Executive Summary 3 Four Phase ViSion development Strategy 5 Phase I – Secure Smartphone and Tablet System 5



Download 206.13 Kb.
Page4/4
Date20.10.2016
Size206.13 Kb.
#6523
1   2   3   4

The Object Model


The mechanism establishes abstractions for all of the important elements of the virtualized computing platform. In the Cyvergix product definition, we aim to provide abstractions of all the hardware elements as well as several configurative elements over multiple hardware machines that are used to control scalability. The initial abstractions are defined as follows:

  1. Hardware Pools

  2. Network Interfaces

  3. Mesh Networks

  4. Domains

  5. Hypervisors

  6. Virtual Machines

  7. Mobile Devices

  8. Policies

  9. Other decision support abstractions, hardware or software monitors, etc.

All of these abstractions have attached to them various methods that are utilized under the direction of a policy abstraction. They can inherit multiple policies to create a combined and complex behavior from simpler policy definitions.

The object structure is a unique variant of object oriented programming principals found in today’s popular languages. In effect, the event propagation model is simplified and automatic


Object Methods


Traditional object oriented design evokes event handlers or methods for various events triggered within the system being employed. The approach used in this system is highly modified and different from traditional systems. Traditional approaches involve the use of inline event handlers in response to messages. While our approach still has these types of methods in response to events we have also devised state managed work flow components to attach complex procedures to the method structure. Each method is actually employed as a complex work flow that contains elements of interaction with other work flows

Graphical Representation of Reasoning and State


Graphical representation of the overall system and the reasoning being applied is conducted using a customized graphical environment. The policy abstractions are represented as various ‘tools’ that can be dragged and dropped into the environment causing the affected objects to inherit the properties of these policies.

Security Monitoring and System Integrity



In computer programming, event-driven programming or event-based programming is a programming paradigm in which the flow of the program is determined by events—e.g., sensor outputs or user actions (mouse clicks, key presses) or messages from other programs or threads.


Appendix I – Autonomous Virtual Object Model

Table of Contents



Executive Summary 39

Technical Description 42


Executive Summary


This project seeks to present several cases for evaluation and resolution in the areas of security and resource management. The hypothesis presented and its associated research seeks to provide a superior approach to managing the overall network of available pooled resources and provide optimum security to virtualized functional services.

Synopsis


Modern computing operating system architecture has evolved over the years from the fully procedural model to an object oriented model without significant changes to the underlying structure. This oversight fails to take advantage of these changes to maximize resource utilization and integrity.

Utilizing the object model in a persistent storage environment and developing a network centric scheduler that facilitates the scheduling of event handling methods within a specified domain, the object model can be used to establish superior approaches to encapsulating data with access and resource policies. Policy management can also be simplified by taking advantage of multiple inheritance techniques and polymorphism.

The overall goal is to utilize best practice approaches in a completely new approach to secure communications and storage. Industry standard agile techniques will be employed to build prototypes that will used to evaluate and prove the goals and objectives of the research. The result will provide a proof-of-concept demonstration and a design approach to the development of a complete operating environment, the outcome of which will provide a rich communications environment embodying the state-of-the-art in converging technologies, especially in the area of security and resource management.

What Makes This Project Novel/Revolutionary


This project will provide a revolutionary approach by employing an integrated, object oriented model that aims to accomplish the following:

  1. Elimination of the process model – Processes are evolved from the fact that processing is done procedurally with nested stacks, etc. Processes require stack resources and other TSS data that are expensive to migrate across networks in the event the process needs to be moved. The process model is vulnerable to attack where procedures may be invoked in the stack which may compromise data and process integrity via un-trusted paths.

  2. Elimination of standard application protocols – SMTP, HTTP and many other protocols may be eliminated using an advanced model for communication of object structures. Secure e-mail and application interfaces can be devised that share objects using the single level storage concept. Application protocols such as these provide a context to a hacker to aid in unauthorized decryption if the protocol is captured while in transit. Underlying address pointers relative to a trusted connection provide a much more obfuscated data stream.

  3. Elimination of storage mapping – because process based applications are not persistent they will lose their data when the process ends requiring mapping to persistent storage. The objects described herein are persistent and already represent the data, the method and the access without the requirement of further mapping and they have the advantage of being inherently persistent.

  4. Method based net-centric scheduler for processor core resources – distributed object domains will require access to objects in other domains. Trusted connections are made which can then respond to message requests via a net-centric scheduler. Processing object methods in response to an event eliminates the need to carry large stacks around to maintain processes allowing object structure to define procedure in a network centric fashion where processing follows available resources and interface hardware.

What We Are Trying To Do

This project intends to demonstrate the benefits of an advanced autonomous object model that is used to protect data and methods by encapsulation of security rules attached directly to objects themselves using a multiple inheritance polymorphic configuration. It further facilitates protection during network transport by providing a single level storage concept that is net-centric which allows objects to be shared securely between various domains over trusted connections. This will eliminate the need to encode communications into a protocol that provides a context for the data that can be captured in transit and compromised.

