Download An Adaptable Multi Level Security Manager for a Distributed Database System PowerPoint Presentation

Login   OR  Register

Share on Social Media


Home / General & Others / General & Others Presentations / An Adaptable Multi Level Security Manager for a Distributed Database System PowerPoint Presentation

An Adaptable Multi Level Security Manager for a Distributed Database System PowerPoint Presentation

worldwideweb By : worldwideweb

On : Jun 04, 2015

In : General & Others

Embed :

Login / Signup - with account for

  • → Make favorite
  • → Flag as inappropriate
  • → Download Presentation
  • → Share Presentation
  • Slide 1 - An Adaptable Security Manager for Real-Time Transactions Sang H. Son and Robert Zimmerman Dept of Computer Science University of Virginia Jorgen Hansson Dept of Computer and Information Science Linkoping University Sweden
  • Slide 2 - Overview Motivation & Introduction Research Issues for Info Assurance Flexible Security Manager Design Evaluation Conclusions & Future Work
  • Slide 3 - Trends Increasing number of systems operate in unpredictable (even hostile) environments task set, resource requirements (e.g., wcet) ... High assurance required for performance-critical applications System properties for high assurance real-time (timeliness, temporal consistency ..) security (confidentiality, authentication ..) fault-tolerance (availability, reliability ..) Each property has been studied in isolation
  • Slide 4 - Motivation BeeHive: distributed OODB supporting RT, FT, security, and QoS Need for resource tradeoffs in database services Adaptable security paradigm fits well with the concept of multiple service levels of BeeHive Short term relaxation of security could be preferable to missed critical deadlines aircraft attack warning during burst of battlefield updates loss of production time for missed agile manufacturing command
  • Slide 5 - Real-Time Database System Characteristics transactions with timing constraints data with validity interval Requirements timeliness (min deadline miss ratio) temporal consistency (proximity with real world) predictability Issues scheduling (best-effort vs guarantee) correctness (ACID properties and appl semantics) embedded and mobile data support
  • Slide 6 - Database Security Security services to safeguard sensitive information encryption, authentication, intruder detection ... Multilevel security (MLS) objects are assigned with security classification subjects access objects with security clearance no flow of information from higher level to lower one Applications almost everywhere (becoming a buzzword) more flexibility necessary (from static, known environment to dynamic unknown environment)
  • Slide 7 - Security and Real-Time For timeliness, no priority inversion in real-time applications - tasks with earlier deadline or higher criticality has higher priority for better service In traditional secure systems, no security violation is allowed (binary notion of security) Incompatible under the binary notion of absolute security priority inversion vs security violation Higher security level needs more resources
  • Slide 8 - Example of Problem Both require lock on the resource How to resolve this conflict? if lock is given to T1, security violation if lock is given to T2, priority inversion T1 - high priority - high security T2 - low priority - low security Access Access
  • Slide 9 - Research Issues Supporting multiple facets of information assurance: how to provide acceptable security services while remains available and provides timely performance for essential tasks
  • Slide 10 - Research Issues Flexible security vs absolute security paradigm for flexible assurance services identifying correct metrics for assurance level Adaptive system assurance policies Mechanisms to enforce required level of assurance access control, authentication, encryption, .. time-cognizant protocols, data deadlines, ... replication, primary-backup, ... Specification to express desired system behavior verification of consistency/completeness of specification
  • Slide 11 - Flexible Security Services Flexible vs absolute (binary) security traditional notion of security is binary: secure or not problem of binary notion of security: difficult to provide acceptable level of security to satisfy other conflicting requirements research issue: quantitative flexible security levels One naive approach may use % of potential/actual security violations problem: not precise --- percentage alone reveals nothing about implications on system security e.g., 1%violation may leak most sensitive data out
  • Slide 12 - System Features Four available security levels on users/objects or communications computation costs increase with level of security Client negotiated range of security levels for transaction communications Dynamic level changes as a function of real-time load
