Security - Telenor

More documents

Recommendations

Info

46 Assume some agent a carries with it a set of objects D, which is to be distributed to other systems via agent platforms. Each of the objects D has a usage policy A[⋅,D] that is to be enforced irrespective of which domain they exist in. A[⋅,D] is interpreted as: the rights for an arbitrary subject to objects in D. The platform can control the agent’s action by inserting execution monitoring into the agent. This enables the platform a fairly general and detailed control of the agent’s actions. The interesting thing is that embedded agents may come into their own here. Many data types are constructed such that they effectively depend on embedded agents to be displayed and/or used correctly. This means that the platform must use the data by executing the agent. The agent effectively provides a service to the platform. Thus it is possible to implement a certain control of usage by constructing an agent with execution monitoring. This time however, the agent monitors the platform’s requests, and terminates if the platform attempts a series of requests that violate the data’s security policy. There are two problems with this approach: 1. it requires some method of enforcing agent execution integrity; 2. it probably requires the data to be encrypted, and thus the agent to be capable of encrypting and/or decrypting data using encrypted code. 9 Conclusion This article has outlined some of the major challenges in making agents viable as a computing paradigm in contexts where a high level of security is necessary. Among the main challenges facing constructors of secure mobile agent systems are: 1. enabling the secure generation of strong cryptographic functions by mobile agents; 2. ensuring sufficient fault-tolerance; 3. enforcing agent policies; and 4. handling policy interactions. Work on these issues has started in earnest only recently. It may be a while before one can conclusively state whether or not mobile agents will be sufficiently securable for applications in, for example, electronic commerce. References 1 Anderson, R, Needham, R. Programming Satan’s computer. In: Computer Science Today : Trends & Developments. van Leeuwen, J (ed.). Lecture Notes in Computer Science, vol. 1000. Berlin, Springer, 1995. 2 Chess, D M. Security issues in mobile code systems. In: Mobile Agents and Security. Vigna, G (ed.). Lecture Notes in Computer Science, vol. 1419. Berlin, Springer, 1998. 3 Cohen, F. Computer Viruses. PhD thesis. University of Southern California (USC), 1985. 4 Denning, D. Cryptography and Data Security. Reading, Mass., Addison-Wesley, 1982. 5 Farmer, W M, Guttman, J D, Swarup, V. Security for mobile agents : Authentication and state appraisal. In: Proceedings of the European Symposium on Research in Computer SEcurity (ESORICS), number 1146 in LNCS, 118–130. Berlin, Springer, 1996. 6 Johansen, D et al. Nap : Practical fault-tolerance for itinerant computations. In: Proceedings of the 19th IEEE International Conference on Distributed Computing Systems (ICDCS ’99). Gouda, M G (ed.). 180–189, 1999. 7 Sander, T, Tschudin, C F. Protecting mobile agents against malicious hosts. In: Mobile Agents and Security, LNCS State-of-the-Art Survey. Vigna, G (ed.). Berlin, Springer, 1998. 8 Schneider, F B. Enforceable security policies. Cornell University, Ithaca, New York 14853, Dept. of Computer Science, 1998. (Technical report.) (Revision of July 24, 1999.) 9 Vigna, G. Cryptographic traces for mobile agents. In: Mobile Agents and Security. Vigna, G (ed.). Lecture Notes in Computer Science, vol. 1419. Springer, 1998. Telektronikk 3.2000
Habtamu Abie (42) is Research Scientist at the Norwegian Computing Centre. He has previously worked as Senior Engineer and Research Scientist at Telenor R&D (1997– 1999) and as Scientific Associate and Scientific Fellow at CERN in Geneva, Switzerland (1989–1993). From 1994 to 1997 he also held a research position at ABB Corporate Research and worked as a Software Development Engineer at Nera AS and Alcatel Telecom Norway AS. He received his Engineering Diploma in Electrical Data Processing from Gjøvik Engineering College (1983), and his B.Sc. (1985) and M.Sc. degrees (1988) in Computer Science from the University of Oslo. He is also working towards his Ph.D. in Computer Science at the Department of Informatics, University of Oslo and UNIK. His past and present research interests encompass security for distributed systems, distributed object computing, architecture and methodology, formal methods and tools, data acquisition and control systems, hard realtime systems, and mobile and personal computing. habtamu.abie@nr.no Telektronikk 3.2000 An Overview of Firewall Technologies *) HABTAMU ABIE The increasing complexity of networks, and the need to make them more open