JayEvan J' Tevis John A' Hamilton, Jr' - PowerPoint PPT Presentation

1 / 35
About This Presentation
Title:

JayEvan J' Tevis John A' Hamilton, Jr'

Description:

Colonel John Warden developed a five-ring system model for military strategic warfare ... A computer security adaptation using Warden's concentric rings ... – PowerPoint PPT presentation

Number of Views:117
Avg rating:3.0/5.0
Slides: 36
Provided by: JayT4
Category:

less

Transcript and Presenter's Notes

Title: JayEvan J' Tevis John A' Hamilton, Jr'


1
A Security-centric Ring-based Software
Architecture
  • Jay-Evan J. Tevis John A.
    Hamilton, Jr.
  • Western Illinois University
    Auburn University
  • Macomb, IL
    Auburn, AL

2
Introduction
  • Software systems are vulnerable to many different
    forms of attack
  • Protection of such systems can be improved by
    viewing their key components from the perspective
    of an enemy attacker

3
Introduction (continued)
  • Colonel John Warden developed a five-ring system
    model for military strategic warfare
  • It describes the parts of an enemy system as five
    concentric rings
  • It is designed for use in planning and conducting
    strategic targeting against an adversary

4
Introduction (continued)
  • We apply this model to software architecture in a
    similar manner to identify
  • What system-level components are essential
  • How these components can be better protected
    through a security-focused architectural design

5
Overview
Overview
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • Security-centric software architectures
  • Design of a ring-based software architecture
  • A computer security adaptation using Wardens
    concentric rings
  • Adapting Wardens model to computer security
  • Protecting centers of gravity in a software
    system
  • Conclusion and future plans

6
Security-centric Software Architectures
7
Critical Concepts in the Security Domain Neumann
Security-centric Software Architectures
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • Multi-level security
  • Restrict flow of information from higher-security
    entities to lower-security entities
  • Multi-level integrity
  • Restrict dependencies between entities of higher
    integrity with entities of lower integrity
  • Multi-level availability
  • Restrict dependencies between entities of higher
    availability with entities of lower availability

8
Multiple Security Rings Gemini
Security-centric Software Architectures
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • High assurance security
  • Hardware and kernel-enforced protection
  • Multi-level security
  • Enforcement of organizational access controls
  • Cryptographic communication security
  • IPSec-based authentication, confidentiality, and
    integrity
  • Integrated information systems security
  • Protection at transport and network layers

9
Seven Ring Gemguard Architecture Gemini
Security-centric Software Architectures
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
10
Properties of Ring-based Software Architectures
Schell
Security-centric Software Architectures
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • Memory segmentation
  • Three protection rings
  • Security kernel
  • Located in the most protected ring
  • Enforces mandatory access controls
  • Operating system
  • Applications
  • Although applied in research, such ring-based
    architectures are not widely deployed in industry

11
Ring-based Program Execution Policy Nguyen and
Levin
Security-centric Software Architectures
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • Mandatory access control (All users including
    root)
  • Four ring-based execution domains
  • (3) Unprivileged application
  • (2) Privileged application
  • (1) Administration
  • (0) Operating System
  • Programs assigned to a less privileged ring are
    unable to execute or access objects allocated in
    a more privileged ring

12
Design of a Ring-based Software Architecture
13
Ring-based Architectural Style
Design of a Ring-based Software Architecture
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
14
Ring-based Architectural Style
Design of a Ring-based Software Architecture
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • A variation of the layered architectural style
  • Innermost ring is the lowest layer outermost
    ring is the highest layer
  • Geometric adjacency of two rings denotes an
    allowed to use relation
  • Each entity in a specific ring can communicate
    with another entity

15
Ring-based Architectural Style (continued)
Design of a Ring-based Software Architecture
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • Entities within a ring have no inherent
    adjacency consequently, they are an unordered
    set
  • This tends towards more of a distributed
    environment
  • Any entity in an inner ring is accessible only by
    an entity in the closest outer ring
  • To access an inner ring, an entity in the
    adjacent outer ring must be used as the mediator
    or interface

16
Features of Rings as Interfaces
Design of a Ring-based Software Architecture
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • Confidentiality (privacy)
  • Authentication (who created or sent the data)
  • Integrity (Data has not been altered)
  • Non-repudiation (the order is final)
  • Access control (prevent misuse of resources)
  • Availability (Permanence or non-erasure of data)

17
Features of Rings as Gates Fernandez
Design of a Ring-based Software Architecture
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • A set of protection rings correspond to domains
    of execution with hierarchical levels of trust
  • Gates serve as protected entry points
  • Crossing of a ring is done through gates that
    check the access rights of a process

18
Design Patterns for a Ring-based Software
Architecture Fernandez
Design of a Ring-based Software Architecture
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • File authorization
  • Access control for virtual address space
  • Execution domain
  • Reference monitor
  • Controlled execution environment

19
A Computer Security Adaptation using Wardens
Concentric Rings
20
Wardens Five-Ring Model Warden
A Computer Security Adaptation using Wardens
Concentric Rings
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
21
Five-Ring Model Applied to Other Domains Warden
A Computer Security Adaptation using Wardens
Concentric Rings
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
 