  • Slide 13 - Security Manager Services Multi-level authentication and confidentiality encryption Client authorization and session control Session key generation and management Transaction management Dynamic security level control for transaction communications and synchronization
  • Slide 14 - Algorithm Selection Method Rationale Authentication level 3 MD5 + RSA digital signature level 2 MD5 + RC5 fast word oriented level 1 QuickAuth simple single round Confidentiality level 3 IDEA strong mathematical basis level 2 RC5 fast word oriented level 1 QuickCipher simple single round
  • Slide 15 - Security Manager Environment session & transaction requests Security Manager Client Table Session Table Beehive TransData transaction results thread n thread n-1 Scheduler Mapper/ Admission Control transaction object & session data client security level & key session keys & status transaction handoff object read & write
  • Slide 16 - clientID authorizedGroup(s) SecurityLevel publicKey|modulus cid8333 grp0321 3 1dcd6503 | 0bb8fc24fd29 cid5489 grp1229,grp1230 2 53e67fb2 . . . Client Table clientID/ Session links level/authorized groups Session Request Process clientID nonce1 nonce2 sessionKeys signature confirmation clientID reqType reqTime lowLevel nonce1 MAC session request Session keys, endTime encrypted with stored client key encrypted with Security Manager public key
  • Slide 17 - Client Authentication session request digest hash function encryption MAC encryption (message privacy) secure message w/ authentication Client creates message: Security Manager re-calculates MAC and compares with client’s MAC
  • Slide 18 - Security Manager Authentication response to session request digest hash function encryption MAC encryption (message privacy) secure message w/ authentication MD5 MD5 RXOR RSA (client) RC5 Key RXOR RSA (client) RC5 QuickCipher Level 3: Level 2: Level 1: algorithm Security Manager creates message: Client re-calculates MAC and compares with Security Manager’s MAC
  • Slide 19 - Session Keys Derived from pseudo-random number at session initialization One for each allowable client level Held in KeySet object by Session object Destroyed when session endtime is reached
  • Slide 20 - Transaction Request Process Evaluates transaction requests encrypted at active session level Verifies presence of active client session Ensures resource availability through BeeHive Admission Controller (to be implemented) Dynamically switches session security levels as required by simulated scheduler (BeeHive scheduler to be implemented)
  • Slide 21 - Security Level Synchronization Sec Mgr events Client X events Client X level Sn Sec Mgr level 3 2 1 0 Sn Sn+1 Rn prepare for 2 step switch Sn+2 Rn+1 prepare to switch last message accounted for Rn+2 Sn+2 switch received acknowledgment time t1 t2 t3 t4 t5 3 2 1 0
  • Slide 22 - Authentication Timing Measurements Security Manager processes: Decrypt message Authenticate client (m2) Initiate session Pack Response Create Security Manager MAC (m3) Encrypt response Transmit response end-to-end (m1)
  • Slide 23 - Transaction Timing Measurements
  • Slide 24 - Algorithm Timing (msec) level 3 level 2 level 1 level 0 Authentication (m1) end-to-end 2,014.00 698.00 509.00 30.00 (m2) decryption 180.77 1.56 0.75 0.42 (m3) encryption 179.79 0.97 0.58 0.42 Confidentiality (w/ 128 bye message) (m4) end-to-end 48.00 41.08 39.92 39.86 (m5) decryption 3.47 1.37 0.64 0.25 (m6) encryption 3.35 1.19 0.49 0.32 Confidentiality (w/ 8K bye message) (m4) end-to-end 182.56 103.20 62.19 45.64 (m5) decryption 67.86 29.30 9.32 0.25 (m6) encryption 67.53 29.18 8.60 0.31
  • Slide 25 - Security Manager Test Setup bhSecInServer bhSecOutServer bhSecurity securityClient generate client(s) transaction requests Decrypt & check for level switch decrypt & create transaction decrypt data, get object, do transaction, pack/encrypt/ send message ts start transaction client message stream in poll for message BeeHive DB store/ retrieve objects poll for message responses out tq
  • Slide 26 - Impact of Difference in Message Size
  • Slide 27 - Adaptive vs. Non-Adaptive
  • Slide 28 - Level Switching (100% adaptive client) 3 2 1 0 L E V E L % MADE LEVEL
  • Slide 29 - Expanded View a - time from resource drop to detection = approx 10 transactions b - time from detection to full recovery = approx 50 transactions
  • Slide 30 - Improved Switch Thresholds
  • Slide 31 - Conclusions Good performance gains achievable in soft real-time system during overload conditions Reasonable performance with small message sizes with I/O overhead Experiments with a real system necessary to confirm results
  • Slide 32 - Future Work Incorporate adaptive authentication Integrate objects into BeeHive Further quantify security manager performance Identify other areas for tradeoffs Develop rules for security tradeoffs Investigate other security services that fit the adaptive paradigm (security QoS)

Description : Download An Adaptable Multi Level Security Manager for a Distributed Database System PowerPoint Presentation Slides

Tags : An Adaptable Multi Level Security Manager for a Distributed Database System