Presentation is loading. Please wait.

Presentation is loading. Please wait.

Middleware technology and software quality issues Andrew McNab Grid Security Research Fellow University of Manchester.

Published byEileen Kings Modified over 9 years ago

Similar presentations

Presentation on theme: "Middleware technology and software quality issues Andrew McNab Grid Security Research Fellow University of Manchester."— Presentation transcript:

1 Middleware technology and software quality issues Andrew McNab Grid Security Research Fellow University of Manchester

2 14 October 2004A.McNab – Security Middleware Outline ● PKI and VOs ● Local Policies ● Services ● VM environments ● Native execution ● Globus gatekeeper ● Apache/GridSite ● Software quality ● Predictions / warnings

3 14 October 2004A.McNab – Security Middleware PKI and VO ● LCG/EGEE/Grid3/OSG use X.509 Public Key / Certificate based credentials for authentication ● “Secure against crypto attacks” ● Implementations of X.509/TLS libraries may have vulnerabilities ● LCG etc define authorization in terms of Virtual Organisation membership ● Defined by published DN lists or Attribute Certificates ● Leverages X.509 authentication infrastructure ● Credential theft is greatest threat to these?

4 14 October 2004A.McNab – Security Middleware Local policies ● LCG etc defines local access policies using Globus gridmap-file or policy language like GACL. ● Again, these leverage authentication and authorization infrastructures. ● Likely threats from attackers discovering policies that will permit access with credentials they hold ● May include human error if we make policy files too hard to maintain (cf firewalls.) ● Tension with Grids' desire to publish policy. ● (cf current attacks spreading by looking at ssh.shosts file for other hosts to try with local ssh credential.)

5 14 October 2004A.McNab – Security Middleware Services ● For example, a database with a Web Services frontend and some kind of authorization process. ● Attacks may be possible against the DB or WS software ● But most likely is some form of “legitimate” attack using stolen credentials or holes in local policies ● We may see attackers using multiple services during an attack ● eg gather information on services, and then run Denial of Service attacks on them one by one ● These may be very difficult to distinguish from legitimate use of the services

6 14 October 2004A.McNab – Security Middleware Virtual Machines ● Running jobs or agents in Virtual Machines limits the possibilities for escalation attacks ● “I might be able to inject my evil code as a job, but I can't exploit vulnerabilities in the operating system to get root/admin access” (probably) ● Java is the most common example ● Designed from scratch with VM model in mind. ● Also more heavyweight ways of creating VMs that look more like “real” system ● Usermode Linux, Xen, VMware ● Vulnerable to similar set of attacks as Services.

7 14 October 2004A.McNab – Security Middleware Native execution ● However, many applications do not use Java ● Existing codebases (millions of lines?) in other languages ● Need non-VM environments for performance ● In this case, need to expose “bare iron” of the worker machines to legitimate users ● Dangers are that ● (1) Malicious user injects their code instead of a legitimate job/agent ● (2) Job execution service must have access to real environment. What if it has vulnerabilities?

8 14 October 2004A.McNab – Security Middleware Globus gatekeeper ● Globus gatekeeper currently used by LCG etc does this in a traditional Unix-like way ● It's a roll-your-own service written by Globus ● Runs as root and spawns off processes as users as their job requests come in ● This is the most straightforward way to do things ● But this approach has some obvious problems ● It's listening on the wire as root! ● It is open source but has a very small developer community – are there more attacker eyeballs than developers looking at it?

9 14 October 2004A.McNab – Security Middleware Apache/GridSite ● GridPP's GridSite also offers some types of native execution ● Instead of writing our own network code or running as root, we leverage the existing Apache project ● Millions of Apache websites; thousands of active developers of the code. ● Listens as non-privileged user. ● We just write the Grid Security extensions we need, and maintain them as an Apache module. ● Patches are issued promptly by Apache when vulnerabilities discovered.

10 14 October 2004A.McNab – Security Middleware Quality & maintenance ● Most attacks on pre-Grid systems are still because of vulnerabilities found in service software ● Buffer overflows etc. ● Grid software developers need to pay attention to this just as much as other Net service developers. ● We should try to leverage as much well-maintained software as possible. ● Design implementations that can be patched quickly, when vulnerabilities emerge. ● Avoid duplication, go for modularity. ● Think about the admin patching the service at 3am!