22
Computer Security Adaptation of Wardens Model
A Computer Security Adaptation using Wardens
Concentric Rings
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
Physical security measures
Packets, bytes
Memory, bus, data cables
Input data, electrical power
Executable code, sensors
23
Computer Security Rings
A Computer Security Adaptation using Wardens
Concentric Rings
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • (0) Executable code and I/O sensors
  • (1) Input/Output data and electrical power
  • (2) Memory, system bus, data cables, converters
  • (3) Packets, bytes
  • (4) Physical security measures called upon by any
    of the inner rings to deal with an attack or an
    intrusion

Note Each ring is also a system within itself
requiring protection
24
Protecting Centers of Gravity in a Software System
25
Centers of Gravity
Protecting Centers of Gravity in a Software System
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • Centers of gravity are the components that are
    instrumental to a systems function and survival
  • The five rings in his model constitute five
    centers of gravity
  • Each ring is a possible target requiring
    protection
  • Without the functioning inner rings, an outer
    ring becomes a useless appendage
  • Software engineers should ensure that the
    security protection in each ring cannot be easily
    defeated

26
Leadership Ring
Protecting Centers of Gravity in a Software System
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • Failure of any critical components in the
    leadership ring leads to failure of the complete
    system
  • Critical components must be identified and given
    the highest level of protection
  • No vulnerability should exist that would allow
    changes to the program executable code without
    approval of the leadership ring
  • Only the leadership ring should be able to
    disable system sensors
  • With the innermost ring protected, each remaining
    ring must also be protected to avoid the threat
    of strategic paralysis

27
Organic Essentials Ring
Protecting Centers of Gravity in a Software System
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • The organic essentials ring must be protected
    through redundancy (battery backup, alternate
    communication paths)
  • Protection must also occur from excessive battery
    drain or signal jamming
  • Reduce battery usage, switch frequencies, shut
    down system

28
Infrastructure Ring
Protecting Centers of Gravity in a Software System
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • The infrastructure ring must also be protected
    through redundancy (second system bus, additional
    communication cabling)
  • Backup components are needed for each of the
    major production/transformation components of the
    software system
  • Shared memory, pipes, system bus
  • The protection facilities must detect and
    minimize a denial of service attack and delete
    low priority or data-jamming traffic in order to
    thwart such an attack

29
Population Ring
Protecting Centers of Gravity in a Software System
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • The population ring is less vulnerable to attack
    because of the large quantity of data
    containers that a system can produce
  • The major threat is exhaustion of memory due to
    dynamic memory allocation
  • Another threat is corruption or destruction of
    the contents of the data when in transit
  • Protection approaches include error-detection
    mechanisms and sliding window protocols

30
Fighting Mechanism Ring
Protecting Centers of Gravity in a Software System
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • The fighting mechanism ring is not as vital if
    each of the inner rings has been equipped with
    security protection mechanisms
  • Nevertheless, centralizing the attacking role in
    this ring supports the software engineering
    principle of cohesion
  • Protection includes not only attacking via
    counter measures, but also the sending of
    warnings and distress signals
  • When designing security measures, the detection
    and handling of threats should always assume a
    parallel attack
  • More than one component in the same rings or in
    different rings may be attacked simultaneously
  • System security should not be centered on a
    single thread of protection in the outermost ring

31
Conclusion and Future Plans
32
Conclusion
Conclusion and Future Plans
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • The importance of computer system security
    demands better security-centric software
    architectures
  • Wardens five-ring model provides a way to
    portray a computer system as viewed by an enemy
    attacker
  • This modeling technique identifies the components
    of each ring and the centers of gravity needing
    the most protection
  • It also points out the need for layered defenses
    against computer security threats

33
Related Work
Conclusion and Future Plans
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • Damage to the center ring of a software system
    will result in substantial reduction in the
    computers ability to handle and process
    information Kopp
  • The most serious problem in a software system is
    one of mismatch between the security framework of
    the legacy system and the target systems
    standard protocol Devanbu and Stubblebine
  • The security architecture can also be viewed as a
    pyramid Schaumont and Verbauwhede
  • (From top) Circuit, micro-architecture,
    architecture, algorithm, and protocol
  • Fine-grain controls can be used at the level of
    individual data objects Ioannidis, Bellovin,
    Smith
  • All data objects are tagged with an identifier
    upon arrival from remote sources
  • The object identifier dictates permissions and
    privileges rather than the file owners users ID
    and permissions as in UNIX

34
Future Plans
Conclusion and Future Plans
Security-centric Software Architectures Design of
a Ring-based Software Architecture A Computer
Security Adaptation using Wardens Concentric
Rings Protecting Centers of Gravity in a Software
System Conclusion and Future Plans
  • Compare and contrast the ring-based architecture
    to the monolithic architecture used by Linux
  • Implement a prototype operating system that
    utilizes the security-centric ring-based approach

35
A Security-centric Ring-based Software
Architecture
  • Any Questions?
Write a Comment
User Comments (0)
About PowerShow.com