1 / 23

MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

Develop adaptable site security mechanisms to maintain usability and adjust security measures during attacks on collaborative computing sites.

jacobsm
Télécharger la présentation

MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MITHRIL:Adaptable Security for Survivability in Collaborative Computing Sites NCSA: Von Welch, Jim Basney, Himanshu Khurana NRL CCS: Ken Hornstein PNNL: TBD

  2. Mithril • Mithril is a fictional material from J.R.R. Tolkien's universe, Middle-earth. It is a precious silvery metal, stronger than steel but much lighter in weight. (from Wikipedia) • A mithril coat of mail provides strong protection but is light and flexible • Our project will develop adaptable site security mechanisms that maintain usability MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  3. Mithril • Adaptable Security for Survivability • Maintain high-level of openness and usability during normal operation • Apply security counter-measures and adjust level of service during heavy attack • In Collaborative Computing Sites • Examples: NRL Center for Computational Science (CCS), NSF centers (NCSA, SDSC, PSC, NCAR), DOE Labs (NERSC, LBNL) MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  4. Problem Statement • Site security mechanisms cannot change quickly to respond to emerging threats • Leads to service interruptions when serious attacks occur • Need mechanisms for adaptable site security MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  5. Threats of Primary Concern • Compromised accounts • Passwords and keys obtained from off-site compromises • Compromise spreads across sites • Large number of account compromises overwhelm manual containment practices • Privilege escalation • Remote exploits MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  6. Collaborative Computing Sites • Support large, geographically distributed user communities • Enable pooling of distributed resources • Single sign-on • Open networks • Provide a variety of general-purpose and specialized computing services MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  7. Challenges • Must maintain usability and openness • Off-site users • Vulnerabilities outside local site control • Research systems • Heterogeneity • Special-purpose platforms • Obstacles to software roll-out MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  8. Bridging the Gap Computer Science Research Enterprise SecurityManagement Systems MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  9. Approach prevention detection SURVIVABILITY response MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  10. Approach IntrusionDetectionSystems SurvivabilityResearch prevention detection SURVIVABILITY EnterpriseSecurityManagementSystems NCASSRResearch response MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  11. Existing Work • Survivable systems research: SABER, Willow, SITAR, APOD • How can we bring survivability research into production? • Enterprise Security Management Systems • SSH Tectia: Enterprise management of SSH services • Doesn’t support unique site platforms (ex. IA64 Linux) • Can we replicate this functionality for OpenSSH? • ArcSight ESM, Symantec ESM, Lightning Console, etc. • Are these systems applicable to our environments? • Intrusion Detection Systems: Prelude, Snort, Tripwire, etc. • Mithril should integrate with these as possible MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  12. Leveraging NCASSR Y2 • Credential Management Services • Policy and Key Management for Secure Group Communication • SDR Policy Enforcement System • Cluster Security (NVisionCC) • PKI Testbed MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  13. Focus on Site Needs • TeraGrid sites need to maintain open environment in face of targeted attacks • NCSA is committed to an adaptable security infrastructure • Partnership with NRL CCS MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  14. Adaptability: OTP Deployment • One Time Password tokens are costly and inconvenient for routine use by NCSA users • In case of sustained, large-scale attack, transition resources to high-security mode • Update SSH configurations to temporarily require OTP hardware token authentication • Distribute tokens to priority users via overnight mail • Keep serving small number of high-priority users during intrusion response / clean-up MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  15. Project Organization • SSH Management (Basney) • Continuous Biometric Authentication (PNNL) • Adaptable IDS (Welch) • Secure Email for Incident Response (Khurana) • Survivability Management System (Welch) • NRL Requirements and Evaluation (Hornstein) prevention detection SURVIVABILITY response MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  16. Managing Remote Login Services • Remote login is arguably the most essential service provided by collaborative computing sites today • SSH is very configurable • Wide variety of authentication mechanisms • Many options for security restrictions • SSH can be an effective site access control point • Plans: • Develop an OpenSSH management subsystem • Develop management system for Kerberos Telnet MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  17. SSH Key Management • SSH public key authentication provides single sign-on • SSH keys can be difficult to manage • Unencrypted or encrypted with poor passwords • No lifetime restrictions • No revocation capability • OpenSSH credential management service • Delivers keys to ssh-agent, not written to disk • Provides revocation capabilities MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  18. Continuous Biometric Authentication • Authenticate the user throughout their session • Monitor mouse movement and keystroke timing • Build on existing work at PNNL for Windows • Apply to Unix systems Mouse velocity distributions of different users (PNNL) MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  19. Adaptable/Reactive IDS • Match monitoring precision with current threat level • Host-based IDS competes for cycles with high performance computing jobs • Detect violations of current policy • Activate OTP-only policy-> kill non-OTP processes MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  20. Secure Email Services • Needed for intrusion detection and coordinating intrusion response • Monitoring and IDS processes send alerts via email • Need for system administrators to communicate securely (signed, encrypted) across-site when under ongoing attack • Need intrusion tolerant system so attackers can’t eavesdrop Himanshu Khurana, Adam Slagell, and Rafael Bonilla. SELS: A Secure E-mail List Service. In proceedings of the Security Track of the ACM Symposium on Applied Computing (SAC), March 2005. MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  21. Survivability Management • Provide a management interface to site-wide security policies • Integrate SSH and IDS adaptation into security management console MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  22. Technology Transfer • Design for deployment at NCSA and NRL • Focus on immediate needs identified by NCSA and NRL production security personnel • Open source software distribution • Modeling and evaluation of survivability approach for collaborative computing sites MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

  23. Mithril continuous biometric authentication SSH key protection prevention detection SURVIVABILITY adaptable IDS secure email response SSH key revocation reactive IDS SSH/telnet policy changes MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites

More Related