2006 at

20 Condor Vulnerability Report

21 More information We’re happy to talk during the breaks and meals Security BOF tomorrow list to discuss security issues in Condor and Condor issues in will contain the vulnerability reportshttp://