61 research outputs found
The Shrink-Wrapped VPN Node
The wide availability of public domain IPsec implementations allows the creation of VPNs based on low-cost platforms. However, setting up a VPN node involves a lot of work such as the creation of IPsec Security Associations and associated tunnels, including the necessary management of keys. Moreover, routing and firewall facilities must be provided to ensure the isolation of the members of the VPN from the public Internet. In this paper we present a drop-in VPN node that is compact, low-cost and requires little administration or maintenance. We discuss the features and advantages of our system. Next, we demonstrate how this system was used for the creation of a VPN linking networks within the University campus with others located in outside locations (e.g. other companies, home networks etc.) Finally, we present our evaluation of the work performed and describe our future plans
Drop-in Security for Distributed and Portable Computing Elements
The widespread use of mobile computing and telecommuting has increased the need for effective protection of computing platforms. Traditional schemes that involve strengthening the security of individual systems, or the use of firewalls at network entry points have difficulty accommodating the special requirements of remote and mobile users. We propose the use of a special purpose drop-in firewall/VPN gateway called Sieve, that can be inserted between the mobile workstation and the network to provide individualized security services for that particular station. Sieve is meant to be used like an external modem: the user only needs to plug it in. Its existence is transparent to the user, requiring no modification to the workstation configuration. To function in this role, Sieve has been designed to be compact, low-cost, requiring little administration or maintenance. In this paper, we discuss the features and advantages of our system. We demonstrate how Sieve was used in various application areas (home, university environment, etc.) and describe our future plans
How to buy a network: Trading of resources in the physical layer
IEEE Communications Magazine, 44(12): pp. 94-102.Recently, a number of new research initiatives,
most notably UCLPv2 and GENI, have
promoted the dynamic partition of physical network
resources (infrastructure) as the means to
operate the network, and to implement new protocols
and services. This has led to a number of
open issues such as resource discovery, implementation
of resource partitioning, and the
aggregation of resources to create arbitrary network
topologies. To us, the key issue is the
design of a mechanism to trade, acquire, and
control network resources, given a choice of providers
of physical resources (infrastructure providers).
In this article we present an architecture
that allows physical resources to be traded, while
granting users controlled access to the acquired
resources via a policy enforcement mechanism.
In addition, it allows resource provider domains
to be linked via configurable, provider-neutral
resource exchange points that are the physical
resource equivalents of the pooling point, or
Internet Exchange Point (IXP). We demonstrate
how our trading system will operate by presenting
a use case in which a network topology is
constructed using resources from multiple providers,
be it Internet Service Providers (ISPs), or
National Research Experimental Network
(NREN) providers. The use case also shows how
a dynamic reconfiguration can be effected by the
customer though the use of simple access control
policies, without involving the provider
Implementation and Performance Evaluation of Embedded IPsec in Microkernel OS
The rapid development of the embedded systems
and the wide use of them in many sensitive fields require
safeguarding their communications. Internet Protocol Security
(IPsec) is widely used to solve network security problems by
providing confidentiality and integrity for the communications
in the network, but it introduces communication overhead.
This overhead becomes a critical factor with embedded
systems because of their low computing power and limited
resources. In this research, we studied the overhead of using
embedded IPsec in constrained resource systems, which run
microkernel operating system (OS), in terms of the network
latency and throughput. To conduct our experiment first, we
ran the test with an unmodified network stack, and then we
ran the same test with the modified network stack which
contains the IPsec implementation. Later, we compared the
results obtained from these two sets of experiments to examine
the overhead. Our research demonstrated that the overhead
imposed by IPsec protocols is small and well within the
capabilities of even low cost microcontrollers such as the one
used in the Raspberry Pi computer
Countering Code Injection Attacks With Instruction Set Randomization
We describe a new, general approach for safeguarding systems against any type of code-injection attack. We apply Kerckhoff's principle, by creating process-specific randomized instruction sets (e.g., machine instructions) of the system executing potentially vulnerable software. An attacker who does not know the key to the randomization algorithm will inject code that is invalid for that randomized processor, causing a runtime exception. To determine the difficulty of integrating support for the proposed mechanism in the operating system, we modified the Linux kernel, the GNU binutils tools, and the bochs-x86 emulator. Although the performance penalty is significant, our prototype demonstrates the feasibility of the approach, and should be directly usable on a suitable-modified processor (e.g., the Transmeta Crusoe).Our approach is equally applicable against code-injecting attacks in scripting and interpreted languages, e.g., web-based SQL injection. We demonstrate this by modifying the Perl interpreter to permit randomized script execution. The performance penalty in this case is minimal. Where our proposed approach is feasible (i.e., in an emulated environment, in the presence of programmable or specialized hardware, or in interpreted languages), it can serve as a low-overhead protection mechanism, and can easily complement other mechanisms
Recommended from our members
A Market-based Bandwidth Charging Framework
The increasing demand for high-bandwidth applications such as video-on-demand and grid computing is reviving interest in bandwidth reservation schemes. Earlier attempts did not catch on for a number of reasons, notably lack of interest on the part of the bandwidth providers. This, in turn, was partially caused by the lack of an efficient way of charging for bandwidth. Thus, the viability of bandwidth reservation depends on the existence of an efficient market where bandwidth-related transactions can take place. For this market to be effective, it must be efficient for both the provider (seller) and the user (buyer) of the bandwidth. This implies that: (a) the buyer must have a wide choice of providers that operate in a competitive environment, (b) the seller must be assured that a QoS transaction will be paid by the customer, and (c) the QoS transaction establishment must have low overheads so that it may be used by individual customers without a significant burden to the provider. In order to satisfy these requirements, we propose a framework that allows customers to purchase bandwidth using an open market where providers advertise links and capacities and customers bid for these services. The model is close to that of a commodities market that offers both advance bookings (futures) and a spot market. We explore the mechanisms that can support such a model
Secure APIs For Applications In Microkernel-Based Systems
The Internet evolved from a collection of computers to today’s agglomeration of all sort of devices (e.g.
printers, phones, coffee makers, cameras and so on) a large part of which contain security vulnerabilities. The
current wide scale attacks are, in most cases, simple replays of the original Morris Worm of the mid-80s.
The effects of these attacks are equally devastating because they affect huge numbers of connected devices.
The reason for this lack of progress is that software developers will keep writing vulnerable software due to
problems associated with the way software is designed and implemented and market realities. So in order to
contain the problem we need effective control of network communications and more specifically, we need to
vet all network connections made by an application on the premise that if we can prevent an attacker from
reaching his victim, the attack cannot take place. This paper presents a comprehensive network security
framework, including a well-defined applications programming interface (API) that allows fine-grained and
flexible control of network connections. In this way, we can finally instantiate the principles of dynamic
network control and protect vulnerable applications from network attacks
Dealing with System Monocultures
Software systems often share common vulnerabilities that allow a single attack to compromise large numbers of machines (write once, exploit everywhere). Borrowing from biology, several researchers have proposed the introduction of artificial diversity in systems as a means for countering this phenomenon. The introduced differences affect the way code is constructed or executed, but retain the functionality of the original system. In this way, systems that exhibit the same functionality have unique characteristics that protect them from common mode attacks. Over the years, several such have been proposed. We examine some of the most significant techniques and draw conclusions on how they can be used to harden systems against attacks
- …