11 14 October 2004A.McNab – Security Middleware Predictions / summary ● Current wave of attacks and inter-site escalations via ssh will continue. ● Grid will continue to be “sexy”, on SlashDot, in Newscientist, in the spotlight etc. ● Attackers will start using Grid/PKI credentials for inter-site attacks. ● Attackers will notice the amount of roll-your-own services we use, with little code auditing/eyeballing. ● Admins / applications / site management will revolt when attacks become noticeable and burdensome. ● We will fall in love with maintainable services...

Download ppt "Middleware technology and software quality issues Andrew McNab Grid Security Research Fellow University of Manchester."

Similar presentations

INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite Slides by: Erwin Laure EGEE Deputy Middleware Manager.

INFSO-RI Enabling Grids for E-sciencE EGEE and gLite Slides by: Erwin Laure EGEE Deputy Middleware Manager.
Security middleware Andrew McNab University of Manchester.

Security middleware Andrew McNab University of Manchester.
Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.
29 June 2006 GridSite - www.gridsite.org - Andrew McNabwww.gridsite.org VOMS and VOs Andrew McNab University of Manchester.

29 June 2006 GridSite Andrew McNabwww.gridsite.org VOMS and VOs Andrew McNab University of Manchester.
Data Management Expert Panel - WP2. WP2 Overview.

Data Management Expert Panel - WP2. WP2 Overview.
Andrew McNab - Manchester HEP - 2 May 2002 Testbed and Authorisation EU DataGrid Testbed 1 Job Lifecycle Software releases Authorisation at your site Grid/Web.

Andrew McNab - Manchester HEP - 2 May 2002 Testbed and Authorisation EU DataGrid Testbed 1 Job Lifecycle Software releases Authorisation at your site Grid/Web.
Andrew McNab - Manchester HEP - 31 January 2002 Testbed Release in the UK Integration Team UK deployment TB1 Job Lifecycle VO: Authorisation VO: GIIS and.

Andrew McNab - Manchester HEP - 31 January 2002 Testbed Release in the UK Integration Team UK deployment TB1 Job Lifecycle VO: Authorisation VO: GIIS and.
Security Q&A OSG Site Administrators workshop Indianapolis August 6-7 2009 Doug Olson LBNL.

Security Q&A OSG Site Administrators workshop Indianapolis August Doug Olson LBNL.
Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester

Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester
The GridSite Security Framework Andrew McNab University of Manchester.

The GridSite Security Framework Andrew McNab University of Manchester.
Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.

Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.
20 March 2007 VOMS etc - www.gridsite.org - Andrew McNabwww.gridsite.org VOMS etc Andrew McNab University of Manchester.

20 March 2007 VOMS etc Andrew McNabwww.gridsite.org VOMS etc Andrew McNab University of Manchester.
Security Issues in Physics Grid Computing Ian Stokes-Rees OeSC Security Working Group 14 June 2005.

Security Issues in Physics Grid Computing Ian Stokes-Rees OeSC Security Working Group 14 June 2005.
Andrew McNab - Manchester HEP - 6 November 2001 www.gridpp.ac.uk Old version of website was maintained from Unix command line => needed (gsi)ssh access.

Andrew McNab - Manchester HEP - 6 November Old version of website was maintained from Unix command line => needed (gsi)ssh access.
Copyright B. Wilkinson, 2008. This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.

Copyright B. Wilkinson, This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.
Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.

Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
EGEE Security Area 13 May 2004 EGEE Security Area Stakeholders JRA3 middleware Architecture What we have for Unix and Java What.

EGEE Security Area 13 May 2004 EGEE Security Area Stakeholders JRA3 middleware Architecture What we have for Unix and Java What.
10 May 2007 HTTP - - User data via HTTP(S) Andrew McNab University of Manchester.

10 May 2007 HTTP - - User data via HTTP(S) Andrew McNab University of Manchester.
Andrew McNab - GACL - 16 Dec 2003 Grid Access Control Language Andrew McNab, University of Manchester

Andrew McNab - GACL - 16 Dec 2003 Grid Access Control Language Andrew McNab, University of Manchester

Similar presentations

Ads by Google