internet security and cluster technologies for reliable e ... · internet security and cluster...

September 7, 2000 K. Hwang at USC 1

Kai HwangInternet and Cluster Computing Laboratory

University of Southern California

Internet Security and ClusterTechnologies for Reliable

E-Commerce Services

Keynote Speech, SSGRR-2000L’Aquila, Italy, July 31, 2000


Internet-based Societyin the new millennium

g E-Business, E-Commerce

g Metacomputing Grid

g E-Education, E-Society

g E-Government, . . . . . By year 2001, the global theater ofE-commerce will reach US $13 trillion; 42% of which will be at B2B, 20% at B/C2G, and 38% at B2C levels.


Hot Issues in E-Commerce! Enabling technologies, web-servers, …

! Security, reliability, and data Recovery

! Databases and datamining techniques

! Fast communication protocols, etc.

! eCash, eCheque, eBank, eSociety, eGovernment, eEntertainment, eTravel, . . .

! Groupware, Middleware, and Infowares

! ISPs, ASPs, and Decision support systems

! . . . . . . . .


Underlying Technologiesfor E-Commerce Services

Core TechnologiesScalability Data Warehousing

RAS UNIX/Linux SecurityNetworking RDBMS

Open Standards

Enabling TechnologiesOLAP

HTML/XMLMessaging

Security

COM/DCOM/DNACORBA/IIOP

PerformanceMeasurement

KnowledgeManagement

Supply ChainManagement

Data Mining

Personalization

Advertising/Promotions

Billing/Payment Systems

Decision-Support TechnologiesRelationship management

(Source: Kalakota and Robinson, e-Business:Roadmap for Success, Addison-Wesley, 1999)


Threats on Internet

gConfidentiality - Eavesdropping

gIntegrity - Modification of data

or viruses

gAuthenticity - “Spoofing”

gAvailability - “SYN flooding”

or DOS Attacks


Securing E-commerce withintrusion control and automatic recovery from malicious attacks

Highly secure and reliableenterprise applications with

intrusion preventionand automatic recovery

from malicious hackersor unexpectedcrashes or threats

Frontendfirewall

securityarchitectureWeb sites

with nosecurityprotection

Incr

easi

ngre

liabi

lity

Single server SMP server Cluster of serversIncreasing scalability

No dataprotection

Faulttolerance


Collaborative security agentsworking collectively to counteract

hackers and intruders

Internet

Security Controllers



Security Controllers Security Controllers


Intranets

Intranets

Intranets

Intranets

Intranets

Intranets


10 Most Critical Internet Security Threats

due to software vulnerability on Web servers

g BIND ( Berkeley Internet Name Domain)g CGI (Common Gateway Interface)g RPC in rpc.ttdbserved (toolTalk), . .g RDS security hole in Microsoft IISg sadmind and mounted on Unix machinesg Sendmail buffer overflow, pipe attacks,g File sharing via NetBIOS and NT portsg User Ids as root/Adm with no passwordsg IMAP and POP buffer overflowg Default SNMP community string


E-Commerce SecurityComponent Technologies

! Client software enhancement

! Server software enhancement

! Middleware for clustering

! Network transport protocols

! Security & Assurance Policies


The Internet Security Testbedat the University of Southern California

Compaq

Server cluster atUSC Marshall

Business School

Server clusterat ICC Lab in

Engineering

KPMG

IBM Institutefor Advanced

Commerce

ITRI

Sun Microsystems

Haas Business Schoolat UC Berkeley

CISCO

The security testbed at three USC sites: Internet and Cluster Computing(ICC) Lab in Engineering School, E-commerce Lab at Marshall BusinessSchool, and Information Science Institute (ISI), connected to E-businessresearch sites in industry and academia. Web site: http://andy.usc.edu/trojan/.

Server clusterat ISI in

Marina Del Rey

Compaq

. ….


