security considerations in adaptive middleware n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Security Considerations in Adaptive Middleware PowerPoint Presentation
Download Presentation
Security Considerations in Adaptive Middleware

Loading in 2 Seconds...

play fullscreen
1 / 16

Security Considerations in Adaptive Middleware - PowerPoint PPT Presentation


  • 104 Views
  • Uploaded on

Security Considerations in Adaptive Middleware. Ajanta – Mobile Agent’s research project papers ( http://www.cs.umn.edu/Ajanta/publications.html )

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Security Considerations in Adaptive Middleware' - violet


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
security considerations in adaptive middleware

Security Considerations in Adaptive Middleware

Ajanta – Mobile Agent’s research project papers (http://www.cs.umn.edu/Ajanta/publications.html)

H.Spafford and Diego Zamboni, Purdue University - “Intrusion detection using autonomous agents”. (http://www.elsevier.nl/gej-ng/10/15/22/49/30/25/article.pdf)

Sau-Koon Ng “Protecting mobile Agents Against Malicious Hosts”, University of Hong Kong (http://www.informatik.uni-stuttgart.de/ipvr/vs/projekte/mole/security/ngthesis.pdf)

Sander and Tchudin, ICSI/Berkeley

"Protecting mobile Agents Against Malicious Hosts"

(http://citeseer.nj.nec.com/cache/papers2/cs/16015/http:zSzzSzwww.icsi.berkeley.eduzSz~tschudinzSzpszSzma-security.pdf/sander98protecting.pdf)

Security and Mobile Agents

major directions of study
Major Directions of Study
  • Implementing Intrusion Detection System as a part of Adaptive middleware layer using autonomous Agent’s technology
  • Security problems related with the Agent’s mobility
  • Agent’s operation in the hostile environment (securing agents against malicious host)
  • Malicious agents activity (securing host against malicious agents)
intrusion detection system major requirements
Intrusion Detection System – Major Requirements

Why Autonomous Agents?

  • Adaptability
  • Configurability
  • Minimal system overhead
  • Fault tolerance
  • Subversion resistance
  • Scalability
  • Dynamic reconfiguration
  • Compatibility
  • Graceful degradation of service

Do we Need Mobility?

autonomous agents advantages
Autonomous Agents - Advantages
  • Possibility to add/remove agents to monitor most interesting effects during certain period of time
  • An agent can be configured specifically for the host needs where it runs - this gives possibility to implement wide range of security policies
  • By dynamically enabling/disabling agents we can use system resources only for the tasks needed and therefore minimize system overhead
  • We can enable cross-verification between agents to keep their integrity
autonomous agents advantages1
Autonomous Agents - Advantages
  • With increasing amount of hosts in the system we can dynamically increase amount of agents therefore making IDS scalable
  • If couple of agents are stopped (lets say for maintenance) other can continue working therefore allowing dynamic reconfiguration
  • Agents can run on different platforms (like Windows NT family PCs or Sun servers) providing compatibility of IDS with different platforms
  • If one agent accidentally stops for any reason only operation of couple of those related with it may be affected
example of existing ids architecture aafid
Example of Existing IDS Architecture AAFID

Autonomous

Agents

Filter

Transceiver

Monitors

GUI

Filter

Autonomous

Agents

Transceiver

Monitors

Autonomous

Agents

Filter

Transceiver

Can it be improved with the mobility? How?

aafid description
AAFID Description

Filters – platform and OS specific entities. Their purpose – extract necessary data providing therefore hardware and OS abstraction layer

Autonomous Agents – in AAFID just dynamically enabled and disabled host specific threads with tight purpose (counting amount of opened connections)

Transceivers – host specific entities responsible for collecting data from agents operating on current host and transferring that data to higher entities

Monitors – entities which get information from different hosts, analyze it and can produce alarm in case of attack

GUI – user interface

mobile agent operation in the hostile environment
Mobile Agent Operation in the Hostile Environment
  • Issues:
  • Confidentiality
  • Integrity
  • Three types of information to protect:
  • Static information which is not relevant for Agent’s successful operation (No Read Access, No Write Access)
  • Static information to which Agent should have an Access (Read Only)
  • Dynamic information, including Agent’s code (Read and Write Access)
protection methods
Protection Methods

Static Data – No access on intermediate hosts

Asymmetrical Encryption using public & private key technology

Agent carries public key of the source host (for encryption) and public keys of all nodes it visits (for integrity)

Static Data – Read only Access on intermediate hosts

Only Integrity can be provided with the method mentioned above

Dynamic Data

When attacker has complete access to the memory where the code is executed, the protection becomes more difficult and even impossible “theoretically”

How can we made tampering process more difficult?

dynamic code protection methods
Dynamic Code Protection Methods
  • Special type of Encryption mechanism which leaves code executable
  • Adding noisy code in order to increase Agent’s “Entropy” and hide Agent’s real intention
mathematical model
Mathematical model
  • Problem:
  • Alice has an algorithm to compute f
  • Bob has an input x and should compute f(x)
  • Bob should learn nothing about f
  • Bob should not interact with Alice during the computationof f(x)
solution
Solution:

Alice

  • Alice encrypts f
  • Alice creates a program P(E(f)) which implements E(f)
  • Alice sends P(E(f)) to Bob
  • Bob executes P(E(f)) at x
  • Bob sends P(E(f))(x) to Alice
  • Alice decrypt P(E(f))(x) and obtains f(x)

f(x)

E(f) (x)

P(E(f)) (x)

x

Bob

some definitions
Some Definitions
  • Lets consider two rings – R,S and function E: R S
  • Let’s callencryption function E
  • additively homomorphicif there is an efficient algorithmPLUStocompute E(x+y) from E(x) and E(y)
  • multiplicatively homomorphicif there is an efficient algorithmMULTto compute E(xy) from E(x) and E(y)
  • mixed multiplicatively homomorphicif there is an efficient algorithmMIXED-MULTto compute E(xy) from E(x) and y
homomorphic encryption scheme
Homomorphic Encryption Scheme

Consider polynomial function

Let E: R R be an additively and mixed multiplicativelyhomomorphic encryption scheme.

  • Alice’s operation while creating P(X) for Bob:
  • Replace each coefficient by
  • In all summands replace “multiplication” operation of coefficients by with MIXED-MULT
  • Replace “addition” operation with PLUS
  • Send P to Bob
homomorphic encryption scheme1
Homomorphic Encryption Scheme
  • Operations on Bob’s host:
  • Run P on his private input and store a list
  • Produce list of summands by calling MIXED-MULTNote: according to MIXED-MULT definition and properties of E Bob gets for each summand
  • Elements of M are added by calling PLUSAs the result Bob gets exactly E(p(x))
  • Bob sends result back to Alice

Alice decrypts the result simply by applying E-1 and obtains p(x)

protecting the host against mobile code
Protecting the Host against Mobile Code
  • General Steps:
  • Verification
  • Authentication
  • Authorization
  • Execution