Additionally, we seek to provide a high availability architecture using a net-centric scheduler that is based upon object oriented message passing requests over trusted connections thereby eliminating the need for stack based processes. The result is more control over hardware resources without the heavy overhead of migrating large stacks or machine images (virtualization). Additionally, domain level data protection can assist in the elevation of levels of data integrity

Finally, a user interface based on an advanced and collaborative workspace compatible with existing computer hardware and mobile devices that provide a rich environment for secured object oriented application development and policy object development for the implementation of business work flow. Implementation of work flow concepts for security policy management can provide a rich set of tools for proactive security management incorporating predictive analytics and automated mechanisms to thwart detected unauthorized attacks and help to manage the evolving requirements of a secured communications environment.



How It Is Done Today

Modern operating environments store data in hierarchical file systems or relational database systems that use basic access control mechanisms to restrict access to data. Further granularity of security is delegated to the application programming level. Circumvention of application access control and the compromise of security and integrity of data can be easily realized with auxiliary processes if access rights are obtained to primary data storage.

Process oriented computing was a natural evolution from single procedural processing similar to what DOS provided. Early on, processor resources were leveraged by allowing multiple processes to exist using schedulers that provided slices of time of the processor core to requesting resources. This has evolved to complete virtualization of the machine environments themselves further leveraging processing resources and providing security sandboxes to the virtualized machine environment.

Complete machine virtualization has taken the industry by storm but falls short when it comes to scaling upward. Virtualization, as it is provided by existing products, is really a partitioning approach and works fine when a single hardware image is used to support multiple virtual machines. However this approach does not provide a way of taking several hardware images and combining them into a single virtual machine.

Processes have a fair amount of overhead associated with them, which, on saturated systems, quickly makes them processor bound. Various protocols have been devised to communicate between these processes as networking entered into the picture. Peer-to-peer and client-server computing came into being to facilitate the communications between the users of the processes. These protocols and the networks they run on have become the common vehicle to attacks and the theft of information.

Who It Will Impact If Successful

The impact of this architecture will be felt across the entire spectrum of the computing world. Scalability issues will be greatly simplified as the addition of resources becomes a domain level addressing issue. Security will be greatly enhanced through the use of objects that contain the intelligence to discern between authorized and unauthorized access and the ability to exploit either. In addition, a common and collaborative workspace oriented user interface can simplify all facets of computing in general.


Technical Description

Technical Objectives


As previously stated, primary efforts in this stage of the project will be to validate our hypotheses to insure that our efforts will be rewarded with success. The research associated with these hypotheses will allow us to evaluate in the advantages and disadvantages of the mechanisms and how the overall architecture provides superior approaches to managing security obligations. These hypotheses are:

  1. The elimination of context based protocols using a network centric single level storage concepts will lead to enhanced throughput and improved data integrity.

  2. In an object oriented system, object structures are used to represent processes by establishing relationships between events and handlers. The state of any process is in fact managed by a network of event messages that can be traced back to an initial cause. We seek to prove that the axiom that structure represents procedure and can effectively replace the stack approach to managing complex processes.

  3. Security and resource management can be simplified and made manageable using polymorphism and multiple inheritance concepts in the object oriented model.

  4. Attaching security rules directly to the source of data allows for a closer coupling of accessibility to the data itself. The result is a more controlled access to data with less chance of circumvention using alternative methods.

  5. Establishing a network centric event handling scheduler for distributing work load across multiple processor nodes will lead to improved throughput and scalability.

What is New and Why the Solution Will Succeed


Our concept represents a fresh approach to utilizing software to make more effective use of the resources available. This new approach allows for a closer coupling of data instances and machine capability without the need for operating system virtualization (unless that is desired). Object libraries can publish a public interface for use on the internet.

Success will be insured by adhering closely to defined interface standards at each level. Initially, problem areas may require scaffolding and interface emulation in order to verify our proof of concepts. Using tried and tested hardware architectures to achieve high performance and security will help to eliminate early bottlenecks and validate our positions.


Technical Challenges and Risk Mitigation


The implementation of a shared object space will be challenging. The management of resources on this scale will require careful management. CyverONE uses agile approaches to research and development to mitigate risk.

How Cyber Attack Surfaces are Impacted


Process based command line interfaces provide access to a plethora of executable programs found through potentially un-trusted paths. In an object world there is no process. Procedures are not invoked as a program as they are traditionally. In the new paradigm, methods are implemented as event handler service algorithms. Process state is managed through a network of messages being transferred and scheduled where the effect would be most beneficial to the policies established for security and resource utilization. These messages can be stamped indicating their initial source. Command line systems built for this environment are completely virtualized and careful control over the servicing object can be managed. Any effect on the environment can be traced as the virtual process identifier.