Major Research Tasks inSecuring E-Commerce Web Sites

Task 1: Security testbed construction andreliability enhancement with multi-severclustering and checkpointing RAIDs

Task 2: Developmentof multi-agent securitysoftware environment

Task 3: New policies, standardsand component technologiesfor security, assurance, andconfidentiality in E-commerce

Task 4: Integrating with B2B or B2G processesin global supply chain management


Architecture of A Highly SecureWeb Site for E-Business Services

Internetfirewall

Intranet servers

Intranet servers

Switch

Switch

Switch Switch

E-commerce Server Cluster

Security controller


g Prototype has 16 Pentinum PCshoused in two 9-ft computer racks.

g All PCs run with the Redhat Linuxversion 6.0 (Kernel version 2.2.5)

g All 16 PC nodes are interconnectedby a 100 Mbps Fast Ethernet

g The cluster is ported with DQS,LSF, MPI, PVM, TreadMarks,Elias, and NAS benchmarks, etc.

g Scaling to a future system with100’s to 1000’s of future processorsinterconnected by Gigabit networks

Trojans Cluster ProjectUSC Internet and Cluster

Computing Laboratory

Web site: http://andy.usc.edu/trojan/


Trojans cluster built at USC Internet and Cluster Computing Laboratory

E n tr yP a r t it io n

F a s t E th e rn e t

In te rn e t/ In tra n e tC lie n t

D a ta b a seP a r t it io n

S e r v ic eP a r t it io n

S e r v ic e F lo w D a ta F lo w


Attack Characteristics and Counter-measures in Federated E-commerce

Attack characteristics A ttack Type C ounterm easuresIP Address SpoofingThe hacker impersonates an internal ortrusted external IP address to bypass thesecurity systems

From internalor externalagainst host

Firew all and use strongerauthentication methodsFirew alls are ineffective againstinternal attacks

Softw are vulnerabilitiesH ackers send string sizes larger than theinput buffer or illegal H TM L code to gainroot authority and/or execute their ownprogram s on the web server

From externalagainst thehost

Firew all to filter some of the trafficbefore it reaches the w eb server.• Firewalls are very effective in

blocking eternal attacksA gent can do a better job here

Flooding the hostA hacker sending a large num ber of IPpackets to shut down or to overload the hoston the bad packets.

From internalor externalagainst thehost

C reating R edundant resourcesCreating redundant resources helpsw ithstand this attack for a longer tim eand it is not a com plete solution

Personated endpointsThe hacker cuts in a transaction and assum ethe identity of an endpoint to intercept mailand steal sensitive information

From internalor externalagainst hostor other agents

Strong authentication and digitalcertificates that rely on private keys.

• Very effective for both internaland external attacks

U ser im personationA hacker with a legitimate IP address andstolen password m ay try to impersonate auser

From internalor externalagainst otheragent

U se of Digital C ertificates• Very effective for both internal

and external attacks

V iruses & Trojan H orse programsM alicious Java applets and viruses thatusers can download unwittingly causingm assive destruction to the com puter systems

From internalor externalagainst thehost

V irus Scanning and C ontent Filtering.• The inform ation for virus scanning

and content filtering needs to becontinuously updated, else it w illbecom e ineffective


Agent PKI

Agent Name Service

Agent SecurityInfrastructure

Data-MiningAgents

DefinedSecurity Policy

Decision MakingSystem

AgentController

Communication Agents

Architecture of the security controllerbuilt with a cluster of Linux servers

Intrusion

Database


Distributed RAID-x ArchitectureCluster Network

P/M

CDD

P/M

CDD

P/M

CDD

Node 0 Node 1 Node 3

P/M

CDD

Node 2

B0B12B24B25’

B26’B27’

B1B13B25B14’

B15’B24’

B2B14B26B3’

B12’B13’

B3B15B27B0’

B1’B2’

B4B16B28B29’

B30’B31’

B5B17B29B18’

B19’B28’

B6B18B30B7’

B16’B17’

B7B19B31B4’

B5’B6’

D0 D1 D2 D3

D4 D5 D6 D7

D8 D9 D10 D11B8B20B32B33’

