Presentation is loading. Please wait.

Presentation is loading. Please wait.

MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites Jim Basney, Patrick Flanigan, Himanshu Khurana, Joe Muggli, Meenal Pant,

Published byMarylou Mathews Modified over 9 years ago

Similar presentations

Presentation on theme: "MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites Jim Basney, Patrick Flanigan, Himanshu Khurana, Joe Muggli, Meenal Pant,"— Presentation transcript:

1 MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites Jim Basney, Patrick Flanigan, Himanshu Khurana, Joe Muggli, Meenal Pant, Adam Slagell, Von Welch National Center for Supercomputing Applications

2 Mithril  ONR-funded project under the National Center for Advaced Secure Systems Research  Mithril is a fictional material from J.R.R. Tolkien's universe, Middle-earth. It is a precious silvery metal, stronger than steel but much lighter in weight. (from Wikipedia)  A mithril coat of mail provides strong protection but is light and flexible  Our project will develop adaptable site security mechanisms that maintain usability

3 Mithril Goals  Adaptable Security for Survivability Maintain high-level of openness and usability during normal operation Allow response by applying security counter-measures and adjusting level of service during heavy attack  In Collaborative Computing Sites Examples: NRL Center for Computational Science (CCS), NSF centers (NCSA, SDSC, PSC, NCAR), DOE Labs (NERSC, LBNL)

4 Collaborative Computing Sites  Support large, geographically distributed user communities NCSA has 7000+ users from all over the world  Enable pooling of distributed resources Intra and inter site Single sign-on Open networks  Provide a variety of general-purpose and specialized computing services

5 Motivator: Cyber Attacks of 2004  Series of attacks against a number of sites - DOE, NSF, commercial, Universities  Attacker compromised a large number of hosts and installed SSH Trojans to collect usernames and passwords Was careful not to otherwise disturb system so when undetected to a large degree  Used usernames and password to gain access to NCSA and other places, then other vulnerabilities to escalate privileges, install SSH trojan and repeat

6 Problem Statement  Site security mechanisms cannot change quickly to respond to emerging threats Handle a small number of compromised accounts as a matter of course  Leads to service interruptions when serious attacks occur Only defense is to take yourself off of the network  Need mechanisms for adaptable site security

7 Challenges  Must maintain usability and openness  Off-site users Vulnerabilities outside local site control  Leading-edge Research systems Heterogeneity Special-purpose platforms Obstacles to software roll-out

8 Bridging the Gap Computer Science Research Enterprise Security Management Systems

9 Approach preventiondetection response SURVIVABILITY

10 Approach preventiondetection response SURVIVABILITY Survivability Research Enterprise Security Management Systems Intrusion Detection Systems NCASSR Research

11 Existing Work  Survivable systems research: SABER, Willow, SITAR, APOD How can we bring survivability research into production?  Enterprise Security Management Systems SSH Tectia: Enterprise management of SSH services Doesn’t support unique site platforms (ex. IA64 Linux) Can we replicate this functionality for OpenSSH? ArcSight ESM, Symantec ESM, Lightning Console, etc. Are these systems applicable to our environments? cfEngine  Alert Correlation: TIAA  Intrusion Detection Systems: Prelude, Snort, Tripwire, etc. Mithril should integrate with these as possible Previous prelude automatic intrusion response work

12 Mithril Organization  SSH-based Key Management Lead: Jim Basney  Adaptable IDS for Survivability Lead: Von Welch  Secure Email for Incident Response Lead: Himanshu Khurana preventiondetection response SURVIVABILITY

13 Mithril Technology Choices  Prelude IDS Open source, extensible Extend with applied survivability and alert correlation research  SSH Ubiquitous Extend to add key management  SELS Prior NCASSR work in secure group email communication

14 Mithril Architecture

15 Managing Remote Login Services  Remote login is arguably the most essential service provided by collaborative computing sites today  SSH is very configurable Wide variety of authentication mechanisms Many options for security restrictions  SSH can be an effective site access control point  Plans: Develop an OpenSSH key management subsystem and ssh-remote-agent Develop management system for Kerberos Telnet

16 SSH Key Management  SSH public key authentication provides single sign-on  SSH keys can be difficult to manage Keys scattered onto multiple machines Unencrypted or encrypted with poor passwords No lifetime restrictions, no revocation capability  OpenSSH credential management service Private keys generated and stored on locked-down key server, public keys distributed Authentication uses ssh-agent protocol link to key server that retains private key Provides revocation capabilities

17 SSH Key Management SSH Key Server Maintains private RSA keys Client Authenticates via site mechanisms e.g. Kerberos, OTP Client accesses private RSA key via ssh-agent Public Key Distribution RSA-authenticated access Compute Resource

18 Adaptability: OTP Deployment  One Time Password tokens are costly and inconvenient for routine use by NCSA users  In case of sustained, large-scale attack, transition resources to high-security mode Update SSH configurations to temporarily require OTP hardware token authentication Distribute tokens to priority users via overnight mail  Keep serving small number of high-priority users during intrusion response / clean-up

19 Adaptable/Reactive IDS  Match monitoring precision with current threat level Host-based IDS competes for cycles with high performance computing jobs  Detect violations of current policy Sites like NCSA are flooded with scans, brute-force attacks, buffer overflow attempts, etc. Apply correlation of events to detect the “real attackers” and filter out the script kiddies  Activate OTP-only policy -> kill non-OTP processes

20 Secure Email Services  Needed for intrusion detection and coordinating intrusion response Monitoring and IDS processes send alerts via email Need for system administrators to communicate securely (signed, encrypted) across-site when under ongoing attack Need intrusion tolerant system so attackers can’t eavesdrop  SELS: Secure Email List Services Solution developed under NCASSR program with deployability and usability in mind Provide encryption and signature support for Mailing Lists Use GPG at client, Mailman plug-in at List Server

21 SELS  SELS provides intrusion tolerance by using proxy encryption techniques Enables the List Server to transform encrypted messages exchanged between list subscribers without requiring access to the message contents.  We have developed proxy encryption techniques using the El Gamal crypto-system that allow us use standard ElGamal public/private keys and encryption/decryption algorithms.  Integrated with GPG toolkit to facilitate client deployment.  Mailman plug-in on server side

22 Thank you  Questions?  Email: vwelch@ncsa.uiuc.eduvwelch@ncsa.uiuc.edu  Project URL: http://security.ncsa.uiuc.edu/research/mithril/http://security.ncsa.uiuc.edu/research/mithril/  Work funded by ONR as part of NCASSR  http://www.ncassr.org http://www.ncassr.org This material is based upon work supported by the Office of Naval Research under Award No. N00014-04-1-0562 Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the author(s) and do not necessarily reflect the views of the Office of Naval Research.

Download ppt "MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites Jim Basney, Patrick Flanigan, Himanshu Khurana, Joe Muggli, Meenal Pant,"

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
MyProxy: A Multi-Purpose Grid Authentication Service

MyProxy: A Multi-Purpose Grid Authentication Service
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.

National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
University of Maryland I.T. Security Gerry Sneeringer IT Security Officer

University of Maryland I.T. Security Gerry Sneeringer IT Security Officer
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

Similar presentations

Ads by Google