* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download GSI Credential Management with MyProxy
Survey
Document related concepts
Authentication wikipedia , lookup
Cyberwarfare wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Unix security wikipedia , lookup
Next-Generation Secure Computing Base wikipedia , lookup
Information security wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
Wireless security wikipedia , lookup
Airport security wikipedia , lookup
Mobile security wikipedia , lookup
Security printing wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Transcript
Emerging NCSA Security R&D NSF CyberSecurity Summit September 28th, 2004 Von Welch [email protected] About this presentation • Overview of a number of technologies being developed by a number of groups at NCSA • Seeking to find consumers, foster communication and collaboration • Purpose is to give quick overview of each project to spur interest • Please contact myself or project lead/PI listed for a given project for more information Sep 27, 2004 NCSA Emerging Security R&D 2 • National Center for Advanced Secure Systems Research • ONR-funded multi-organization security R&D center led by NCSA • Partners include University of Illinois at Urbana-Champaign, Battelle Pacific Northwest Division, InfoAssure Inc., the University of Tennessee, and the Naval Postgraduate School • http://www.ncassr.org Sep 27, 2004 NCSA Emerging Security R&D 3 Security R&D Projects • ONR-funded Technology Research Education Commercialization Center • http://www.trecc.org Sep 27, 2004 • NSF Middleware Initiative • http://www.nsfmiddleware.org/ NCSA Emerging Security R&D 4 MAIDS: Mining Alarming Incidents in Data Streams Datamining applied to streams MAIDS is aimed to: • • • Discover changes, trends and evolution characteristics in data streams Construct clusters and classification models from data streams Explore frequent patterns and similarities among data streams MAIDS is being applied to NCSA’s network flow data in order to be trained to automatically detect incidents Contact: Michael Welge [email protected] Sep 27, 2004 NCSA Emerging Security R&D 5 SIFT • Security Incident Fusion Tool (SIFT) • Framework and tools for combination of flow and log data from multiple sources and coherent visualization • Software available from: http://www.ncassr.org/projects/sift/ • Contact: Bill Yurcik ([email protected]) Sep 27, 2004 NCSA Emerging Security R&D 6 SELS: A Secure Email List Service Contact: Himanshu Khurana [email protected] • Mail List Security – Confidentiality: Solution using proxy encryption techniques whereby the plaintext is not exposed at list server; instead, list server simply transforms encrypted messages – Integrity and authentication: Solution using digital signatures where certificate validation is provided by list server – Anti-spamming: Solution using digital signatures and HMACs where list server discards any message not sent by a valid subscriber • Prototype (Java) – Email client plugins for JavaMail and Eudora currently being developed – Evaluating available list server software for plugin development Sep 27, 2004 NCSA Emerging Security R&D 7 Himanshu Khurana MyProxy: Grid Credential Management • Stores Grid X.509 credentials • Retrieval through SASL/PAM allows for authentication via OTP, password, Kerberos • Allows bridging between authentication domains • Contact: Jim Basney MyProxy OTP, Krb5, Password X.509 Grid Credential ([email protected]) Sep 27, 2004 NCSA Emerging Security R&D 8 Grid-Shib: Grid-Shibboleth Integration • Integration of Internet2’s Shibboleth with Globus Toolkit • Funded by NSF NMI program • Allow for use of Shibboleth-served attributes in Grid authorization – Allow leveraging of Shibboleth software and deployments to support Grids – Utilizing Web Services security standards (SAML) • Contact: Von Welch ([email protected]) Sep 27, 2004 NCSA Emerging Security R&D 9 Other activities • Software-defined radio policy enforcement – Von Welch ([email protected]) • Security Middleware for sensors – Himanshu Khurana ([email protected]) • Secure Grid Laboratory – Testbed for deployment and testing – Randy Butler ([email protected]) Sep 27, 2004 NCSA Emerging Security R&D 10 For more information • http://www.ncassr.org • Or contact me for routing – [email protected] Sep 27, 2004 NCSA Emerging Security R&D 11