Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 APOD 10/19/2015 DOCSEC 2002Christopher Jones Defense Enabling Using QuO: Experience in Building Survivable CORBA Applications Chris Jones Partha Pal,

Published byRandolf Norman Modified over 9 years ago

Similar presentations

Presentation on theme: "1 APOD 10/19/2015 DOCSEC 2002Christopher Jones Defense Enabling Using QuO: Experience in Building Survivable CORBA Applications Chris Jones Partha Pal,"— Presentation transcript:

1 1 APOD 10/19/2015 DOCSEC 2002Christopher Jones Defense Enabling Using QuO: Experience in Building Survivable CORBA Applications Chris Jones Partha Pal, Franklin Webber BBN Technologies QuO & APOD

2 2 APOD 10/19/2015 DOCSEC 2002Christopher Jones APOD Overview APOD is toolkit of mechanism wrappers and adaptation strategies that allows an application to use security mechanisms to dynamically adapt to a changing environment We believe that adaptation increases an application’s resiliency to certain kinds of attacks APOD uses QuO, which provides an application with adaptation.

3 3 APOD 10/19/2015 DOCSEC 2002Christopher Jones Quo Overview QuO is a middleware system that offers an application the ability to adapt to the changing environment in which it is running. –Host resources (CPU and memory) usage –Network resource availability –Intrusion status The adaptive code is separated into a QuO “qosket” for reuse. –A qosket is a set of specifications and implementations that define a quality of service module. It can be added into a distributed object application with minimum impact on the application

4 4 APOD 10/19/2015 DOCSEC 2002Christopher Jones QuO Overview (cont.) Quality Description Languages (QDL) –Contract description language, adaptive behavior description language –Code generators that generate Java and C++ code for contracts, delegates, creation, and initialization System Condition Objects –Provide interfaces to resources, managers, and mechanisms QuO Runtime Kernel –Contract evaluator –Factory object which instantiates contract and system condition objects

5 5 APOD 10/19/2015 DOCSEC 2002Christopher Jones QuO Architecture Application Developer Mechanism Developer CLIENT Network operation() in args out args + return value IDL STUBS IDL SKELETON OBJECT ADAPTER ORB IIOP ORB IIOP CLIENT OBJECT (SERVANT) OBJECT (SERVANT) OBJ REF CLIENT Delegate Contract SysCond Contract Network MECHANISM/PROPERTY MANAGER operation() in args out args + return value IDL STUBS Delegate SysCond IDL SKELETON OBJECT ADAPTER ORB IIOP ORB IIOP CLIENT OBJECT (SERVANT) OBJECT (SERVANT) OBJ REF Application Developer QuO Developer Mechanism Developer CORBA DOC MODEL QUO/CORBA DOC MODEL

6 6 APOD 10/19/2015 DOCSEC 2002Christopher Jones APOD Description We believe that by adapting to and trying to control its environment, an application can increase its chances of survival under attack –Use QuO to integrate multiple security mechanisms into a coherent strategy for adaptation –Use mechanisms where they exist to harden or protect an application, a resource, or a service Tie security information to the adaptation of an application through the QuO system condition objects

7 7 APOD 10/19/2015 DOCSEC 2002Christopher Jones Defense-Enabled Application Competes With Attacker for Control of Resources Application Attacker Raw Resources CPU, bandwidth, files... QoS Management CryptoCrypto OSs and NetworkIDSsFirewalls

8 8 APOD 10/19/2015 DOCSEC 2002Christopher Jones APOD Mechanisms Network and Host Sensors –Snort is a lightweight network intrusion detection system –Tripwire for detecting file systems integrity violations Actuators –Network traffic filters - Iptables –File systems recovery – secure backup Dependability management using replication –Aqua – replication system from University of Illinois, Urbana- Champaign –APOD Bus – mechanism for publishing data about application’s status and for maintaining replicas of application processes Bandwidth Management –Intserv (RSVP, SecureRSVP) and Diffserv Access Control –NAI’s OO-DTE at the interceptor layer

9 9 APOD 10/19/2015 DOCSEC 2002Christopher Jones APOD Strategies QuO’s contract language is used to define defensive strategies Example strategies include –containment, which uses snort and iptables to detect and limits the extent of attacks –outrun, uses dependability with replication to move away from attacks.

