Data Assurance and Security .

Uploaded on:
Information Assurance and Security. Eugene Spafford Professor Department of Computer Sciences Purdue University. Outline. Security at Purdue, COAST/CERIAS Resources, Sponsors Ongoing Research Projects Proposed QoS Research. Information Security At Purdue.
Slide 1

Data Assurance and Security Eugene Spafford Professor Department of Computer Sciences Purdue University

Slide 2

Outline Security at Purdue, COAST/CERIAS Resources, Sponsors Ongoing Research Projects Proposed QoS Research

Slide 3

Information Security At Purdue Information Security began in 1979 Many courses offered (graduate, student) COAST (1992-97) CERIAS (1998) expansive Multidisciplinary

Slide 4

32 Sun Workstations 2 Sun Enterprise Servers 9 MacOS Platforms FORE ATM cloud 40 have connectors 2 BX200 4 FORErunners 3 486/586 PCs w/Win 95 4 Pentium Pro BSDI/Linux 12 Pentium II WinNT 5 HP Printers 2 Tektronix Color Printers 3 Cisco Routers 7507 Enterprise switch 3 Sunscreen firewalls 2 PrivateNet firewalls 1 Firewall-1 firewall 2 Pentium portable workstations Assorted other devoted equipment & programming Center Resources

Slide 5

On-Going Projects–Brief Synopses Intrusion Detection AAFID specialist based framework Characterizing Misuse Audit Analysis Audit content Audit representation & pressure Firewalls and Network Protection Firewall assessment lab Firewall structure Vulnerability Testing

Slide 6

On-Going Projects (1) Vulnerability Database Data Mining Taxonomical Work Software Testing Archive Development Organization and Protection Archival report section Secure outsourcing Watermarking

Slide 7

On-Going Projects (2) ATM Security Network powerlessness investigation Database & Multimedia security Use of data based psychological oppression Attack traceback examination Privacy morals & insurances Best practices review

Slide 8

Founding Sponsors Lilly Endowment Tier I Sponsors Andersen Consulting AT&T Labs/GeoPlex Cisco Systems GE Laboratories Global Integrity Corp. Hewlett-Packard Corp. Intel Corporation Microsoft Miter Schlumberger Sun Microsystems Trident Data Systems Tripwire Security Systems TRW Tier II Sponsors Axent Other Donors Addison-Wesley INITA L3 Communications O\'Reilly & Associates RiskWatch Tektronix Current Sponsors

Slide 9

Potential Sponsors Boeing Citicorp Compaq Department of Energy/LANL/Sandia Motorola NIST Swiss Bank Corporation

Slide 10

Security QoS Security administrations E.g., review, interruption location, … Many levels of administration Multiple ``alarm levels\'\' in an ID framework Multiple levels of review Costly as far as system & stockpiling assets Low (high) security levels cause little (substantial) impressions Impact on framework convenience/accessibility E.g., firewall pieces UDP parcels Security necessities contrast over the system

Slide 11

Research Issues in Security QoS How does client … determine security QoS ? … arrange security QoS ? What granularity (have ? subnet ? ) Varies with security benefit considered Connections with DB QoS and organize QoS Compete for same assets Benefit from same systems … and numerous more in the accompanying illustrations Intrusion discovery Audit trail benefit Profiling administration Secure media record benefit

Slide 12

Intrusion Detection Service (1) Experimental testbed: Existing AAFID model Already bolsters various levels of security

Slide 13

Intrusion Detection Service (2) More research inquiries How to handle levels of security that fluctuate over a system The interface between security-level areas Where ``low\'\' meets ``high\'\' What arrange QoS prerequisites ought to the AAFID operators make ? Diverse sorts of specialists What arrange QoS necessities ought to AAFID screens make ? What DB QoS necessities ought to the AAFID substances make on the review trail DB ?

Slide 14

QoS Tradeoffs Footprint on system versus level of security Economic model Cost-advantage investigations Characterize ``best\'\' working focuses Similar tradeoff for which security administrations to give Same research issues as above Functionality versus security

Slide 15

Audit Service Gives capacity to know ``what happened\'\' Various levels of review From ``Store all occasions\'\' to ``store nothing\'\' Quality of review required influences assets, subsequently framework ease of use and accessibility Requirements can change From application to application From host to have From subnet to subnet DB procedures for review information Audit information is monstrous (pressure issues) Special nature of information and how it is utilized (``ephemeral records\'\') Special inquiries (hunting down assault designs)

Slide 16

User Profiling Service Profile of client For dynamic email (IBM Almaden), dynamic DB For measurable ID (IDES, NIDES and related frameworks) Levels of value (of profile) Extensive and precise infers a higher cost Quality prerequisites are exceptionally factor E.g., dynamic DB can do with lower quality profile than MD framework Profiling innovation Similar to factual way to deal with interruption location Notion of ``normal\'\' client (or system, or DB) conduct Difficult! (Revile of dimensionality, reliance, … ) User profile is itself put away in uncommon DB How quick ought to profile advance? (Disadvantages to both extremes)

Slide 17

Other Security Services Scanning Related to ID however exceptional & constrained in time (ID is ceaseless) Multimedia report administrations Timestamping, alter resistance, watermarking, … Cryptographic convention bolster PKI … and so forth Each administration has its own QoS necessities/tradeoffs

Slide 18

Other Contributions CERIAS Outreach Technology exchange to backers Workshops and Conferences Continuing Ed offerings CERIAS K-12 Full-time facilitator Working with State Education Dept. CERIAS Archive Delivery Full-time Webmaster Major file & spread

View more...