due to the growing emphasis on and attractiveness of the Internet as a medium for business transactions, mean that networks are becoming more and more exposed to attacks, both from without and from within. The search is on for mechanisms and techniques for the protection of internal networks from such attacks. One of the protective mechanisms under serious consideration is the firewall. A firewall protects a network by guarding the points of entry to it. Firewalls are becoming more sophisticated by the day, and new features are constantly being added, so that, in spite of the criticisms made of them and developmental trends threatening them, they are still a powerful protective mechanism. This article provides an overview of firewall technologies. 1 Introduction Today’s networks change and develop on a regular basis to adapt to new business situations, such as reorganisations, acquisitions, outsourcing, mergers, joint ventures, and strategic partnerships, and the increasing degree to which internal networks are connected to the Internet. The increased complexity and openness of the network thus caused makes the question of security more complicated than hitherto, and necessitates the development of sophisticated security technologies at the interface between networks of different security domains, such as between Intranet and Internet or Extranet. The best way of ensuring interface security is the use of a firewall. A Firewall is a computer, router or other communication device that filters access to the protected network [16]. Cheswick and Bellovin [6] define a firewall as a collection of components or a system that is placed between two networks and possesses the following properties: Inside Filter Demilitarized Zone (DMZ) Internal & External Gateway Systems Figure 1 Firewall schematics • All traffic from inside to outside, and vice versa, must pass through it. • Only authorised traffic, as defined by the local security policy, is allowed to pass through it. • The firewall itself is immune to penetration. Such traditional network firewalls prevent unauthorised access and attacks by protecting the points of entry into the network. As Figure 1 shows, a firewall may consist of a variety of components including host (called bastion host), router filters (or screens), and services. A gateway is a machine or set of machines that provides relay services complementing the filters. Another term illustrated in the figure is “demilitarized zone or DMZ” [6]. This is an area or subnetwork between the inside and outside networks that is partially protected. One or more gateway machines may be located in the DMZ. Exemplifying a traditional security concept, defence-in-depth, the outside filter protects the Filter *) The work was carried out while the author was a Research Scientist at Telenor R&D. Outside 47
Page 2 and 3: Telektronikk Volume 96 No. 3 - 2000
Page 4 and 5: Øyvind Eilertsen (34) is Research
Page 6 and 7: 4 E(P) = a ⋅ P + b (mod 26) D(C)
Page 8 and 9: 6 In 1997, NIST initiated the proce
Page 10 and 11: 8 decrypt the signed hash value, re
Page 12 and 13: Lars R. Knudsen (38) is Professor a
Page 14 and 15: Table 1 Timetable for AES Table 2 T
Page 16 and 17: 14 K m i Stream cipher algorithm Fi
Page 18 and 19: 16 6 Use of Encryption in Telecommu
Page 20 and 21: 18 mode, integrity mode, key divers
Page 22 and 23: 20 7 Beaver, D. Computing with DNA.
Page 24 and 25: 22 In both cases, my trust depends
Page 26 and 27: 24 A number of standard PC applicat
Page 28 and 29: Henning Wright Hansen (28) is Resea
Page 30 and 31: 28 Securing Locally Stored Informat
Page 32 and 33: Figure 3 A simple Public Key Infras
Page 34 and 35: 32 The Policy Control Center An imp
Page 36 and 37: Tønnes Brekne (31) is on leave fro
Page 38 and 39: 36 Sets definable by such predicate
Page 40 and 41: 38 A failure is caused by some type
Page 42 and 43: Figure 1 This figure illustrates th
Page 44 and 45: 42 ating system(s) and/or platform
Page 46 and 47: Message Sender Recipient Message pa
Page 50 and 51: 48 gateway from attack, while the i
Page 52 and 53: 50 transfer at the expense of secur
Page 54 and 55: 52 7 FORE Systems. Firewall Switchi
Page 56 and 57: Figure 2-1 Object invocations throu
Page 58 and 59: Figure 4-1 3 Levels of different fi
Page 60 and 61: 58 phase two, in which the client r
Page 62 and 63: 60 5 CORBA Firewall Traversal 5.1 F
Page 64 and 65: 62 7.2 Visibroker Gatekeeper of Inp
Page 66 and 67: 64 References 1 Abie, H. An Overvie
Page 68 and 69: Cost Figure 1 Minimising total cost
Page 70 and 71: 68 In the coming years it is likely
Page 72 and 73: 70 financial, social, environmental
Page 74 and 75: Consequence 72 Insignificant Substa
Page 76 and 77: 74 in a one week time-frame, using

Security - Telenor

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?