1 / 37

Sandbox technology, a suitable approach for secure distributed systems

Sandbox technology, a suitable approach for secure distributed systems. By: Arash Karami Supervisor : Hadi Salimi Distributed Systems Course Seminar arashkarami88@gmail.com. July 2010. Mazandaran University of Science and Technology IT department. Main Contents. What: Sandbox security

maree
Download Presentation

Sandbox technology, a suitable approach for secure distributed systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Sandbox technology,a suitable approach forsecure distributed systems By: Arash Karami Supervisor :Hadi Salimi Distributed Systems Course Seminar arashkarami88@gmail.com July 2010 Mazandaran University of Science and Technology IT department

  2. Main Contents • What: Sandbox security • Where: General-purpose Grid computing • Why: security with lightweight overhead, … • How: see those in next parts!!! Sandbox technology present by Arash Karami

  3. Table of Content • Introduction • Sandbox idea • Other concepts • Usages • Features • Interception • Interception Levels • Access Control List • Chroot mechanism • Applications • Evaluating • Time line • Conclusion Sandbox technology present by Arash Karami

  4. Introduction Motivation Introduction My purpose Sandbox technology present by Arash Karami

  5. Motivation • large scale systems need to be high performance • Distributed system are normally untrustedenvironments • Establishing secure processing environments is very time consuming(common) • We have found a suitable technology for lightweight secure environemntsin large scale systems 2000 1990 2010 Standalone Antivirus Security suits ` Sandboxes Sandbox technology present by Arash Karami

  6. Introduction to sandbox • By wikipedia: • In computer security, a sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers and untrusted users.” • By common: • Process virtual machine • By my survey: • A jail that can override and modify the behaviour of system calls without change in real system Sandbox technology present by Arash Karami

  7. Purposes & specifics • Lightweight • High performance • Virtualization • Role based • Special ACL • Control and management resource • Restriction in resources • Better than complex authentications • Self defensive Sandbox technology present by Arash Karami

  8. The sandbox idea Idea Other concepts Sandbox technology present by Arash Karami

  9. Other means • Sandbox games • Google sandbox rating • Sandboxes have many applications in computer science!!! • The sandbox tool aims to fulfill the need for application security on a distributed environment Sandbox technology present by Arash Karami

  10. usages Sandbox in X computing Sandbox as virtual machine Sandbox as monitoring tools (EVEN) Sandbox as IDS ;) Sandbox technology present by Arash Karami

  11. Usage of sandboxes Network monitoring tools, Network traffic control FVM IDS BlueBox Resource Management systems Virtualization Anti viruses Norman Avast Sandbox approach Chromium Java sandbox Mobile computing Rule base management systems Mobile codes Honey pots Full virtualization Cloud/Grid computing EVM Gridbox DGMonitor Janus FVM Sandbox technology present by Arash Karami

  12. Features Interception Access Control List Application sandboxes Sandbox technology present by Arash Karami

  13. Interception • Base of sandboxes • Process interception • system call interception • Os: • Unix: ptrace OR… • Windows: dll injection • Monitoring resources and controlling them Sandbox technology present by Arash Karami

  14. User level sandbox • Trace system calls • Using ptrace in Unix • Using injection to address space of processes in windows. • For example: • Gridbox • Chromium sandbox project • Chroot • Janus Sandbox technology present by Arash Karami

  15. Kernel level sandbox • Create a driver or kernel modules for a specific platform • Low level programming • Dirty programming!!! • Non-hacked (than to user mode) • For example • BlueBox • EVM • Condor Sandbox technology present by Arash Karami

  16. Access Control List • Assign a task, role, system call • Change system call with real system call • Example: • Gridbox: • Define acl.c + syscalls.c for resource management Sandbox technology present by Arash Karami

  17. Application sandboxes • Move desktop app to web app • Protecting with lightweight , secure, flexible approach (WHERE???) • Extension or separated program • Sandboxie • A part of Applets • SilverLight • Lost real performance Sandbox technology present by Arash Karami

  18. Present two prof sandbox GridBox Chromium sandbox project Sandbox technology present by Arash Karami

  19. Gridbox • started at 2005 • Lightweight code files & executable file • Heterogeneous on Unix base system • User mode interception • Used in ProGrid, SETI@ • Using ACL • Multi level security Sandbox technology present by Arash Karami

  20. Multi level security # Program execution` # Allow execution of /bin/cat rule system allow /bin/cat # Disallow any other program execution rule system deny * # Network access: Allow connections to trusted machines rule connect allow 200.18.98.120:80 rule connect allow 200.18.98.132:80 # Disallow any other connection rule connect deny *:* # Serving connections: Allow to bind to port 8000 of interface 200.18.98.120 rule bind allow 200.18.98.120:8000 # Disallow any other port binding rule bind deny * # Node profile # Limit the CPU use to 5 minutes limit CPU_TIME 600 # Limit maximum file size limit FILE_SIZE 1000000 # Limit maximum process stack limit STACK 20000 #/usr/local/grid/sandbox.sh /usr/local/grid/applications/test_suite ...GRIDBOX: fopen (input): DENIED GRIDBOX: connect (200.18.98.120:80): DENIED GRIDBOX: nice(10): DENIED GRIDBOX: connect (200.18.98.120:22): DENIED GRIDBOX: system (/bin/rm): DENIED GRIDBOX: fopen (/etc/passwd): DENIED Sandbox technology present by Arash Karami

  21. GridBox Functionalities Sandbox technology present by Arash Karami

  22. Chromium Sandbox project • Subset of Chromium open source project • Independent to Google codes • Cross-platform • Restriction in: • process • I/O • Network Sandbox technology present by Arash Karami

