1 / 9

Integrity Through Mediated Interfaces PI Meeting August 19, 2002

Integrity Through Mediated Interfaces PI Meeting August 19, 2002. Bob Balzer, Marcelo Tallis Teknowledge <balzer,mtallis>@ teknowledge.com. Legend: Turquoise Changes from Feb. 02 PI meeting. Technical Objectives. Wrap Data with Integrity Marks Insure its Integrity

kareem
Download Presentation

Integrity Through Mediated Interfaces PI Meeting August 19, 2002

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Integrity Through Mediated InterfacesPI Meeting August 19, 2002 Bob Balzer, Marcelo Tallis Teknowledge <balzer,mtallis>@teknowledge.com Legend: TurquoiseChanges from Feb. 02 PI meeting

  2. Technical Objectives • Wrap Data with Integrity Marks • Insure its Integrity • Record its processing history • Reconstruct it from this history if it is corrupted • by program bugs • by malicious attacks • Demo these capabilities on major COTS product • Microsoft Office Suite (PowerPoint & Word only) • Also demo on a mission critical military system • PowerPoint and Word

  3. M Mediation Cocoon Environment = Operating System External Programs M M M Change Monitor • Wrap Program • Detect access of integrity marked data & decode it • Monitor User Interface to detect change actions • Translate GUI actions into application specific modifications Technical Approach Program • Detect update of integrity marked data • Re-encode & re-integrity mark the updated data • Repair any subsequent Corruption from History • Build on existing research infrastructure

  4. MS Word Data IntegrityTechnical Approach To Attribution • Time Lever shows document development • User selects range of interest • Move Forwards through Operations Log • Move Backwards through Undo Stack Operations Log

  5. Demo Completed (except for integration of generic mechanisms from PowerPoint Data Integrity) GUI Monitortied to change history Data IntegrityCurrent Status • MS Word Data Integrity • Completed • MS PowerPoint Data Integrity • Generic Data Integrity Architecture • Shape creation/deletion • Shape move/resize/recolor/rotate • Connector attachment/detachment • Group/ungroup • Problems (requiring unique development) • Single Process Debug/Demo Architecture • Typed Text (different low-level implementation) • Dangling Connectors (incomplete COM model)

  6. Data IntegrityFuture Plans • Complete Coverage of PowerPoint Operations • Integrate generic mechanisms from PowerPoint Integrity Manager back into Word • Deploy Word and PowerPoint Integrity Managers

  7. SafeEmail Attachments Spawn Email Client SafeEmail Attachments M M M Attachment Handler Safety Rulesi Wrapper M M M M M M Safety Rulesj Wrapper SafeEmail Attachments Spawn • Each opened attachment spawns new process M M M Attachment Handler • Wrapper encapsulateseach spawned process Safety Rulesk Wrapper Attachment Safe EmailAttachments Attachment • Deployment • Bundled with ADF as OPX Hardened Client • MARFORPAC Usability Test 2/02 • FBE-Juliet Red Team Experiment 8/02

  8. Response • New rule system & GUI • Autonomic responses Demo Deployment/Red-Team Results • MARFORPAC Usability Test (2/02) • No field usage problems (no attacks) • Assessed as unmaintainable • Not configurable by Marine Sysadmins • Alerts not understandable by Marine personnel • Hardened Client II Red-Team Experiment (5/02) • Test new ByPass Protection mechanism • All attacks on or to disable ByPass Protector failed • Attack on unprotected wrapper data succeeded • This vulnerability disclosed to Red-Team prior to experiment • FBE-Juliet Red-Team Experiment (8/02) • Test SafeEmail against malicious attachments • All attacks on SafeEmail failed • SafeEmail field portable to OfficeXP

  9. SafeEmail Plans • Integration with Enterprise Wrappers • Offboard Policy Manager • Offboard Alert Dissemination • Dynamic Policies • Pilot Deployments • Within Military and Federal Government • Development of Contained Execution Compartments • No persistent effects from opening email attachments • Only new document versions from editors • Integration with autonomic attack detector (SBIR) • Hardening & Independent Assessment (OPX) • Broader Coverage (all user processes) (OPX)

More Related