1 / 12

SECURITY, QoS, and (File) Content Differentiation

SECURITY, QoS, and (File) Content Differentiation. -Sujeeth Narayan -Ankur Patwa -Francisco Torres. Introduction. A new policy based document sharing application Differentiation of document sections according to intended user roles. Secure transfer of information with QoS

tayte
Download Presentation

SECURITY, QoS, and (File) Content Differentiation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SECURITY, QoS, and (File) Content Differentiation -Sujeeth Narayan -Ankur Patwa -Francisco Torres

  2. Introduction • A new policy based document sharing application • Differentiation of document sections according to intended user roles. • Secure transfer of information with QoS • Alert on receiving information based on document priority labeling

  3. What would be used? • LDAP – for authentication and credentials • Bandwidth reservation + GRE Tunnels – for file transfer • PasTMon tool + Tunneling for inter-network exchange • RSVP + Tunneling for intra-network exchange • XML Parser – for parsing a document to be sent • Different modes of sending a new message alert • Voice message • Email • SMS

  4. Overview

  5. Components • Cluster of Servers • LDAP Authentication • XML Parsing Service • Notification Service • File Transfer service • Cluster of File Systems • Document distribution • Client side tool • Proposed Tool

  6. Proposed Tool • Allow user to classify the information • Insert xml tags differentiating between classified information • Encrypt the document and send it to xml parser

  7. Scenario 1 • Login to LDAP • Download user Credentials • Sets the user priority value • Routing decision based on priority • Intranet Routing with RSVP/GRE Tunnel if needed • Internet Routing with decisions based on QoS measured. 3 2 1 3 3 2 1

  8. Scenario 2 An User logs into the system, and then sends a document If Receiver is on-line, document is delivered; otherwise, a notice will be sent to him IF document has been labeled as URGENT Encrypted document Based on list of receivers, XML sends their copies to receivers’X500 XML Parser decrypts document using Public Key and makes copies of it Choose best option between DMZ and User’s X500 Encrypted document Encrypted document User’s Private Key

  9. Scenario 3 An User logs into the system, and a document is waiting for him X500 verifies the existence of the document, and sends it back to DMZ • User logs in: • Normal Session • As result of a notice • sent by the system DMZ where user got authenticated, checks with user’s X500 for a potential document for him Document delivered to user

  10. Conclusion • Future work • Research of QoS implementation in this project • Bell-Lapadula Model (write-down/read-up)? • Images, Sound, Videoconferences? How to differentiate these on such a scenario?

  11. Conclusion • References • Protection: http://www.research.microsoft.com/~lampson/09-protection/Acrobat.pdf • Identity Systems: http://books.nap.edu/html/id_questions/ • Trusted Computer System Evaluation Criteria: http://www.boran.com/security/tcsec.html • Security of the Internet: http://www.cert.org/encyc_article/tocencyc.html • Int. to Computer Security: http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf • Designing an Authentication System: http://web.mit.edu/kerberos/www/dialogue.html • Home Network Security: http://www.cert.org/tech_tips/home_networks.html • Open Shortest Path First (OSPF): http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/ospf.htm • How routing algorithms work: http://computer.howstuffworks.com/routing-algorithm3.htm • Wired-Wireless Network Architectures: http://www.symbol.com/category.php?fileName=WP-32_network_architectures.xml • pasTmon Tool : www.pastmon.sourceforge.net • RSVP: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/rsvp.htm • GRE with RSVP: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00801982ae.shtml • Open LDAP: http://www.openldap.org/ • X 500: http://www.terena.nl/library/gnrt/specialist/x500.html

  12. Questions??

More Related