B34’

B35’

B9B21B33B22’

B23’B32’

B10B22B34B11’

B20’B21’

B11B23B35B8’

B9’B10’


0

2

4

6

8

10

12

14

16

18

1 4 8 12 16Number of Clients

Aggr

egate

Band

width

(MB/s

) RAID-xRAID-5RAID-1NFS

0

2

4

6

8

10

12

14

16

18


Aggr

egate

Band

widt

h(MB

/s)

RAID-xRAID-5RAID-1NFS

0

2

4

6

8

10

12

14

16

18


Aggre

gate

Band

width

(MB/s

)


0

2

4

6

8

10

12

14

16


Aggr

egate

Band

width

(MB/s

)


(a) Large read (20MB per client) (b) Small read (32KB per client)

(c) Large write (20MB per client) (d) Small write (32KB per client)

Benchmark Performanceof Distributed RAID Architectures


Trojans Linux Clusterwith Middleware for Security

and Checkpoint Recovery

Server ServerServer

Gigabit Network Interconnect

Security and Checkpointing middleware

Single System Image (SSI) Infrastructure

Programming Environments(Java, EDI, HTML, XML)

Web WindowsUser Interface

Other Subsystems(Database, OLTP, etc.)

Linux Linux Linux


Intelligent Agent-basedE-Commerce Infrastructure

! Need a robust testbed– WWW Servelet + SSL + Applet– Mobile agent platform:

! IBM Aglet! JATLite (KQML)! ObjectSpace Voyager (CORBA, XML)

! EDI vs. XML data flow model


Adaptive Security Controlwith intelligent agents to detect threats,to learn from intrusion patterns, and to

safeguard E-business operations

SecuritySafeguards

•Firewall•Authentication•Access control•Encryption

=

DetectThreats

Detectvulnerabilities

+ +

Response

AdaptiveSecurity

DistributedMulti-Agent Computing

24

Internet

Agent Name Server

OracleDatabaseWeb Browser

Agent

Agent

AgentAgent

Agent DatabaseServer

1

2

3

4

56

7


Electronic Solutions

! Confidentiality

! OriginAuthentication

! ContentIntegrity

! Non-repudiationof origin/receipt

! Availability

! Data Encryption

! Digital Signatures,Certificates, Digital Ids

! Hash Algorithms, MessageDigests, Digital Signatures

! Digital Signatures,Audit Logs

! Redundant Systems,Automatic Failover

24

Public-Key Cryptography! Secure E-mail and other

communications– Secure Internet communications– S/MIME standard– Lotus Notes, Entrust, PGP

! Secure WWW transactions– Consumer-merchant purchases– On-line banking– SSL, S-HTTP, SET

! Business-to-business transactions– Electronic Data Interchange– Electronic Trading


Originator’sSigned Message

DecryptEncrypt

CleartextMessage

CleartextMessage

Recepient’sPublic Key

Originator

Recepient’sPrivate Key

Recipient

Secure Communication withPublic-Key Cryptography


Non-Repudiation of Origin

! This technique protects the receiver of a message

from sender’s denial of having sent it.

! Protection is achieved by including a digital signature,

obtained by encrypting message with a public and/or

private keys.

document document

hash value hash value

public keyprivate key

sender receiver


Collaborative Security Projectsbetween USC and Industrial partners

! Internet payment system– Credit card payment with

enhanced SSL protocol– Micro payment with wallet server

! Internet security control– New cryptographic algorithms– S-MIME protocol revision (PKCS)– Wireless security control

! Securing mobile agents in personalized E-commerce using PDA, cellular phone, etc.


! Intrusion-proof web servers and firewalls are in

great demand in E-business services

! Distributed checkpointing to secure federated

E-commerce operations

! Distributed RAID for Unix, Windows NT, and Linux

web servers in cluster or grid environments

! Clustered security appeals to consolidated web

services and global supply chain management

Concluding Remarks :

internet security and cluster technologies for reliable e ... · internet security and cluster...

Documents