Seraphim : A Security Architecture for Active Networks

About This Presentation

Title:

Seraphim : A Security Architecture for Active Networks

Description:

Seraphim : A Security Architecture for Active Networks University of Illinois at Urbana-Champaign – PowerPoint PPT presentation

Number of Views:87

Avg rating:3.0/5.0

Slides: 25

Provided by: Seu58

Learn more at: https://www.cc.gatech.edu

Category:

more less

Transcript and Presenter's Notes

Title: Seraphim : A Security Architecture for Active Networks

1
Seraphim A Security Architecture for Active
Networks

University of Illinois at Urbana-Champaign

2
Motivation

Active Network is a radical approach to provide
programmability in the network
Dynamic nature of Active Network needs dynamic
security architecture as one of the crucial
requirements

3
Seraphim Threat Model

Malicious attacks against the active packets?
Unauthorized access to NodeOS resources
Attacks against the privacy and integrity of
communication
Denial of Service

4
Seraphim Features

Access Control for the NodeOS resources using
Security Guardian with Dynamic Policy and Active
Capability
Security API for secure communication
DDoS Prevention
Pluggable Architecture

5
Access Control

All accesses to NodeOS resources go through the
Security Guardian
Access control policies are written in the
context of Policy Framework
Active Capability is used as the carrier of the
access control policy

6
Dynamic Policy

Supports several security policies and provides
dynamic transition between them

DDAC
DAC
MAC
RBAC
OS Primitives, Interfaces
7
NodeOS Security API
EE
Authentication
Authorization
Security Services
GAA API
PAM API
GSS API
X.509, Password-based, Kerberos, SESAME, Etc.
Active Capability, PolicyMaker, ACL Etc.
JCE, Kerberos, SESAME, Etc.
Public Key API
Security Guardian
X.509 PKI
NodeOS
Dynamic Policy Framework
RFC 2510
8
DDoS Prevention - BARMAN
9
DDOS Prevention

BARMAN Bandwidth Authorization and Resource
Management in Active Networks
Dynamic protocol solution triggered by
bandwidth flooding
Threshold value based on processor and link
characteristics
Bandwidth Certification for Attack Detection
Hierarchical traceback with dynamic accounting
state
Co-operative dynamic recovery using active
filtering

10
Threshold Computation

Static Phase of Protocol
Threshold Value
Computed by trusted entity e.g., administrator
Packet rate that can be safely processed by
receiver (server or active router) without
getting DOSed
Accommodate for emergency control channel
Secure Session Establishment

11
Bandwidth Certification

Dynamic Phase of Protocol
Triggered by Threshold violation
Sender certifies hop-to-hop bandwidth
Certificate for Authorization of Bandwidth
Small fixed length certificate, fixed options,
cryptographic protection using fast encryption or
hardware.
Prevents link spoofing, man-in-the-middle and
replay attacks
Layered authentication technique

12
Traceback

Flow Classification and Aggregation based on
eventual destination of capsule
Direct host, same subnet, foreign subnet
Flow characterization real-time statistics
collection vs. attack-triggered
Characterization used to implement hierarchical
traceback with dynamic state

13
Dynamic Traceback
(0,0,X)
AS 3
AS 2
(0,X,-)
(0,X,0)
(X,0,-)
AS 4
(0,0,-)
14
Dynamic Recovery

Traceback as far back as possible using secure
control messages
Reconstruct attack based on collected statistics
Dynamically filter on sender for misbehaving
flows simultaneously

15
Pluggable Architecture
16
Pluggable Architecture

Seraphim is designed as a pluggable architecture
Originally developed for restructured version of
ANTS
Currently, Seraphim is integrated with Bowman

17
Integration Overview
CANEs API
I2
I1
U
CANEs EE
User A-Flow
Policy Administrator GUI
CANEs Signaling A-Flow
Security Guardian (JNI, JVM)
Policy Server
System Thread
Bowman NodeOS
Host OS
18
Integration Features