170 likes | 187 Views
This term paper explores the concept of autonomic distributed computing in security management, focusing on the benefits, capabilities, and future interest in this field. It also discusses the implementation of an autonomic distributed firewall for enhanced security.
E N D
CS 843 – Semester Project Autonomic Distributed Computing In Security Management Submitted to : Dr. Chang - Uma Tamilarasan CS 843 Term Paper
Agenda • Introduction • Autonomic computing • Autonomic distributed computing in Security Management • Autonomic Distributed firewall • Benefits of Autonomic Computing • Future Interest of Autonomic computing • Conclusion • References CS 843 Term Paper
Introduction • System Complexity grows beyond human ability • People Costs are Growing • Complexity keeps the costs of managing (deploying, tuning, fixing, securing) the IT infrastructure high. • Need of IT field : computing systems capable of running themselves, adjusting to varying circumstances, and preparing themselves for any workload – autonomic computing systems • Flexible, Accessible, Transparent CS 843 Term Paper
Autonomic Computing • Automatically and continually define and redefine system resources • monitor internal health • detect external compromises • reconfigure, reroute and heal system problems • anticipate current and future computing needs when and where they are required. • Self – optimizing, self – protecting, self – configuring, self - healing Example : Detecting a computer chip when it might fail, or optimizing network throughput CS 843 Term Paper
Autonomic Distributed Computing in Security Management • self-protecting "heartbeat" function – ‘keep alive’ messages • proactively notifies potential failures in the security infrastructure • promises real-time views of network topology to pinpoint security threats • automated security patch deployment • broader interoperability with leading third-party security products • broadens support for intrusion detection systems • automatically correlates security events • provides attack response • proactive analyzes the state of these technologies CS 843 Term Paper
Capabilities of autonomic Security Management • Tripwire for Servers – addresses the security and integrity of data on servers by notifying users if, when, and how files have changed. • Application Shield – automatically prevents application level security breaches such as e-shoplifting or identity theft. • Intrusion Detection Systems – monitors the network and key system files for suspicious activity. If harmful activity is suspected, a message is sent immediately CS 843 Term Paper
Autonomic Distributed Firewall (ADF) – “embedded firewall” • Embed a firewall into machine's network interface card • Provides a centrally managed, tamper resistant firewall on every host • controls protocols, ports, encryption at every host’s connection with the network. • includes a management station for one administrator to control • Only a centralized policy controller deals with embedded firewall policies • Each embedded firewall can have its own policy. CS 843 Term Paper
ADF Approach • Push the firewall closer to, but not on to, the host. - The host cannot be trusted because the operating system may be subverted. • Create a “firewall-on-a-Network Interface Card (NIC)” that is independent from the host • Use a master-slave architecture to provide scalability & centralized security policy management CS 843 Term Paper
ADF Concept • Complements existing perimeter firewalls • Protects against insider threat • Stronger than existing host/application security • Mechanisms cannot be subverted by malicious users or code running on a weak operating system • An affordable security solution • Low cost of hardware and software • Incremental deployment to address specific threats • A survivable security solution • Transparent to hosts and applications • Redundant management system • Fail-safe hardware components CS 843 Term Paper
Technical Objective Provide robust, intrusion tolerant networks via a firewall per host • Provide defense in depth • Provide protection from insiders • Tie distributed firewall to autonomic response mechanisms CS 843 Term Paper
Network Interface Card – Impl. • Isolation from the host operating system • NIC based policy supports servers, desktops, telecommuters, and laptops • No sniffing • Prevents sniffing passwords and other information • No spoofing • Eliminates distributed denial of service attacks using spoofed addresses. • Additional rules based on • IP addresses • Direction • Port ranges • Initiate vs. accept connections • Possible NIC actions • Allow/deny. Passes or drops the packet • Audit/no audit. Sends audit to the ADF Controller CS 843 Term Paper
Remote user Firewall Firewall Autonomic Distributed Firewall Desktop and application protection allow users to run applications but prevent undesired functionality within those applications "Locks Down" the Operating System, preventing unauthorized modification Zero Update architecture Hides operating system identity from TCP stack fingerprinting Internet Workstation Server CS 843 Term Paper
Benefits of Autonomic Computing • Simplified user experience through a more responsive, real-time system. • Cost-savings - scale to use. • Scaled power, storage and costs that optimize usage across both hardware and software. • Access to multiple file types. • Open standards will allow users to pull data from all potential sources by re-formatting on the fly. • Stability. High availability. High security system CS 843 Term Paper
Future Interest of Autonomic computing • Future space missions will include long-range rovers in uncertain environments • Autonomic systems are implemented in spacecraft to detect terrestrial natural catastrophes. • Autonomic computing is implemented in large scale project infrastructure in IT industry. • Research is being done to include autonomic systems in machine level surgery in medical fields CS 843 Term Paper
Conclusion • ADF provides affordable, survivable Defense in Depth • Complements existing paradigms • Firewall keeps unauthorized outsiders out • Embedded Firewall controls where insiders go • Host and apps provide fine grained access control • OS and application transparent • Redundant, distributed management with fail-safe enforcement components CS 843 Term Paper
References 1. AUTONOMIC COMPUTING, IBM RESEARCH. http://www.research.ibm.com/autonomic/ 2. AUTONOMIA, AUTONOMIC COMPUTING ENVIRONMENT, - Salim Hariri, Lizhi Xue, Huoping Chen, Ming Zhang, Sathija Pavuluri, Soujanya Rao http://www.ece.arizona.edu/~hpdc/projects/AUTONOMIA/Autonomia.doc 3. SECURITY AT THE NETWORK EDGE : A DISTRIBUTED FIREWALL ARCHITECTURE - Tom Markham and Charlie Payne http://www.securecomputing.com/pdf/dist_firewall_arch.pdf 4. FIREWALL ARCHITECTURE - Nextep Broadband http://www.nextep.com.au/pdf/Firewall_Architecture.PDF 5. TUTORIAL ON MODEL BASED AUTONOMOUS SYSTEsssM, - Brian Williams and Pandu Nayak, https://postdoc.arc.nasa.gov/postdoc/t/folder/main.ehtml?url_id=34685 CS 843 Term Paper
CS 843 – Semester Project Questions ??? CS 843 Term Paper