Seraphim : A Security Architecture for Active Networks - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Seraphim : A Security Architecture for Active Networks

Description:

Seraphim : A Security Architecture for Active Networks University of Illinois at Urbana-Champaign – PowerPoint PPT presentation

Number of Views:91
Avg rating:3.0/5.0
Slides: 25
Provided by: Seu58
Category:

less

Transcript and Presenter's Notes

Title: Seraphim : A Security Architecture for Active Networks


1
Seraphim A Security Architecture for Active
Networks
  • University of Illinois at Urbana-Champaign

2
Motivation
  • Active Network is a radical approach to provide
    programmability in the network
  • Dynamic nature of Active Network needs dynamic
    security architecture as one of the crucial
    requirements

3
Seraphim Threat Model
  • Malicious attacks against the active packets?
  • Unauthorized access to NodeOS resources
  • Attacks against the privacy and integrity of
    communication
  • Denial of Service

4
Seraphim Features
  • Access Control for the NodeOS resources using
    Security Guardian with Dynamic Policy and Active
    Capability
  • Security API for secure communication
  • DDoS Prevention
  • Pluggable Architecture

5
Access Control
  • All accesses to NodeOS resources go through the
    Security Guardian
  • Access control policies are written in the
    context of Policy Framework
  • Active Capability is used as the carrier of the
    access control policy

6
Dynamic Policy
  • Supports several security policies and provides
    dynamic transition between them

DDAC
DAC
MAC
RBAC
OS Primitives, Interfaces
7
NodeOS Security API
EE
Authentication
Authorization
Security Services
GAA API
PAM API
GSS API
X.509, Password-based, Kerberos, SESAME, Etc.
Active Capability, PolicyMaker, ACL Etc.
JCE, Kerberos, SESAME, Etc.
Public Key API
Security Guardian
X.509 PKI
NodeOS
Dynamic Policy Framework
RFC 2510
8
DDoS Prevention - BARMAN
9
DDOS Prevention
  • BARMAN Bandwidth Authorization and Resource
    Management in Active Networks
  • Dynamic protocol solution triggered by
    bandwidth flooding
  • Threshold value based on processor and link
    characteristics
  • Bandwidth Certification for Attack Detection
  • Hierarchical traceback with dynamic accounting
    state
  • Co-operative dynamic recovery using active
    filtering

10
Threshold Computation
  • Static Phase of Protocol
  • Threshold Value
  • Computed by trusted entity e.g., administrator
  • Packet rate that can be safely processed by
    receiver (server or active router) without
    getting DOSed
  • Accommodate for emergency control channel
  • Secure Session Establishment

11
Bandwidth Certification
  • Dynamic Phase of Protocol
  • Triggered by Threshold violation
  • Sender certifies hop-to-hop bandwidth
  • Certificate for Authorization of Bandwidth
    Small fixed length certificate, fixed options,
    cryptographic protection using fast encryption or
    hardware.
  • Prevents link spoofing, man-in-the-middle and
    replay attacks
  • Layered authentication technique

12
Traceback
  • Flow Classification and Aggregation based on
    eventual destination of capsule
  • Direct host, same subnet, foreign subnet
  • Flow characterization real-time statistics
    collection vs. attack-triggered
  • Characterization used to implement hierarchical
    traceback with dynamic state

13
Dynamic Traceback
(0,0,X)
AS 3
AS 2
(0,X,-)
(0,X,0)
(X,0,-)
AS 4
(0,0,-)
14
Dynamic Recovery
  • Traceback as far back as possible using secure
    control messages
  • Reconstruct attack based on collected statistics
  • Dynamically filter on sender for misbehaving
    flows simultaneously

15
Pluggable Architecture
16
Pluggable Architecture
  • Seraphim is designed as a pluggable architecture
  • Originally developed for restructured version of
    ANTS
  • Currently, Seraphim is integrated with Bowman

17
Integration Overview
CANEs API
I2
I1
U
CANEs EE
User A-Flow
Policy Administrator GUI
CANEs Signaling A-Flow
Security Guardian (JNI, JVM)
Policy Server
System Thread
Bowman NodeOS
Host OS
18
Integration Features
  • Provides access control for signaling messages
  • Dynamic flow control at active routers by dynamic
    policy framework
  • Use JNI to plug Java-based Seraphim architecture
    into C-based CANEs/Bowman

19
Demo Contributions
  • Access control for the CANES signaling mechanism
  • Dynamic control of AER flows
  • Prevention of bandwidth clogging DDoS attacks

20
Demo Details - CANES Signaling
21
Demo Details AER flows
22
Demo Details - BARMAN
23
Conclusion
  • Seraphim is dynamic, extensible, flexible, and
    reconfigurable security architecture which meets
    the requirements for Active Networks

24
Future Research Possibilities
  • Interoperability between different security
    domains using role translation
  • Risk model for Active Networks
  • Automated response against intrusions
Write a Comment
User Comments (0)
About PowerShow.com