Enterprise Wrappers OASIS PI Meeting July 24, 2001 Bob Balzer Neil

Slides:



Advertisements
Similar presentations
Network Systems Sales LLC
Advertisements

CS 443 Advanced OS Fabián E. Bustamante, Spring 2005 Resource Containers: A new Facility for Resource Management in Server Systems G. Banga, P. Druschel,
Chapter 6 Security Kernels.
Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Unit 3 IT278 Network Administration Course Name – IT278 Network Administration Instructor.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Chapter 7 HARDENING SERVERS.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
INTRODUCTION OS/2 was initially designed to extend the capabilities of DOS by IBM and Microsoft Corporations. To create a single industry-standard operating.
1.1 Installing Windows Server 2008 Windows Server 2008 Editions Windows Server 2008 Installation Requirements X64 Installation Considerations Preparing.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Towards Application Security On Untrusted OS
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Norman SecureSurf Protect your users when surfing the Internet.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Securing Legacy Software SoBeNet User group meeting 25/06/2004.
1 Kyung Hee University Prof. Choong Seon HONG Network Control.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Integrity Through Mediated Interfaces PI Meeting: Feb 22-23, 2000 Bob Balzer Information Sciences Institute Legend: Changes from previous.
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
Controlling Files Richard Newman based on Smith “Elementary Information Security”
CHAPTER FOUR COMPUTER SOFTWARE.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Course code: ABI 204 Introduction to E-Commerce Chapter 5: Security Threats to Electronic Commerce AMA University 1.
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
CE Operating Systems Lecture 3 Overview of OS functions and structure.
Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
OPERATING SYSTEM SUPPORT DISTRIBUTED SYSTEMS CHAPTER 6 Lawrence Heyman July 8, 2002.
Chap1: Is there a Security Problem in Computing?.
Security fundamentals Topic 10 Securing the network perimeter.
Integrity Through Mediated Interfaces PI Meeting Feb. 15, 2001 Bob Balzer, Marcelo Tallis Legend: Turquoise Changes from July99.
System Components ● There are three main protected modules of the System  The Hardware Abstraction Layer ● A virtual machine to configure all devices.
Page 1 Printing & Terminal Services Lecture 8 Hassan Shuja 11/16/2004.
Integrity Through Mediated Interfaces Bob Balzer Information Sciences Institute
Integrity Through Mediated Interfaces PI Meeting: July 19-21, 2000 Bob Balzer Teknowledge Legend: Turquoise Changes from July 99.
Enterprise Wrappers OASIS PI Meeting August 19, 2002 Bob Balzer Neil Legend: Green Changes from February 02 PI meeting.
Integrity Through Mediated Interfaces PI Meeting July 24, 2001 Bob Balzer, Marcelo Tallis Legend: Turquoise Changes from July99.
I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.
Features Of SQL Server 2000: 1. Internet Integration: SQL Server 2000 works with other products to form a stable and secure data store for internet and.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Integrity Through Mediated Interfaces PI Meeting August 19, 2002 Bob Balzer, Marcelo Tallis Legend: Turquoise Changes from.
VMM Based Rootkit Detection on Android
Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis  Match the technologies used with the security need  Spend time and resources covering the most.
Enterprise Wrappers OASIS PI Meeting March 12, 2002 Bob Balzer Neil Goldman Mahindra
Enterprise Wrappers OASIS PI Meeting Feb. 15, 2001 Mark Feldman Lee ftp://ftp.tislabs.com/pub/wrappers.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK
DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.
Aaron Corso COSC Spring What is LAMP?  A ‘solution stack’, or package of an OS and software consisting of:  Linux  Apache  MySQL  PHP.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
Enterprise Enterprise Wrappers for Information Assurance DARPA/SPAWAR Contract N66001-C-8023 Mark Feldman, Wayne Salamon, Steve Kiernan, John Axisa NAI.
11 DEPLOYING AN UPDATE MANAGEMENT INFRASTRUCTURE Chapter 6.
HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,
Security fundamentals
A Quick Tour of Ceedo Safe Browsing and Remote Access Protection.
Architecture Review 10/11/2004
Securing Network Servers
SECURING NETWORK TRAFFIC WITH IPSEC
Chapter 2: System Structures
Mark Feldman, Lee Badger, Steve Kiernan, Larry Spector,
Security.
Shielding applications from an untrusted cloud with Haven
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

Enterprise Wrappers OASIS PI Meeting July 24, 2001 Bob Balzer Neil

Situational Awareness Very Large Network Wide Area Network Network Operations Center Middle Managers Enclave Local Area Network Host Process Host Process PolicyAlerts

Enterprise Wrappers Goals  Integrate host-based wrappers into scalable cyber-defense system  Create common multi-platform wrapper infrastructure  Populate this infrastructure with useful monitors, authorizers, and controllers

