Presentation is loading. Please wait.

Presentation is loading. Please wait.

CTO Office Reliability & Security Distinctions and Interactions Hal Lockhart BEA Systems.

Published byTracy Washington Modified over 9 years ago

Similar presentations

Presentation on theme: "CTO Office Reliability & Security Distinctions and Interactions Hal Lockhart BEA Systems."— Presentation transcript:

1 CTO Office Reliability & Security Distinctions and Interactions Hal Lockhart BEA Systems

2 CTO SOA; Slide 2 Topics Similarities and differences Denial of Service Layering Principles Security Services Reliability Services Combining Security and Reliability

3 CTO SOA; Slide 3 Are Security & Reliability Different? Some Security Objectives  Service availability  Error detection  Prevent data loss  Prevent data duplication or reordering Some Reliability Objectives  Service availability  Error detection  Prevent data loss  Prevent data duplication or reordering

4 CTO SOA; Slide 4 Information Security Definition Technologies and procedures intended to implement organizational policy in spite of human efforts to the contrary. Suggested by Authorization Applies to all security services Protection against accidents is incidental Suggests four areas of attention

5 CTO SOA; Slide 5 Information Security Areas Policy determination  Expression: code, permissions, ACLs, Language  Evaluation: semantics, architecture, performance Policy enforcement  Maintain integrity of Trusted Computing Base (TCB)  Enforce variable policy

6 CTO SOA; Slide 6 Reliability Service Protects against accidental errors Services available in spite of random failures Many distinct guarantees possible  Data complete  Data in order  No duplication  End to end transactions  Queue to queue transactions Can be combined with security mechanisms

7 CTO SOA; Slide 7 Different Assumptions Reliability: messages come from cooperating entity Security: network is untrusted  Any message can be read by attackers  Any message can be modified by attackers  Assume some Trusted Computing Base (TCB) Reliability  Check CRC – retransmit  Ignore low probability events Security  Use secure hash function, e.g. SHA1  Assume any event sequence is possible

8 CTO SOA; Slide 8 Denial of Service Commonly misunderstood Attacker modifies every message  Even if modifications are detected – zero throughput  Attack is easily detected and source located  No benefit to attack Must assume “enough” messages get through

9 CTO SOA; Slide 9 Types of Denial of Service Type 1 – Silver Bullet  Some message(s) cause crash  Example: Ping O’ Death  Clearly a bug, not in specification or design Type 2 – Amplifier Attack  Small attacker effort - big effect  Example: Smurf  Harder to fix, possibly alter specification or design Type 3 – Flood Attack  Overload slows server to a crawl  Examples: Distributed attack against public web servers  May be indistinguishable from legitimate usage  May be no real way to fix  Important to identify and locate source

10 CTO SOA; Slide 10 Layering Layer 3 Layer 2 Layer 1 Layer 3 Layer 2 Layer 1

11 CTO SOA; Slide 11 Layering Principles A form of encapsulation Corresponding layers communicate via peer protocol Messages pass through all active layers Guidelines  Layers must operate sequentially  Layers must operate on distinct data  Layers should not duplicate each other Composability  Stronger condition  Layers may be omitted

12 CTO SOA; Slide 12 Composable Services WS Consumer Travel Agency Web Service Airline Reservation Web Service Hotel Reservation Web Service Rental Car Reservation Web Service

13 CTO SOA; Slide 13 Composable Layers Routing Reliability Security Routing Security Routing Reliability or

14 CTO SOA; Slide 14 Basic Security Services Not relevant to Reliability  Authentication  Confidentiality (encryption)  Authorization Integrity service  Check signature  Discard invalid Non-duplication service  Integrity service  Include nonce and timestamp under signature  Discard if nonce is duplicated or message too old

15 CTO SOA; Slide 15 Basic Reliability Service Reliability in face of network failures Implementation  Number all messages  Request retransmission if out of order message received  Discard duplicate messages  Present data in order  Care must be taken when ending session – flush data  Efficiency considerations TCP does this  HTTP can start and stop TCP sessions  SOAP can travel over multiple protocols, not just HTTP

16 CTO SOA; Slide 16 End to End Reliability Ensure consistency and recovery in face of node failures as well as network failures Two levels  Distributed transactions  ACID properties  Application rollback on error  Not feasible for loosely coupled systems  Queue to queue transactions  Acid properties from queue to queue (no loss, no duplicates)  Rollback by compensating transactions only (hard)  Desirable approach for public web services

17 CTO SOA; Slide 17 Combining Security & Reliability Security should be below Reliability  Discard invalid messages  Reliability (if present) will retransmit  SSL/TLS are “broken” in this regard Security should be below other layers  Validate signatures  Decrypt data  Issue: must pass along metadata with message (e.g. what was signed, who was authenticated) Security & Reliability could be intertwined  Loss of composibility

18 CTO SOA; Slide 18 Summary Security and Reliability share some goals, but  Reliability assumes random errors  Security assumes human attacks Several distinct types of Denial of Service Denial of service is not necessarily bad, if we know it is happening and can locate the source Composability of services is desirable Security can detect modified and duplicated data Reliability can protect against network failures alone or network and system failures Queue to queue transactions are useful for B2B Security should be the bottom layer

Download ppt "CTO Office Reliability & Security Distinctions and Interactions Hal Lockhart BEA Systems."

Similar presentations

Qusay H. Mahmoud CIS*6650.01 1 CIS*6650.01 Service-Oriented Computing Qusay H. Mahmoud, Ph.D.

Qusay H. Mahmoud CIS* CIS* Service-Oriented Computing Qusay H. Mahmoud, Ph.D.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
OSI Model OSI LAYER / MODEL.

OSI Model OSI LAYER / MODEL.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
CMPE208 Presentation Terminal Access Controller Access Control System Plus (TACACS+) By MARVEL (Libing, Bhavana, Ramya, Maggie, Nitin)

CMPE208 Presentation Terminal Access Controller Access Control System Plus (TACACS+) By MARVEL (Libing, Bhavana, Ramya, Maggie, Nitin)
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.

 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.

Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.
Denial of Service Resilience in Ad Hoc Networks Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly Designed by Yao Zhao.

Denial of Service Resilience in Ad Hoc Networks Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly Designed by Yao Zhao.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Ch 12 Distributed Systems Architectures

Ch 12 Distributed Systems Architectures

Similar presentations

Ads by Google