Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Willow System Implementation John C. Knight University of Virginia Dennis Heimbigner University of Colorado Intrusion Tolerance Through Secure System.

Published byErin Day Modified over 9 years ago

Similar presentations

Presentation on theme: "The Willow System Implementation John C. Knight University of Virginia Dennis Heimbigner University of Colorado Intrusion Tolerance Through Secure System."— Presentation transcript:

1 The Willow System Implementation John C. Knight University of Virginia Dennis Heimbigner University of Colorado Intrusion Tolerance Through Secure System Reconfiguration

2 2 The Willow Team University of Colorado:  Alexander Wolf, Dennis Heimbigner, Antonio Carzaniga  Naveed Arshad, Marco Castaldi, John Giacomoni  Nathan Ryan University of Virginia:  John Knight, Jonathan Hill,  Mike Tashbook, Phil Varner University of CA, Davis:  Prem Devanbu, Michael Gertz, Brian Toone

3 3 Aspects of Intrusion Tolerance Very Large Networks Interdependent Networks Heterogeneous Nodes Explicit Sense/Analyze/Respond Non-Local Faults Sequential Faults

4 4 Network Sensors Actuators Network State &Analysis Model Self Healing Tolerate Anticipated Faults Planned Posture Change System Update System Deployment External Input Dimensions of Intrusion Tolerance Secure & Decentralized Logical Structure

5 5 Interesting Scenario Very large network, crucial services Many OASIS elements operational in system System software upgrade underway (or your stuff) Several (<10) servers report e-mail with viruses:  Safely stop system software upgrade  Isolate local networks containing affected nodes E-mail attack worsens, wide area affected:  Safely stop local isolation process (no point)  Isolate critical databases, stop some applications  Etc.

6 6 Willow Architectural Issues Control loop interactions:  Asynchronous  Priority & resources  Conflicting goals Network scale:  State model  Wide area change Exceptions and results:  Dynamic network  Absolute vs. statistical  Aggregation? Target system actuation:  Lightweight  Standard interface & protocol Network Sensors Actuators Network State &Analysis Model Self Healing Tolerate Anticipated Faults Planned Posture Change System Update System Deployment External Input

7 7 Implementation Overview Coordination Management Proactive Reconfiguration Reactive Reconfiguration Other E.g., Offense Network Siena P/S Actuation External Entities Mediators Sensing

8 8 Implementation Overview Coordination Management Proactive Reconfiguration Reactive Reconfiguration Other E.g., Offense Network Siena P/S Actuation External Entities Mediators Sensing

9 9 Coordination Management Approach Hierarchical workflows Priorities Intention counsel (council?) Site-selective communication Distributed agent structure (Cougaar) Payload delivery

10 10 Cougaar Agent Structure PI Plan Asset (Attributes) Society (Abstract Child) Organizational (Abstract Child) Task Blackboard Pub/sub System

11 11 Willow Implementation Plug Ins Site selective command Work request receiver Resource allocation Intention counseling Payload delivery Payload support services

12 12 Willow Architecture Agents Wide Area Domain Local Area Domain Network Nodes

13 13 Site-Selective Command 1 2 payload 2 2 1 2

14 14 An Intrusion Tolerance Example Intention:=StopPropagatingVirus.StopEmailVirus At:=LAN(10<=emailVirusAlerts<=5 0000) AND NetworkNode(any) AND EmailServer(active) At:=WAN(any) Actuators shut down server Intention:=Parent+DisableCapability (Email).ShutdownServer Intention:=Parent+ReduceCapabil ity(Email).DisableAttachments At:=NetworkNode(administrator =false) AND EmailCient(active) Actuators disable attachments

15 15 An Intrusion Tolerance Example WAN LAN Network Nodes Email Clients and Servers Network Nodes

16 16 Example of Intention Council Intentions are compounded from most general to most specific intentions in layers (forced by specification)  Halt_Intrusions(Buffer).Uninstalling_Application(Excel) (Priority 7.1)  Countermeasure(VirusInfected,Containment).Activate(TrapDoorExcel) (Priority 8.2)  Repair_Application(Excel) Finite state machine with the following rule:  Do not repair applications that are recently uninstalled  Do not finish repairs of applications that are to be uninstalled Excel repair is cancelled if it is scheduled later, and is aborted/cancelled if it activated prior to arrival of the uninstall.

17 17 Implementation Overview Coordination, Resource Management Proactive Reconfiguration Reactive Reconfiguration Other E.g., Offense Network Siena P/S Actuation External Entities Mediators Sensing

18 18 Light-Weight Actuator Interface Goals  Remote management of applications and components Specifically to actuate reconfigurations  Light-weight mechanism capable of using new or existing mechanisms Approach  Define a standardized interface for managing a single component or application Coordinated actuation for multiple components  Based on a simple and general protocol  Minimal component support required Implemented by the managed component Architecture-based vs ad hoc

19 19 Dynamic Reconfiguration Single Component Reconfiguration Application Reconfiguration ? ? ?

