Presentation is loading. Please wait.

Presentation is loading. Please wait.

SECURITY, QoS, and (File) Content Differentiation -Sujeeth Narayan -Ankur Patwa -Francisco Torres.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SECURITY, QoS, and (File) Content Differentiation -Sujeeth Narayan -Ankur Patwa -Francisco Torres."— Presentation transcript:

1 SECURITY, QoS, and (File) Content Differentiation -Sujeeth Narayan -Ankur Patwa -Francisco Torres

2 Introduction A new policy based document sharing application  Differentiation of document sections according to intended user roles.  Secure transfer of information with QoS  Alert on receiving information based on document priority labeling

3 What would be used? LDAP – for authentication and credentials Bandwidth reservation + GRE Tunnels – for file transfer  PasTMon tool + Tunneling for inter-network exchange  RSVP + Tunneling for intra-network exchange XML Parser – for parsing a document to be sent Different modes of sending a new message alert  Voice message  Email  SMS

4 Overview

5 Components Cluster of Servers  LDAP Authentication  XML Parsing Service  Notification Service  File Transfer service Cluster of File Systems  Document distribution Client side tool  Proposed Tool

6 Proposed Tool Allow user to classify the information Insert xml tags differentiating between classified information Encrypt the document and send it to xml parser

7 1.Login to LDAP 2.Download user Credentials 3.Sets the user priority value 4.Routing decision based on priority 5.Intranet Routing with RSVP/GRE Tunnel if needed 6.Internet Routing with decisions based on QoS measured. 1 2 3 3 12 3 Scenario 1

8 Scenario 2 Encrypted document Choose best option between DMZ and User’s X500 Encrypted document User’s Private Key XML Parser decrypts document using Public Key and makes copies of it Based on list of receivers, XML sends their copies to receivers’X500 If Receiver is on-line, document is delivered; otherwise, a notice will be sent to him IF document has been labeled as URGENT An User logs into the system, and then sends a document

9 Scenario 3 An User logs into the system, and a document is waiting for him User logs in: a)Normal Session b)As result of a notice sent by the system DMZ where user got authenticated, checks with user’s X500 for a potential document for him X500 verifies the existence of the document, and sends it back to DMZ Document delivered to user

10 Conclusion Future work  Research of QoS implementation in this project  Bell-Lapadula Model (write-down/read-up)?  Images, Sound, Videoconferences? How to differentiate these on such a scenario?

11 Conclusion References  Protection: http://www.research.microsoft.com/~lampson/09-protection/Acrobat.pdfhttp://www.research.microsoft.com/~lampson/09-protection/Acrobat.pdf  Identity Systems: http://books.nap.edu/html/id_questions/http://books.nap.edu/html/id_questions/  Trusted Computer System Evaluation Criteria: http://www.boran.com/security/tcsec.htmlhttp://www.boran.com/security/tcsec.html  Security of the Internet: http://www.cert.org/encyc_article/tocencyc.htmlhttp://www.cert.org/encyc_article/tocencyc.html  Int. to Computer Security: http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdfhttp://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf  Designing an Authentication System: http://web.mit.edu/kerberos/www/dialogue.htmlhttp://web.mit.edu/kerberos/www/dialogue.html  Home Network Security: http://www.cert.org/tech_tips/home_networks.htmlhttp://www.cert.org/tech_tips/home_networks.html  Open Shortest Path First (OSPF): http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/ospf.htm http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/ospf.htm  How routing algorithms work: http://computer.howstuffworks.com/routing-algorithm3.htmhttp://computer.howstuffworks.com/routing-algorithm3.htm  Wired-Wireless Network Architectures: http://www.symbol.com/category.php?fileName=WP- 32_network_architectures.xmlhttp://www.symbol.com/category.php?fileName=WP- 32_network_architectures.xml  pasTmon Tool : www.pastmon.sourceforge.netwww.pastmon.sourceforge.net  RSVP: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/rsvp.htmhttp://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/rsvp.htm  GRE with RSVP: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008 01982ae.shtml http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008 01982ae.shtml  Open LDAP: http://www.openldap.org/http://www.openldap.org/  X 500: http://www.terena.nl/library/gnrt/specialist/x500.htmlhttp://www.terena.nl/library/gnrt/specialist/x500.html

12 Questions??

Download ppt "SECURITY, QoS, and (File) Content Differentiation -Sujeeth Narayan -Ankur Patwa -Francisco Torres."

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Secure Socket Layer.

Secure Socket Layer.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access to Internal Resources.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.

Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Microsoft Windows XP Remote Desktop Alvin Loh Program Manager Terminal Services Group.

Microsoft Windows XP Remote Desktop Alvin Loh Program Manager Terminal Services Group.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 14 Remote Access.

MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 14 Remote Access.
E-mail Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.
Masud Hasan 03-60-475 Secure Email Project 1. Secure Email It uses Digital Certificate combined with S/MIME capable email clients to digitally sign and.

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
CertifiedMail Secure Messaging “Enterprise Encrypted Messaging… Hosted or In House Flexibility” Confidential – for authorized and internal distribution.

CertifiedMail Secure Messaging “Enterprise Encrypted Messaging… Hosted or In House Flexibility” Confidential – for authorized and internal distribution.
Managing Client Access

Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.

Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.

Similar presentations

Ads by Google