10 10 APOD 10/19/2015 DOCSEC 2002Christopher Jones APOD Red-teaming Experimentation Sandia labs redteam attacks an APOD enabled application Test the added value of APOD to an application –Also, analyzing the overhead of APOD Application has three pieces; client, image server, and broker. The broker is responsible for hooking clients requesting images to the server that can provide those images Two broker components are maintained by the APOD bus on a set of hosts. Each of these hosts is running a qosket implementing a containment strategy –Using snort and tripwire as sensors and iptables and the bus to react to attack detections.

11 11 APOD 10/19/2015 DOCSEC 2002Christopher Jones APOD Redteam Example Server 3 Server 1 Client 1 Client 2 Server 2 APOD bus Broker 2 Broker 1 Subscribe/ Unsubscribe Publish/ Unpublish Server ready/ Server gone Subscribe/ Unsubscribe Publish/ Unpublish Publish/ Unpublish Server ready/ Server gone

12 12 APOD 10/19/2015 DOCSEC 2002Christopher Jones Experimentation Configuration Testing environment of 14 hosts on 4 subnets. broker4_1broker4_2server4.1.4.1.3.2 192.168.4 (IPNET4).2.3.4 BBS Experiment Control, external waypoint.1 162.168.251 VPN/ Interne t 192.168.1 (IPNET1).2.3.4 BBS broker1_1broker1_2server1 192.168.70 (IPNET2).21 autobot.2.3.4 BCB broker2_1broker2_2client2 192.168.3 (IPNET3).2.3.4.5 CBBS broker3_1broker3_2server3client3 router_ipnet_2 router_ipnet_4 router_ipnet_1 router_ipnet_3 badguy1.101

13 13 APOD 10/19/2015 DOCSEC 2002Christopher Jones Red-teaming Attack and Preliminary Results With APOD and the configuration, the redteam was forced to combine three different attacks to cause a denial of service of the broker –The three attack are: ARP cache poisoning, Spoofing scan, connection flooding –The combined attacks took 5 minutes and we have implemented counter defenses APOD has added value and the method call latency overhead of QuO and APOD to application is very small (~.3 msec.) –note: encryption at interceptor layer not included, but measured by APOD team as roughly 500 msec per method call »using symmetric encryption can improve this number. –Ipsec overhead compared to interceptor layer is very small

14 14 APOD 10/19/2015 DOCSEC 2002Christopher Jones What APOD would like from DOC security Better elimination of software flaws in ORB implementations Standardized support across CORBA implementations for –pluggable transports –interceptors “Knobs and Dials” at ORB and service level to adjust security –Easy configuration of ORB’s port selection dynamically under middleware control. »Specific ports or range of ports »How to select the next port to use Configuration of timeouts and how to deal with them.

15 15 APOD 10/19/2015 DOCSEC 2002Christopher Jones Conclusion The red teaming has been extremely useful for APOD –Validated our work and “stress test” our defenses CORBA support needs to be as secure and uniform as possible –Found lack of uniformity in implementations –Trusting the ORB is secure Websites: –QuO: www.dist-systems.bbn.com/tech/QuO –APOD: www.dist-systems.bbn.com/projects/APOD

Download ppt "1 APOD 10/19/2015 DOCSEC 2002Christopher Jones Defense Enabling Using QuO: Experience in Building Survivable CORBA Applications Chris Jones Partha Pal,"

Similar presentations

1 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Toolkit for Creating Adaptable Distributed Applications Joe Loyall www.dist-systems.bbn.com/projects/OIT.

1 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Toolkit for Creating Adaptable Distributed Applications Joe Loyall
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 12 Slide 1 Distributed Systems Design 2.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 12 Slide 1 Distributed Systems Design 2.
Common Object Request Broker Architecture (CORBA) By: Sunil Gopinath David Watkins.

Common Object Request Broker Architecture (CORBA) By: Sunil Gopinath David Watkins.
1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,

1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,
A brief look at CORBA. What is CORBA Common Object Request Broker Architecture developed by OMG Combine benefits of OO and distributed computing Distributed.

