MagicNET: Security Architecture for Creation, Classification, and Validation of Trusted Mobile Agents Presented By Mr. Muhammad Awais Shibli.

Slides:

Advertisements

Similar presentations

© Copyright International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.

Advertisements

PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.

CSE300-1 Profs. Steven A. Demurjian Q. Jin, J. Nam, Z. Qian and C. Phillips Computer Science & Engineering Department 191 Auditorium Road, Box U-155 The.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.

Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.

Report on Attribute Certificates By Ganesh Godavari.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Lecture 23 Internet Authentication Applications

CNRIS CNRIS 2.0 Challenges for a new generation of Research Information Systems.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Wednesday, June 03, 2015 © 2001 TrueTrust Ltd1 PERMIS PMI David Chadwick.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

1 July 2005© 2005 University of Kent1 Seamless Integration of PERMIS and Shibboleth – Development of a Flexible PERMIS Authorisation Module for Shibboleth.

Security Management.

Web services security I

Computer Science Public Key Management Lecture 5.

Public Key Infrastructure from the Most Trusted Name in e-Security.

IT:Network:Applications.  Single Key (Symmetric) encryption ◦ One “key” or passphrase used to encrypt and decrypt ◦ FAST – good for large amounts of.

WP6: Grid Authorization Service Review meeting in Berlin, March 8 th 2004 Marcin Adamski Michał Chmielewski Sergiusz Fonrobert Jarek Nabrzyski Tomasz Nowocień.

SMART SECURITY ON DEMAND NETWORK ACCESS CONTROL Control Who And What Is On Your Network Larry Fermi Sr. Systems Engineer, NAC Subject Matter Expert.

Information Sharing Puzzle: Next Steps Chris Rogers California Department of Justice April 28, 2005.

MagicNET: Security Architecture for Discovery and Adoption of Mobile Agents Presented By Mr. Muhammad Awais Shibli.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

PKI interoperability and policy in the wireless world.

70-411: Administering Windows Server 2012

Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.

Active Monitoring in GRID environments using Mobile Agent technology Orazio Tomarchio Andrea Calvagna Dipartimento di Ingegneria Informatica e delle Telecomunicazioni.

1 Vulnerability Analysis and Patches Management Using Secure Mobile Agents Presented by: Muhammad Awais Shibli.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Gregorio Martínez Pérez University of Murcia PROVIDING SECURITY TO UNIVERSITY ENVIRONMENT COMMUNICATIONS.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

OpenPASS Open Privacy, Access and Security Services “Quis custodiet ipsos custodes?”

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

SIM328. Access Control List Perimeter No Yes Firewall Perimeter Authorized Users Unauthorized Users Information Leakage Unauthorized Users …but.

Secure Credential Manager Claes Nilsson - Sony Ericsson

Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.

XML Web Services Architecture Siddharth Ruchandani CS 6362 – SW Architecture & Design Summer /11/05.

A Flexible Access Control Model for Web Services Elisa Bertino CERIAS and CS Department, Purdue University Joint work with Anna C. Squicciarini – University.

A security framework combining access control and trust management for mobile e-commerce applications Gregor v.Bochmann, Zhen Zhang, Carlisle Adams School.

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

Module 9: Designing Public Key Infrastructure in Windows Server 2008.

Supporting further and higher education The Akenti Authorisation System Alan Robiette, JISC Development Group.

MagicNET: Security System for Protection of Mobile Agents.

Welcome Windows Server 2008 安全功能 -NAP. Network Access Protection in Windows Server 2008.

Oracle Data Integrator Architecture Components.

© 2003 The MITRE Corporation. All rights reserved For Internal MITRE Use Addressing ISO-RTO e-MARC Concerns: Clarifications and Ramifications Response.

Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.

State of e-Authentication in Higher Education August 20, 2004.

DIGITAL SIGNATURE.

Authorization GGF-6 Grid Authorization Concepts Proposed work item of Authorization WG Chicago, IL - Oct 15 th 2002 Leon Gommans Advanced Internet.

Interoperable Trust Networks Chris Rogers California Dept of Justice February 16, 2005.

Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.

Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.

1 AHM, 2–4 Sept 2003 e-Science Centre GRID Authorization Framework for CCLRC Data Portal Ananta Manandhar.

E-Authentication October Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure.

Newcastle uopn Tyne, September 2002 V. Ghini, G. Lodi, N. Mezzetti, F. Panzieri Department of Computer Science University of Bologna.

MagicNET: XACML Authorization Policies for Mobile Agents Mr. Awais Shibli.

e-Health Platform End 2 End encryption

Module 8: Securing Network Traffic by Using IPSec and Certificates

Considering issues regarding handling token

Public Key Infrastructure from the Most Trusted Name in e-Security

Module 8: Securing Network Traffic by Using IPSec and Certificates

Web Information Systems Engineering (WISE)

PKI (Public Key Infrastructure)

Presentation transcript:

MagicNET: Security Architecture for Creation, Classification, and Validation of Trusted Mobile Agents Presented By Mr. Muhammad Awais Shibli

Presentation Overview 1. Background 2. Mobile Agents 3. System Components 4. Roles in the Proposed System 5. Components of the System 6. Operations of the System 7. Conclusion

Mobile Agents Mobile agents are self-contained software modules with additional credentials and accumulated data. They roam a network, moving autonomously from one server to another, perform their designated tasks, and finally, eventually, return to their control station.

Background Wider Adoption of Mobile Agents Security Solutions –Platform –Agent

Still Problem !!!! –Experimental envirnoment –Close Envirnoment

Issues need to address Creation of mobile agents Specification of classification parameters. Validation procedures. Enforcement of roles and procedures Distribution of agents

System Components MagicNET stands for Mobile Agents Intelligent Community Network, has developed at secLab at DSV Department at KTH. MagicNET provide complete infrastructural and functional component for secure mobile agent research and development. It provide support to build secure & trusted mobile agents, provide agents repository (agents’ store), Mobile Agents Servers (for their runtime execution), Mobile Agent Control Station, Infrastructural servers.

Assurance Levels for Mobile Agents “Distributed trust management involves proving that an agent has the ability to access some service/resource solely by verifying that its credentials comply with the security policy of the requested service”[4]

Second Approach “... trust (or symmetrically, distrust) is a particular level of the subjective probability with which an agent will perform a particular action, both before it can monitor such action (or independently of his capacity to monitor it) and in a context in which it affects its own action”

Properties and Attributes Assurance Level LowMediumHigh Creator’s SignatureNoYes Sign Validation Yes Cert Validation Owner’s Signature NoYes Sign Validation Yes Cert Validation Appraiser’s SignatureNoYes Sign Validation Yes Cert Validation Privileged Authority’s Signature NoYes Sign Validation Yes Cert Validation Service Registrar’s Signature NoYes Sign Validation Yes Cert Validation Code EncryptionNoYes, symmetric key Triple DES 168 bits key Yes, symmetric key AES 256 bits key size RSA Key Size512 bits1024 bits2048 bits Baggage EncryptionNoYes, symmetric key shared with servers Yes, public key, enveloping XML based Task Specification NoYesYes, signed by Privileged Authority Role specificationNoYesYes, signed by Privileged Authority

Roles in the Proposed System Agent Creator (AC) Privilege Authority.(PA) Service Registrar. (SR) Agent Trust Appraiser(ATA) Agent Owner (AO)

Components of the System Global Certificate Management System Agent Factory Global Directory facilitator (UDDI Server) Management Server.

Operations of the System Agent Creation Agent Trust Appraiser Agent Privileges Assignment Agent Services Publishing Agent Adoption

Questions ???