20 20 Protocol System inspired by Network Management (SNMP)  Manipulation of “variables” to achieve effects  Get – determine component state  Set – set state; side effect can cause reconfiguration  Call – combination of set/get to achieve function calls  Notify – asynchronous output from component These variables are specified in a Component Description (similar to a MIB) The developer defines and “exports” the variables

21 21 Light-Weight Actuator Architecture Component Agent: per-component code that manages component-specific reconfiguration mechanisms  Implementation: in-component, wrapper, separate process Application Agent: per-application code that coordinates and delegates component-level reconfiguration Manager: the interface with the reconfiguration decision maker (automatic or manual) Application Agent Management Protocol Comp Description Manager Comp Component Agent Application Description Management Protocol

22 22 Field Reconfiguration Controller Configured Components Activated System Activated System Notification Service Models Agents Models Agents Configured Components Reconfiguration control and/or data channel Event channel Application control and/or data channel Component activation Component deactivation Standard reconfiguration interface Mediator + Authority Depot Models Agents Components Mediator Field Reconfiguration Controller Mediator Admin. Workbench Workflow Manager Recovery FSMs Willow Architecture

23 23 Example Component Based Application A A A A A A A A Application Agent Manager Willow Field Reconfiguration Controller (FRC)

24 24 Benefits of this Architecture General  The system is independent with respect to applications, operating systems,...  Component/Application Descriptions and Management Protocol specification allow interoperability with other management systems Scalable  Agents can be composed hierarchically E.g., Treat whole application as “component”  Manager coordinates and uses component-level agent to perform dynamic reconfiguration at the application level

25 25 Status Initial target application: Joint Battlespace Infosphere (JBI) tracking demonstration  Disseminators (Siena publish/subscribe servers) now reconfigure using standard interface  Next target: all fuselets comprising our JBI tracking demonstration Prototype Manager and Application Agents implemented Next step: J2EE reconfiguration

26 Questions?

Download ppt "The Willow System Implementation John C. Knight University of Virginia Dennis Heimbigner University of Colorado Intrusion Tolerance Through Secure System."

Similar presentations

Annual Conference of ITA ACITA 2009 Realising Management and Composition of Self-Managed Cells in Body Area Networks Alberto Schaeffer-Filho, Emil Lupu,

Annual Conference of ITA ACITA 2009 Realising Management and Composition of Self-Managed Cells in Body Area Networks Alberto Schaeffer-Filho, Emil Lupu,
Steve Lewis J.D. Edwards & Company

Steve Lewis J.D. Edwards & Company
A Cooperative Approach to Support Software Deployment Using the Software Dock by R. Hall, D. Heimbigner, A. Wolf Sachin Chouksey Ebru Dincel.

A Cooperative Approach to Support Software Deployment Using the Software Dock by R. Hall, D. Heimbigner, A. Wolf Sachin Chouksey Ebru Dincel.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
CIS 203 17 : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.

CIS : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.
Software Connectors Software Architecture. Importance of Connectors Complex, distributed, multilingual, modern software system functionality and managing.

Software Connectors Software Architecture. Importance of Connectors Complex, distributed, multilingual, modern software system functionality and managing.
Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.

Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors.

Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors.
Software Connectors. Attach adapter to A Maintain multiple versions of A or B Make B multilingual Role and Challenge of Software Connectors Change A’s.

Software Connectors. Attach adapter to A Maintain multiple versions of A or B Make B multilingual Role and Challenge of Software Connectors Change A’s.
Extensible Scalable Monitoring for Clusters of Computers Eric Anderson U.C. Berkeley Summer 1997 NOW Retreat.

Extensible Scalable Monitoring for Clusters of Computers Eric Anderson U.C. Berkeley Summer 1997 NOW Retreat.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors Software Architecture Lecture 7.

Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors Software Architecture Lecture 7.
EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
1 System support & Management Protocols Lesson 13 NETS2150/2850 School of Information Technologies.

1 System support & Management Protocols Lesson 13 NETS2150/2850 School of Information Technologies.
Course Instructor: Aisha Azeem

Course Instructor: Aisha Azeem
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors Software Architecture Lecture 7.

Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors Software Architecture Lecture 7.
What is Software Architecture?

What is Software Architecture?
31 January 2007Craig E. Ward1 Large-Scale Simulation Experimentation and Analysis Database Programming Using Java.

31 January 2007Craig E. Ward1 Large-Scale Simulation Experimentation and Analysis Database Programming Using Java.
KARMA with ProActive Parallel Suite 12/01/2009 Air France, Sophia Antipolis Solutions and Services for Accelerating your Applications.

KARMA with ProActive Parallel Suite 12/01/2009 Air France, Sophia Antipolis Solutions and Services for Accelerating your Applications.

Similar presentations

Ads by Google