Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mark Feldman, Lee Badger, Steve Kiernan, Larry Spector,

Published byTimo Klein Modified over 6 years ago

Similar presentations

Presentation on theme: "Mark Feldman, Lee Badger, Steve Kiernan, Larry Spector,"— Presentation transcript:

1 Enterprise Wrappers for Information Assurance DARPA/SPAWAR Contract N66001-C-8023
Mark Feldman, Lee Badger, Steve Kiernan, Larry Spector, Wayne Salamon, John Axisa NAI Labs OASIS Summer PI Meeting 24 July 2001 Not for Public Release

2 Base Technology and Teaming
A Parallel, Collaborative Effort Using Previous DARPA Research Prototypes as a Base Teknowledge: Windows NT/2000 NAI Labs: Multi-Platform, concentrating on Linux under this program

3 Enterprise Wrappers Goals
“Scaling the power of the wrapper to the enterprise” Integrate host-based wrappers into scalable cyber-defense system Create common, multi-platform, policy-enforcing infrastructure Populate this infrastructure with useful monitors, authorizers, and controllers Dynamically ensure a consistent, enterprise-wide policy

4 Enterprise Wrappers Objectives
NWM Network Schema & Data Hardened System “Soft” Manager Interface Other IA components, such as intrusion detection, sniffers, secure DNS, IDIP, etc. Boundary Controller ... service WMI proxy Control Protocol Data Push/Pull Linux or NT Wrapper Subsystem Data Base Hardened System(expanded) Host Controller M Mediation Cocoon App Wrapper Network Interface Off-board cyber-defense controllers Off-board communication of wrapper data Multi-Platform Host Controller Manages dynamic insertion and removal of Wrappers Network-scalable

5 Code Red Trojan (Hard DARPA Problem)
Could wrappers have prevented this Trojan? Yes. Through specification-based or other fine-grained access control wrappers (e.g., napenfoce wrapper) and through sequence-based (Hofmeyr, Forrest, Somayaji) ID&R. Would the existence of an Enterprise Wrappers infrastructure make fighting such attacks easier for admins? Yes. The admin could view the attack and update systems in near real time.

6 What We’ve Done Lately Modularized GSWTK Identified technologies
Provided interoperation with other LKMs Augmented infrastructure and APIs for host and network controllers Identified technologies Communication for policy distribution (BEEP, Spread) Portable, Java-based host and network controller Portable storage mechanism (LDAP) for policy Selected policy model

7 Design for Java-based GUI and controllers

8 What “Policy” Means Here
A combination of Wrappers written in WDL Activation Criteria Data to drive decisions Distributed based on Hardware/Software Platform Network Topology Geographic Location Mission Users via a secure, hierarchical distribution mechanism driven by a GUI (drag-and-drop) with local override

9 Questions we have (DARPA-hard)
Is the Policy Model adequate for the user? Are pre-packaged groups of wrappers, activation criteria, and data sufficient? Will composition produce unexpected/unintended results? Will the administrator-in-the-middle hierarchical model produce unexpected/unintended results?

10 Schedule and Status 2001 2000 2002 2003 NAI Start Teknowledge Start
Host & Network Controllers Base technology build-up Updated Wrappers New API design and implementation ... 2001 2000 2002 2003 Santa Fe PI Meeting Norfolkgk PI Meetin Hawaii PI Meeting

11 Technology Transfer Wrappers are available and being used; Enterprise Wrappers will become the default. Actively seeking input on wrappers necessary to protect mission ways to make wrappers easier to use. Continuing to make the toolkit available under the GPL, including new Enterprise functionality.

12 Questions, Suggestions, or Ideas
?

Download ppt "Mark Feldman, Lee Badger, Steve Kiernan, Larry Spector,"

Similar presentations

Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.

Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.
Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.

Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.
1 Software & Grid Middleware for Tier 2 Centers Rob Gardner Indiana University DOE/NSF Review of U.S. ATLAS and CMS Computing Projects Brookhaven National.

1 Software & Grid Middleware for Tier 2 Centers Rob Gardner Indiana University DOE/NSF Review of U.S. ATLAS and CMS Computing Projects Brookhaven National.
1 June 1, 2015 Secure access to project budget information for OAR Principal Investigators Eugene F Burger Sylvia Scott Tracey Nakamura John L Forbes PMEL.

1 June 1, 2015 Secure access to project budget information for OAR Principal Investigators Eugene F Burger Sylvia Scott Tracey Nakamura John L Forbes PMEL.
02/12/00 E-Business Architecture

02/12/00 E-Business Architecture
Grids and Grid Technologies for Wide-Area Distributed Computing Mark Baker, Rajkumar Buyya and Domenico Laforenza.

Grids and Grid Technologies for Wide-Area Distributed Computing Mark Baker, Rajkumar Buyya and Domenico Laforenza.
Integrated Information Technology (IT) & Information Assurance (IA)

Integrated Information Technology (IT) & Information Assurance (IA)
Design, Implementation and Maintenance

Design, Implementation and Maintenance
A Survey on Interfaces to Network Security

A Survey on Interfaces to Network Security
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.
OASIS V2+ Next Generation Open Access Server CSD 2006 / Team 12.

OASIS V2+ Next Generation Open Access Server CSD 2006 / Team 12.
Integrity Through Mediated Interfaces PI Meeting: Feb 22-23, 2000 Bob Balzer Information Sciences Institute Legend: Changes from previous.

Integrity Through Mediated Interfaces PI Meeting: Feb 22-23, 2000 Bob Balzer Information Sciences Institute Legend: Changes from previous.
Michael Ernst, page 1 Collaborative Learning for Security and Repair in Application Communities Performers: MIT and Determina Michael Ernst MIT Computer.

Michael Ernst, page 1 Collaborative Learning for Security and Repair in Application Communities Performers: MIT and Determina Michael Ernst MIT Computer.
Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.

Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.
MILCOM 2001 October 30 -- page 1 Defense Enabling Using Advanced Middleware: An Example Franklin Webber, Partha Pal, Richard Schantz, Michael Atighetchi,

MILCOM 2001 October page 1 Defense Enabling Using Advanced Middleware: An Example Franklin Webber, Partha Pal, Richard Schantz, Michael Atighetchi,
VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.

VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.
Enterprise Wrappers OASIS PI Meeting July 24, 2001 Bob Balzer Neil

Enterprise Wrappers OASIS PI Meeting July 24, 2001 Bob Balzer Neil
WDMS 2002 June 26 -- page 1 Middleware Policies for Intrusion Tolerance QuO Franklin Webber, Partha Pal, Chris Jones, Michael Atighetchi, and Paul Rubel.

WDMS 2002 June page 1 Middleware Policies for Intrusion Tolerance QuO Franklin Webber, Partha Pal, Chris Jones, Michael Atighetchi, and Paul Rubel.

Similar presentations

Ads by Google