1 / 29

Anti-Ping Security Demo

Anti-Ping Security Demo. Active Networks Seraphim Security Roy Campbell and Dennis Mickunas University of Illinois at Urbana. Gnip pesky pings. Gnipper Active Network Application. Tasks & Goals. Demonstrate the advantages of active network security Change security dynamically

shani
Télécharger la présentation

Anti-Ping Security Demo

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Anti-Ping Security Demo Active Networks Seraphim Security Roy Campbell and Dennis Mickunas University of Illinois at Urbana

  2. Gnip pesky pings... Gnipper Active Network Application

  3. Tasks & Goals • Demonstrate the advantages of active network security • Change security dynamically • Fine grain security control • Security reconfiguration as the packet hops • Show security provisions for Classic examples

  4. Problem Unwanted ping packets and traceroutes require active defense from Gnipper Software

  5. Issues • What does an AN security application look like? • Enforcement: Application level versus Security System level • Authorization, Domain interaction, Granularity, Revocation • Interoperability, Backward Compatibility, Conformance with Architecture

  6. The Ping Problem

  7. Ping Traverses Network

  8. Response travels back

  9. Source of Pings?

  10. Gnipper App. removes unwanted pings

  11. Secure ANTS Node OS Arch Ref Model Active Capabilities EE PART Classic ANTS Seraphim Reference Monitor EE PART Node OS Part Node OS Part Restructured ANTS

  12. Innoculate the network GNIPPER VACCINE

  13. A new ping arrives

  14. Gnipper revokes permission to reply

  15. Gnipper traces ping, if permitted installs Gnipper

  16. Only one hop - no further info

  17. Classic Anet has no security assurance CLASSIC ANET

  18. Classic Anet lacks hop source security identification Security identification CLASSIC ANET

  19. Another pesky ping

  20. No permission to reply

  21. Gnipper traverse Classic Anet to node with security CLASSIC ANET

  22. Now Pings stopped close to source OLD ANET OLD ANET

  23. Broadcast Gnipper CLASSIC ANET

  24. Multicast Gnipper CLASSIC ANET

  25. Issues Exemplified • Masquerading-Can a extra node insert pings? • Impersonation- ping like another? • Replay- Can a node replay a valid ping? • Authorization-When can a principal ping? • Revocation- Can ping rights be removed? • Can security be dynamically reconfigured? • Is Gnipper correct?

  26. Advanced Issues • Identifying capsules and capsule intent? • Functionality -- capability (for method call) versus application code (interpretation of actions) • Non-repudiation of capsule changes and code transformations in routing network • Trust model for network architecture

  27. Status of Project • 1st Draft Active Network Security API conforming to Node Architecture and Security Architecture • Prototype reference monitor complete • Policy enforcement engine • Application Security Insights • Seraphim Active Network Security Demo

  28. Next Steps • Trust Model • Roles and Domains • Approved Security Active Network API • Formal Verification • Demo of Security for Reliable Multicast

  29. News Item SERAPHIM Project at University of Illinois Announces Secure ANTS Roy H. Campbell M. Dennis Mickunas Seraphim announces the availability of a secure ANTS execution environment for the ABONE. Secure ANTS incorporates the Seraphim security reference monitor and conforms to the Active Network Node OS and Active Network Security Architectures. It provides a wide range of security functions and security policies including discretionary access control and active capabilities. "Gnipper", an authenticated security program written for secure ANTS counters ping ANTS programs by revoking the specific user privileges required to perform ping. Gnipper produces a dynamic firewall that advances towards the source of a selected ping activation, preventing ping packets from penetrating beyond the dynamic firewall. Current active network research efforts propose novel network architectures to enable fast protocol and service deployment. However the dynamic and proactive nature of these active networks adds a new dimension to the security risks, and increases the of possibility of attacks by malicious user code. The goal of the Seraphim project is to build security architecture for active networks that is dynamic, reconfigurable, extensible and interoperable. We plan to extend our suite of dynamic security policies using roles and address issues of interoperability across administrative domains. Future security applications are being designed for multicast and to counter a variety of security attacks.

More Related