  23. Evaluate Table of all surveyed sandboxes Time-line Sandbox technology present by Arash Karami

  24. Compression • Sandbox is a wide concept • It is based of interception Sandbox technology present by Arash Karami

  25. Some surveyed sandboxes

  26. Time-Line • Progress sandboxes Systrace chromium Condor Gridbox Avast Janus FreeBSD Jail Chroot 1980 1985 1990 1995 2000 2005 2010 Sandbox technology present by Arash Karami

  27. Result Result challenges discussion Sandbox technology present by Arash Karami

  28. A good sandbox properties: • Interception without restriction on resources • A secure box for virtual processes • Multi part restriction: • Memory restriction: • Restriction space for Processes, threads • process management • monitoring network protocols Sandbox technology present by Arash Karami

  29. challenges • Implement level • Goal • Cross-platform • Fine-grained level Sandbox technology present by Arash Karami

  30. Conclusion Sandbox technology present by Arash Karami

  31. Today we need to: • A cross platform sandbox • High performance • Support kernel and user mode sandboxing • Dynamic ACL (Google ACL)s • Full virtualization • Limited local resource and network resource • Open source Sandbox technology present by Arash Karami

  32. Discussion Sandbox technology present by Arash Karami

  33. References Sandbox technology present by Arash Karami

  34. All references • S Loureiro, R Molva, Y Roudier 2000 “Mobile Code Security” Proceedings of ISYPAR • AR.Butt, S.Adabala, NH.Kapadia, RJ.Figueiredo and J.A.B.Fortes “Grid-computing portals and security issues” Journal of Parallel and Distributed Computing, October 2003 • H.Chen, P.Liu, R.Chen, B.Zang, H.Chen, P.Liu, R.Chen ” VMM-based Process Shepherding” Parallel Processing Institute Technical Report Number: FDUPPITR-2007-08002 August 2007 • I.Goldberg, D.Wagner, R.Thomas, EA.Brewer “A Secure Environment for Untrusted Helper Applications Conning the Wily Hacker” Sixth USENIX UNIX security symposium, July 1996 • By Wikipedia http://en.wikipedia.org/wiki/Sandbox_%28computer_security%29t 2010-07-14 • J. Lange, P. Dinda, Transparent Network Services via a Virtual Traffic Layer for Virtual Machines, Proceedings of the 16th IEEE International Symposium on High Performance Distributed Computing (HPDC 2007), June, 2007 • CHARI, S. N., AND CHENG, P.-C. BlueBoX: A Policy-driven, Host-Based Intrusion Detection System. In Proceedings of the 9th Symposium on Network and Distributed Systems Security (NDSS 2002) (2002). • T.Khatiwala, R.Swaminathan, V. N.Venkatakrishnan “Data Sandboxing: A Technique for Enforcing Confidentiality Policies”, Proceedings of the 22nd Annual  Computer Security Applications Conference, p.223-234, December 11-15, 2006 • Frey, J. Tannenbaum, T. Livny, M. Foster, I. Tuecke, S. “Condor-G: A Computation Management Agent for Multi-Institutional Grids” cluster computing, 2002, VOL 5; NUMBER 3, pages 237-246 • P. Cicotti, M.Taufer and A. Chieny “DGMonitor: A Performance Monitoring Tool for Sandbox-Based Desktop Grid Platforms” journal of supercomputing, 2005, VOL 34; NUMBER 2, pages 113-133 • D.Wagner “A Secure Environment for Untrusted Helper Applications”http://searchsystemschannel.techtarget.com/generic/0,295582,sid99_gci1379901,00.html Sandbox technology present by Arash Karami

  35. • http://www.webpronews.com/insiderreports/2004/05/06/google-sandbox-effect-revealed • EvgueniDodonov , Joelle Quaini Sousa , HélioCrestana Guardia, GridBox: securing hosts from malicious and greedy applications, Proceedings of the 2nd workshop on Middleware for grid computing, p.17-22, October 18-22, 2004, Toronto, Ontario, Canada • S.Santhanam, P.Elango, A.Arpaci-Dusseau ,M.Livny "Deploying virtual machines as sandboxes for the grid" Proceedings of the 2nd conference on Real, Large Distributed Systems, 2005 • Jiang, X. Wang, X. “"Out-of-the-Box" Monitoring of VM-Based High-Interaction Honeypots” lecture notes in computer science , 2007 • Malkhi, D. Reiter, M. K “Secure Execution of Java Applets Using a Remote Playground” IEEE transactions on software engineering, 2000 • M.Khambatti, P.Dasgupta, KD.Ryu “A Role-Based Trust Model for Peer-to-Peer Communities and Dynamic • Coalitions” In IWIA '04: Proceedings of the Second IEEE • International Information Assurance Workshop, page 141, Washington, DC, USA, 2004 • The Technion DSL Lab, Israel “Condor Local File System Sandbox” high level design document • B Calder, AA Chien, J Wang, D Yang “,The Entropia Virtual Machine for Desktop Grids” Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments, 2005 • David A. Wagner. Janus: an Approach for Confinement of Untrusted Applications. Technical Report CSD-99-1056, 12, 1999. 2, 8 • N.Provos “Improving host security with system call policies” Proceedings of the 12th conference on USENIX Security Symposium, 2003 • sandboxiehttp://www.sandboxie.com/ • Chromium project http://www.google.com/url?sa=t&source=web&cd=1&ved=0CBYQFjAA&url=http%3A%2F%2Fcode.google.com%2Fchromium%2F&ei=Qs49TI_NJ5i8jAerqZT5Aw&usg=AFQjCNFFIW41N_oxaGVfvEf4kTPmYqUfWg&sig2=Af2KdebPFzPOcyA-wSUAVQ Sandbox technology present by Arash Karami

  36. ? Sandbox technology present by Arash Karami

  37. Sandbox technology present by Arash Karami

More Related