1 / 16

Security Considerations in Adaptive Middleware

Security Considerations in Adaptive Middleware. Ajanta – Mobile Agent’s research project papers ( http://www.cs.umn.edu/Ajanta/publications.html )

violet
Download Presentation

Security Considerations in Adaptive Middleware

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Considerations in Adaptive Middleware Ajanta – Mobile Agent’s research project papers (http://www.cs.umn.edu/Ajanta/publications.html) H.Spafford and Diego Zamboni, Purdue University - “Intrusion detection using autonomous agents”. (http://www.elsevier.nl/gej-ng/10/15/22/49/30/25/article.pdf) Sau-Koon Ng “Protecting mobile Agents Against Malicious Hosts”, University of Hong Kong (http://www.informatik.uni-stuttgart.de/ipvr/vs/projekte/mole/security/ngthesis.pdf) Sander and Tchudin, ICSI/Berkeley "Protecting mobile Agents Against Malicious Hosts" (http://citeseer.nj.nec.com/cache/papers2/cs/16015/http:zSzzSzwww.icsi.berkeley.eduzSz~tschudinzSzpszSzma-security.pdf/sander98protecting.pdf) Security and Mobile Agents

  2. Major Directions of Study • Implementing Intrusion Detection System as a part of Adaptive middleware layer using autonomous Agent’s technology • Security problems related with the Agent’s mobility • Agent’s operation in the hostile environment (securing agents against malicious host) • Malicious agents activity (securing host against malicious agents)

  3. Intrusion Detection System – Major Requirements Why Autonomous Agents? • Adaptability • Configurability • Minimal system overhead • Fault tolerance • Subversion resistance • Scalability • Dynamic reconfiguration • Compatibility • Graceful degradation of service Do we Need Mobility?

  4. Autonomous Agents - Advantages • Possibility to add/remove agents to monitor most interesting effects during certain period of time • An agent can be configured specifically for the host needs where it runs - this gives possibility to implement wide range of security policies • By dynamically enabling/disabling agents we can use system resources only for the tasks needed and therefore minimize system overhead • We can enable cross-verification between agents to keep their integrity

  5. Autonomous Agents - Advantages • With increasing amount of hosts in the system we can dynamically increase amount of agents therefore making IDS scalable • If couple of agents are stopped (lets say for maintenance) other can continue working therefore allowing dynamic reconfiguration • Agents can run on different platforms (like Windows NT family PCs or Sun servers) providing compatibility of IDS with different platforms • If one agent accidentally stops for any reason only operation of couple of those related with it may be affected

  6. Example of Existing IDS Architecture AAFID Autonomous Agents Filter Transceiver Monitors GUI Filter Autonomous Agents Transceiver Monitors Autonomous Agents Filter Transceiver Can it be improved with the mobility? How?

  7. AAFID Description Filters – platform and OS specific entities. Their purpose – extract necessary data providing therefore hardware and OS abstraction layer Autonomous Agents – in AAFID just dynamically enabled and disabled host specific threads with tight purpose (counting amount of opened connections) Transceivers – host specific entities responsible for collecting data from agents operating on current host and transferring that data to higher entities Monitors – entities which get information from different hosts, analyze it and can produce alarm in case of attack GUI – user interface

  8. Mobile Agent Operation in the Hostile Environment • Issues: • Confidentiality • Integrity • Three types of information to protect: • Static information which is not relevant for Agent’s successful operation (No Read Access, No Write Access) • Static information to which Agent should have an Access (Read Only) • Dynamic information, including Agent’s code (Read and Write Access)

  9. Protection Methods Static Data – No access on intermediate hosts Asymmetrical Encryption using public & private key technology Agent carries public key of the source host (for encryption) and public keys of all nodes it visits (for integrity) Static Data – Read only Access on intermediate hosts Only Integrity can be provided with the method mentioned above Dynamic Data When attacker has complete access to the memory where the code is executed, the protection becomes more difficult and even impossible “theoretically” How can we made tampering process more difficult?

  10. Dynamic Code Protection Methods • Special type of Encryption mechanism which leaves code executable • Adding noisy code in order to increase Agent’s “Entropy” and hide Agent’s real intention

  11. Mathematical model • Problem: • Alice has an algorithm to compute f • Bob has an input x and should compute f(x) • Bob should learn nothing about f • Bob should not interact with Alice during the computationof f(x)

  12. Solution: Alice • Alice encrypts f • Alice creates a program P(E(f)) which implements E(f) • Alice sends P(E(f)) to Bob • Bob executes P(E(f)) at x • Bob sends P(E(f))(x) to Alice • Alice decrypt P(E(f))(x) and obtains f(x) f(x) E(f) (x) P(E(f)) (x) x Bob

  13. Some Definitions • Lets consider two rings – R,S and function E: R S • Let’s callencryption function E • additively homomorphicif there is an efficient algorithmPLUStocompute E(x+y) from E(x) and E(y) • multiplicatively homomorphicif there is an efficient algorithmMULTto compute E(xy) from E(x) and E(y) • mixed multiplicatively homomorphicif there is an efficient algorithmMIXED-MULTto compute E(xy) from E(x) and y

  14. Homomorphic Encryption Scheme Consider polynomial function Let E: R R be an additively and mixed multiplicativelyhomomorphic encryption scheme. • Alice’s operation while creating P(X) for Bob: • Replace each coefficient by • In all summands replace “multiplication” operation of coefficients by with MIXED-MULT • Replace “addition” operation with PLUS • Send P to Bob

  15. Homomorphic Encryption Scheme • Operations on Bob’s host: • Run P on his private input and store a list • Produce list of summands by calling MIXED-MULTNote: according to MIXED-MULT definition and properties of E Bob gets for each summand • Elements of M are added by calling PLUSAs the result Bob gets exactly E(p(x)) • Bob sends result back to Alice Alice decrypts the result simply by applying E-1 and obtains p(x)

  16. Protecting the Host against Mobile Code • General Steps: • Verification • Authentication • Authorization • Execution

More Related