A brief look at CORBA. What is CORBA Common Object Request Broker Architecture developed by OMG Combine benefits of OO and distributed computing Distributed.
CORBA Case Study By Jeffrey Oliver March 2003. March 17, 2003CORBA Case Study by J. T. Oliver2 History The CORBA (Common Object Request Broker Architecture)

CORBA Case Study By Jeffrey Oliver March March 17, 2003CORBA Case Study by J. T. Oliver2 History The CORBA (Common Object Request Broker Architecture)
1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.

CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
A First Java ORB Application 1  Object Request Broker (ORB)  This is the object manager in CORBA  Mechanisms for specifying interfaces  Interface Definition.

A First Java ORB Application 1  Object Request Broker (ORB)  This is the object manager in CORBA  Mechanisms for specifying interfaces  Interface Definition.
1 8/99 IMIC Workshop 6/22/2015 New Network ServicesJohn Zinky BBN Technologies The Need for A Network Resource Status Service IMIC Workshop 1999 Boston.

1 8/99 IMIC Workshop 6/22/2015 New Network ServicesJohn Zinky BBN Technologies The Need for A Network Resource Status Service IMIC Workshop 1999 Boston.
A Mobile Agent Infrastructure for QoS Negotiation of Adaptive Distributed Applications Roberto Speicys Cardoso & Fabio Kon University of São Paulo – USP.

A Mobile Agent Infrastructure for QoS Negotiation of Adaptive Distributed Applications Roberto Speicys Cardoso & Fabio Kon University of São Paulo – USP.
1 5/4/99ISORC ‘99 BBN Technologies An Object-level Gateway Supporting Integrated Property Quality of Service Rick Schantz John Zinky, David Karr, Dave.

1 5/4/99ISORC ‘99 BBN Technologies An Object-level Gateway Supporting Integrated Property Quality of Service Rick Schantz John Zinky, David Karr, Dave.
OPX PI Meeting 2002 February 21 -- page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.

OPX PI Meeting 2002 February page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.
Distributed Systems Architecture Presentation II Presenters Rose Kit & Turgut Tezir.

Distributed Systems Architecture Presentation II Presenters Rose Kit & Turgut Tezir.
1 4/20/98ISORC ‘98 BBN Technologies Specifying and Measuring Quality of Service in Distributed Object Systems Joseph P. Loyall, Richard E. Schantz, John.

1 4/20/98ISORC ‘98 BBN Technologies Specifying and Measuring Quality of Service in Distributed Object Systems Joseph P. Loyall, Richard E. Schantz, John.
1 05/01/02ISORC 2002 BBN Technologies Joe Loyall Rick Schantz, Michael Atighetchi, Partha Pal Packaging Quality of Service Control Behaviors for Reuse.

1 05/01/02ISORC 2002 BBN Technologies Joe Loyall Rick Schantz, Michael Atighetchi, Partha Pal Packaging Quality of Service Control Behaviors for Reuse.
BBN Technologies Craig Rodrigues Gary Duzan QoS Enabled Middleware: Adding QoS Management Capabilities to the CORBA Component Model Real-time CCM Meeting.

BBN Technologies Craig Rodrigues Gary Duzan QoS Enabled Middleware: Adding QoS Management Capabilities to the CORBA Component Model Real-time CCM Meeting.
1 21 July 00 Joint PI Meeting FTN Applications that Participate in their Own Defense (APOD) BBN Technologies Franklin Webber, Ron Scott, Partha Pal, Michael.

1 21 July 00 Joint PI Meeting FTN Applications that Participate in their Own Defense (APOD) BBN Technologies Franklin Webber, Ron Scott, Partha Pal, Michael.
1 Using Quality Objects (QuO) Middleware for QoS Control of Video Streams BBN Technologies Cambridge, MA Craig.

1 Using Quality Objects (QuO) Middleware for QoS Control of Video Streams BBN Technologies Cambridge, MA Craig.
1 APOD 10/5/2015 NCA 2003Christopher Jones APOD Network Mechanisms and the APOD Red-team Experiments Chris Jones Michael Atighetchi, Partha Pal, Franklin.

1 APOD 10/5/2015 NCA 2003Christopher Jones APOD Network Mechanisms and the APOD Red-team Experiments Chris Jones Michael Atighetchi, Partha Pal, Franklin.

Similar presentations

Ads by Google