1 / 16

Network and System Support for Multi-Level Security

Network and System Support for Multi-Level Security. C. Edward Chow Department of Computer Science University of Colorado At Colorado Springs. Outline of the Talk. Motivation. Related Literature

chaim
Download Presentation

Network and System Support for Multi-Level Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network and System Support for Multi-Level Security C. Edward Chow Department of Computer Science University of Colorado At Colorado Springs chow

  2. Outline of the Talk • Motivation. • Related Literature • “A Model for Secure Multimedia Database System in a Distributed Environment”, by Joshi et al, Distributed Multimedia System Lab Purdue • XrML: eXtensible right Markup Language, www.xrml.org/about.asp. www.contentguard.com • “A Cryptographic Solution to Implement Access Control in a Hierarchy and More, by Ray et al. • Proposed Approach • Discussion chow

  3. SGFR Features Psychology EvaluationStress Level Tracking Effectiveness of Tool Usage(Keyboard/Mouse Event Tracking,History of Commands, Mistakes, Popup Quiz?) Security Enhanced GroupwareInstant messenger(JabberX) Group Key ManagmentSecure Group Rekeying system(Keystone) Group Communication Server Instant Messaging Server (Jabber) chow

  4. SGFR System Architecture SGFR Client SGFR Group Key Server SGFR Instant MessengerServer SGFR Client SGFR Client Group key distribution Registration/authentication Sign-in create/join chat groups Encrypt/Decrypt msgs using group key chow

  5. Interaction between various components chow

  6. Associate JabberX client with Keyserver and Jabber server • Users login to the Jabber server • If login successful, the client registers with the Keyserver. • When a user creates/joins a group, the Keyserver gives a key to the client. • When a user leaves the group, the Keyserver generates a new key for the remaining members of the group. chow

  7. First group key assigned to… Same for the description of the 2nd key below Point out certificate User ganesh joining group g1 Output of the Keystone Server User ayen joining group g1 chow

  8. Fig shows the encryption of the message from client to server. Fig shows the output of the Jabber server running on a machine chow

  9. Secure Keystone Client Request • Show the key piece of calls that send request to Keystone server. • If it checks the server certificate ( show the code). • Show the code that handle the response • Show how Daemon process receive the group key and its format. Port # used. chow

  10. Secure Keystone Client Verification • Show the code that • Accept the SSL request, • Verify the certificate of the client, chow

  11. Keystone Access Control • Show the code that Compare the subject info with access list (show the file format of access List) chow

  12. Keystone Server • Show how group key are generated and distributed, the related specification file. • Show how the group key are multicast. chow

  13. Jabber-KeyStone Interface • Show how the modified Jabber code uses group key for encryption. chow

  14. Group File Download & Display • Show how the client and server side code that implement remote image file download. chow

  15. Testing Results • Table 1 time taken for client registration group join, group leave • Table 2 time taken for file transfer chow

  16. Future work • Improve the file transfer capability using Reliable Multicast Transport Protocol. • Improve keystone’s error handling mechanism between keyserver/registrar and client manager. • Improve keystone client manager by moving it into socket layer and providing socket layer API between a client manager and data processor. • Integrate with multilevel secure document distribution system. chow

More Related