Post on 31-Dec-2015
description
Emerging NCSA Security R&D
NSF CyberSecurity SummitSeptember 28th, 2004
Von Welchvwelch@ncsa.uiuc.edu
Sep 27, 2004 2NCSA Emerging Security R&D
About this presentation• Overview of a number of technologies
being developed by a number of groups at NCSA
• Seeking to find consumers, foster communication and collaboration
• Purpose is to give quick overview of each project to spur interest
• Please contact myself or project lead/PI listed for a given project for more information
Sep 27, 2004 3NCSA Emerging Security R&D
• National Center for Advanced Secure Systems Research
• ONR-funded multi-organization security R&D center led by NCSA
• Partners include University of Illinois at Urbana-Champaign, Battelle Pacific Northwest Division, InfoAssure Inc., the University of Tennessee, and the Naval Postgraduate School
• http://www.ncassr.org
Sep 27, 2004 4NCSA Emerging Security R&D
Security R&D Projects
• ONR-funded Technology Research Education Commercialization Center
• http://www.trecc.org
• NSF Middleware Initiative
• http://www.nsf-middleware.org/
Sep 27, 2004 5NCSA Emerging Security R&D
MAIDS: Mining Alarming Incidents in Data Streams
Datamining applied to streams
MAIDS is aimed to:• Discover changes, trends and
evolution characteristics in data streams
• Construct clusters and classification models from data streams
• Explore frequent patterns and similarities among data streams
MAIDS is being applied to NCSA’s network flow data in order to be trained to automatically detect incidents
Contact: Michael Welge welge@ncsa.uiuc.edu
Sep 27, 2004 6NCSA Emerging Security R&D
SIFT• Security Incident Fusion Tool
(SIFT)• Framework and tools for
combination of flow and log data from multiple sources and coherent visualization
• Software available from: http://www.ncassr.org/projects/sift/
• Contact: Bill Yurcik (yurcik@ncsa.uiuc.edu)
Sep 27, 2004 7NCSA Emerging Security R&D
SELS: A Secure Email List ServiceContact: Himanshu Khurana hkhurana@ncsa.uiuc.edu
• Mail List Security– Confidentiality: Solution using proxy encryption techniques
whereby the plaintext is not exposed at list server; instead, list server simply transforms encrypted messages
– Integrity and authentication: Solution using digital signatures where certificate validation is provided by list server
– Anti-spamming: Solution using digital signatures and HMACs where list server discards any message not sent by a valid subscriber
• Prototype (Java)– Email client plugins for JavaMail and Eudora currently being
developed– Evaluating available list server software for plugin development
Himanshu Khurana
Sep 27, 2004 8NCSA Emerging Security R&D
MyProxy: Grid Credential Management
• Stores Grid X.509 credentials
• Retrieval through SASL/PAM allows for authentication via OTP, password, Kerberos
• Allows bridging between authentication domains
• Contact: Jim Basney (jbasney@ncsa.uiuc.edu)
MyProxy
OTP, Krb5,Password
X.509 GridCredential
Sep 27, 2004 9NCSA Emerging Security R&D
Grid-Shib: Grid-Shibboleth Integration
• Integration of Internet2’s Shibboleth with Globus Toolkit
• Funded by NSF NMI program• Allow for use of Shibboleth-served attributes in
Grid authorization– Allow leveraging of Shibboleth software and
deployments to support Grids– Utilizing Web Services security standards (SAML)
• Contact: Von Welch (vwelch@ncsa.uiuc.edu)
Sep 27, 2004 10NCSA Emerging Security R&D
Other activities• Software-defined radio policy
enforcement– Von Welch (vwelch@ncsa.uiuc.edu)
• Security Middleware for sensors– Himanshu Khurana
(hkurana@ncsa.uiuc.edu)
• Secure Grid Laboratory– Testbed for deployment and testing– Randy Butler (rbutler@ncsa.uiuc.edu)
Sep 27, 2004 11NCSA Emerging Security R&D
For more information• http://www.ncassr.org
• Or contact me for routing– vwelch@ncsa.uiuc.edu