Enterprise Wrappers Objectives NWM Network Schema & Data Hardened System “Soft” System Manager Interface Other IA components, such as intrusion detection, sniffers, secure DNS, IDIP, etc. Boundary Controller... service WMI proxy Control Protocol Data Push/Pull Wrapper Network Interface –Off-board cyber-defense controllers –Off-board communication of wrapper data Host Controller –Manages dynamic insertion and removal of Wrappers –Multi-platform (Linux and NT) –Network-scalable Mutual protection/isolation of Host Controller & Wrappers from the system(s) being protected Linux or NT Wrapper Subsystem Data Base Hardened System(expanded) Host Controller M M M M MediationCocoon App M M M M MediationCocoon App

Original Project Challenges Deployable Enterprise Wrappers –Host Controller –Network Wrapper Manager –Wrappers (developed by other projects) Additional Wrappers Research Large-Scale Wrapper Policy Management Added

Active Available Enterprise Wrapper APIs Deployable Version Available 12/31/01 Deployed Deploy Installed Install Active Activate Sensed Deactivate Defined UndeployUninstall Define Focus

Additional Wrapper Research Fault-Tolerating Wrappers –Monitor Program Behavior –Record Persistent Resource Modifications –Delay Decision Point by making changes undoable File, Registry, Database, Communication Changes Lock access to updates by other processes until accepted –Provide Undo-Execution Facility Invoked by after-the-fact Intrusion Detection Effect: Reverse Attack Progress Untrusted Wrappers –Isolate Mediators from code being wrapped –Enforce Mediator Interface Monitors (only observe) Authorizers (only allow/prevent invocation) Transformers –Modify parameters and/or return –Supply service on their own

Situation Awareness Very Large Network Wide Area Network Network Operations Center Middle Managers Enclave Local Area Network Host Process Host Process Large-Scale Wrapper Policy Management PolicyAlerts

Existing NT Wrappers  Safe Attachments Document Integrity for MS Office  Executable Corruption Detector Protected Path (Keyboard  App.  SmartCard) Local/Remote Process Tracker  No InterProcess Diddling  Safe Web Brower  Safe Office Key:  Policy Driven Wrapper Planned

Policy Management (by Mission Category) Baseline (Protect Resources) Application Control –Only Authorized Applications Add and Remove Authorized Applications –Only Mission Critical Applications Add and Removed Critical Applications –No Spawns Initiated by Remote Users Media Control –No Streaming Media –No Active Content Override Control –No Local Danger/Alert Overrides –Terminate all processes violating policy

Graphical Policy Specification Policy 1 Domain A App Control Media Control Override Control Domain B Policy 1a Policy 1b

Graphical Policy Enforcement Use PowerPoint as GUI –For Policy Definition –For Policy Enforcement Diagram Changes Trigger Actions Policy 1 Domain A App Control Media Control Override Control Domain B Domain C Policy 1a Policy 1b

Can wrappers raise the security bar by è Securing PIN entry from keyboard to crypto application? è Securing communication between crypto application and crypto peripheral? Cryptoperipheral Computer Keyboard è Identifying valid user/crypto application combinations? è Protecting critical system resources? CAPD Experiment (Controlled Access Path to Devices) NT Teknowledge Solaris NAI Labs

Netscape User32 PKCS11 Winscard thepin System Queue Kernel User Netscape Queue Smart Card Resource Manager (NT Service) Kernel32 Serial Port t h e p i n * * *    NT PIN Path (unwrapped)   thepin

Netscape User32 PKCS11 Winscard proxy System Queue Kernel User Netscape Queue Smart Card Resource Manager (NT Service) Kernel32 Serial Port   NT Secure PIN Path  thepin  proxy thepin  

No Interprocess Handles Key Protected/Blocked Unprotected Worth Trying Out of Bounds May Use Outlawed APIs Static Linking? Only Netscape can load Unseen API No Defense Created May Use Outlawed APIs No Corrupted Executables No Keyboard HooksNo Corrupted Executables Keyboard Logging Serial Port Monitoring Smartcard Service Manager Trojan Horse Wrapped Shell Virus Infection Start Point Capture PIN entry Capture and/or modify card datastream Capture data flow to and from card Monitor Netscape.exe raw memory space Overlapped IO access to Keyboard Event Queue Watch BIOS interrupts Hook Serial Comm VxD Small App built from MS SC API Launch Sub7 Trojan Horse Infect Netscape executable with a debug virus Memory Monitoring Capture Key data Objectives CAPD NT Attack Tree Results 8/2/01

Hardened Client Experiment Mobile Laptops –Deployed on Public Networks Objectives –1. Protect laptops from hostile systems on any network. –2. Protect laptops from hostile and malicious code. 3. Provide data protection for some or the entire disk

Hardened Client Defenses Unrestricted Access Authorized Comm Paths OS Attacks Server Attacks Application Attacks Encrypted File system Encrypted File system Web Floppy FTP P2P ADFPGP Disk Safe Enterprise Wrappers Option Attachments opened in separate process Except for PowerPoint and Netscape Rules applied to multiple processes

URL Server Request Handler Requests Responses URL Server Page Offensive Wrapper Vulnerabilities How could an attacker user this technology? –Change the perceived execution environment E.g. Subvert Detect Defaced Web Page Defending against Offensive Wrappers Get there first (i.e. deploy Defensive Wrappers) Mediate Wrapper Installation APIs (don’t allow new wrappers) Prevent Inter-Process Diddling of Protected Processes Deface Detector