1 / 22

Defense Enabling Using Advanced Middleware: An Example

Defense Enabling Using Advanced Middleware: An Example. Franklin Webber, Partha Pal, Richard Schantz, Michael Atighetchi, Joseph Loyall BBN Technologies. QuO. Defense-Enabled Software Applications.

norina
Télécharger la présentation

Defense Enabling Using Advanced Middleware: An Example

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Defense Enabling Using Advanced Middleware: An Example Franklin Webber, Partha Pal, Richard Schantz, Michael Atighetchi, Joseph Loyall BBN Technologies QuO

  2. Defense-Enabled Software Applications Some software applications can be given increased resistance to malicious attack even though the environment in which they run is untrustworthy. Any such application is “defense-enabled”.

  3. Research On Defense Enabling Sponsored by DARPA/ATO Part of Fault-Tolerant Networking Program

  4. A Distributed Military Application

  5. A Cyber-Attack Hacked!

  6. An Abstract View Data User Data Source Data Processing (Fusion, Analysis, Storage, Forwarding, etc.) Attacker

  7. Traditional Security Application Attacker Trusted OSs and Network Private Resources Limited Sharing Private Resources

  8. Most OSs and Networks In Common Use Are Untrustworthy Application Attacker OSs and Network Private Resources Limited Sharing Private Resources

  9. Cryptographic Techniques Can Block (Most) Direct Access to Application C r y p t o Application Attacker OSs and Network OSs and Network Private Resources Limited Sharing Private Resources

  10. Firewalls Block Some Attacks; Intrusion Detectors Notice Others C r y p t o Application Attacker OSs and Network IDSs Firewalls Raw Resources CPU, bandwidth, files...

  11. Defense-Enabled Application Competes With Attacker for Control of Resources C r y p t o Attacker Application QoS Management OSs and Network IDSs Firewalls Raw Resources CPU, bandwidth, files...

  12. QuO Adaptive Middleware Technology • QuO is DARPA Quorum developed middleware that provides: • interfaces to property managers, each of which monitors • and controls an aspect of the Quality of Service (QoS) • offered by an application; • specifications of the application’s normal and alternate • operating conditions and how QoS should depend • on these conditions. • QuO has integrated managers for several properties: • dependability (DARPA’s Quorum AQuA project) • communication bandwidth • (DARPA’s Quorum DIRM project) • real-time processing • (using TAO from UC Irvine/WUStL) • security (using OODTE access control from NAI) QuO

  13. in args CLIENT CLIENT OBJECT (SERVANT) OBJECT (SERVANT) operation() OBJ REF out args + return value Delegate Delegate in args Contract Contract CLIENT CLIENT OBJECT (SERVANT) OBJECT (SERVANT) operation() SysCond SysCond OBJ REF SysCond out args + return value SysCond IDL SKELETON IDL SKELETON MECHANISM/PROPERTY MANAGER IDL STUBS IDL STUBS OBJECT ADAPTER OBJECT ADAPTER Network ORB ORB ORB ORB IIOP IIOP IIOP IIOP Network QuO adds specification, measurement, and adaptation into the distributed object model Application Developer CORBA DOC MODEL Mechanism Developer Application Developer QuO Developer QUO/CORBA DOC MODEL Mechanism Developer

  14. The QuO Toolkit Supports Building Adaptive Apps or Adding Adaptation to Existing Apps • QuO aspect languages • Contract description language and adaptive behavior description language • Code generators that weave QuO code into Java and C++ applications • System Condition Objects • Provide interfaces to resources, managers, and mechanisms • QuO Runtime Kernel • Contract evaluator • Factory object which instantiates contract and system condition objects • Instrumentation library • QuO gateway • Insertion of special purpose transport layers and adaptation below the ORB CORBA IDL Contract Description Language (CDL) Contracts Delegates QuO Runtime Code Generators Adaptation Specification Language (ASL)

  15. Implementing Defenses in Middleware • for simplicity: • QoS concerns separated from functionality of application. • Better software engineering. • for practicality: • Requiring secure, reliable OS and network support is not currently cost-effective. • Middleware defenses will augment, not replace, defense mechanisms available in lower system layers. • for uniformity: • Advanced middleware such as QuO provides a systematic way to integrate defense mechanisms. • Middleware can hide peculiarities of different platforms. • for reuseability • Middleware can support a wide variety of applications.

  16. Security Domains Limit the Damage From A Single Intrusion domain host host host router host router host host domain hacked domain

  17. Replication Management Can Replace Killed Processes domain host host host router host router host host domain hacked domain application component replicas QuO replica management

  18. Bandwidth Management Can Counter Flooding Between Routers domain host host host router host router host host domain hacked domain QuO bandwidth management RSVP reservation

  19. Other Defense Mechanisms • Dynamically change communication ports • Dynamically change communication protocols

  20. A Defense Strategy Coordinates Defense Mechanisms • “if several IDS alarms on host H, tighten firewall on H” • “if multiple crashes on host H, move application process replicas elsewhere” For example: Applications we have defense-enabled use a variety of such rules, implemented in QuO.

  21. Validation • Effectiveness of individual defense mechanisms has been tested in-house. • Effectiveness of combined defense strategies will be measured by Red Team experiments.

  22. Conclusion The technique of defense enabling is likely to increase the survivability of military applications and, because defenses are implemented in middleware, can be applied with relatively little effort.

More Related