How Maximal Technical Breathing Space is Gained for Minimal Cost


New approaches change the symmetry advantage from the cyber-attackers to the security administrators. Applying the concept of inheritance in a low level object system to implement policy management allow the users of newly created objects to apply rules immediately and simply using a drag and drop interface. Since multiple inheritances are allowed, several policies can be combined resulting in an overlay implementation approach to the establishment of security rules.

How Traditional Adversary Approaches are Negated


Numerous advantages will be realized in a new approach to the implementation of the computing environment. Some of these benefits are:

  1. The elimination of context based protocols combined with buffer reordering and other obfuscation methods will make decryption much more difficult.

  2. Implementation of autonomous objects with embedded security and authentication algorithms will limit exposure at the system level.

  3. The implementation of existing security protocols such as Suite B compliant data tunnels will provide additional levels of data integrity.

  4. The ability to authenticate with varying levels of confidence can provide security implementer with response algorithms to counter attempts to abrogate security.

How the Solution Incentivizes the Adversary


A would be cyber-attacker may be incentivized to reverse engineer the new structures in an attempt to provide data interception and logic intervention. The new approach of implementing autonomous objects makes it difficult to intervene at this level as each object would function autonomously. In the case of a loss of integrity that loss would be limited to only those specific objects that had been targeted as opposed to an overall loss of system integrity.

Analysis of the Asymmetry


Proactive analytics integrated with security policies describing the rules of engagement afford a rich environment for developing attack measurement and counter measurement. Policies can be developed that are simple or extremely complex. Tools to track procedural variances and mechanisms to divert access to alternative areas provide tools for containment and discovery of a would-be attacker. The goal of the design is to mitigate risks associated with authentication and access control mechanisms and to develop policies that are design to eliminate the unauthorized access to sensitive information.

Short-Term Strategies

Introduce a secured network adopting the Autonomous Virtual Object Model (AVOM) to simplify security management.



Attacker: High incidence of attackers breaching classified information on the Internet.

Defender: Introduce a revolutionary advancement in network security and access control. Implement the AVOM in order to combine methods, information and security rules. The objective of the AVOM is to simplify the introduction of key management controls and to concurrently simplify management of the network.

Role Advantage: The AVOM would significantly simplify the system management and security rules in a persistent and autonomous object set. Demonstrate the ability to overcome flaws in the current operating system architecture including the elimination of need for object sets to access external operating systems that allows application to be “back doored.” Demonstrate proof of concept of improved authentication through application of artificial intelligence algorithms, speech recognition, video acquisition and neural filtering routines.

Medium-Term Strategies:

Demonstrate ability to obfuscate transmission protocols and “in the clear” content that provides hackers with clues.



Attacker: High incidence of attackers gaining access to “in the clear” transmissions and protocols that represent vulnerability to system break-ins.

Defender: Demonstrate transparent transport protocol eliminates existing standard communication protocols and obfuscates the contextual content of transmissions.

Role Advantage: Demonstrating the concept of transparent transport protocols will overcome the current problem of hackers sniffing the transmission.

Long-Term Strategies

Demonstrate a unique need to know system through a geographically distributed data base, single level virtual storage (SLVS) and net-centric architecture



Attacker: Attackers are gaining in sophistication, developing methods for breaking and entering the system with a high level of frequency.

Defender: Demonstrate that the AVOM, the Single Level Virtual Storage architecture and remotely distributed database architecture will facilitate a fine grain need to know system. Demonstrate the ability to attach methods to secured objects that will initiate programs to identify and locate the attacker. The 32 Core MIPS parallel processor will perform neural programs that identify and initiate an attack on the attackers. Determining the geographic position of the attackers, observing his movements and determining his intent will support an intelligent and efficient attack.

Role Advantage: The ability to impose management of intelligence that is close to the source of acquisition is critical. A truly centralized database is more vulnerable to attack than a database that is administered as close as possible to the source of the intelligence. Distributed data bases that acquire intelligence in multiple languages should be filtered and converted into the language of the targeted intel agent before being transmitted to the responsible agent. The proposed SLVS architecture combined with the scalable, platform independent and promises to gain actionable intelligence with immediacy and “time of the essence.”

A detailed description of the three strategies summarized below can be accessed at http://www.cyverone.com/doc/

How to Defeat the Effort


The most advantageous point of attach for the adversary would be that of intervention into the Space Manager portion of the design. This would provide the hacker with a collection of the objects and methods specific to an individual object. The hacker would them need to devote themselves to identifying the data portions of the bytes retrieved and attempting to appropriately sequence and then decrypt that data.

Use Case Showing the Benefit


Objective: To provide a secured platform which will insure data integrity while in-flight or at rest to den defense, intelligence and commercial communities. Additionally, proactive algorithms provide the opportunity to provide misleading information thereby misleading the opponent.

Role: War fighter

Action: War fighter and squad are located behind enemy lines en route to undisclosed location. Tactical information is being provided via mobile platform (Android Tablet). Regular updates are being exchanged between the squad leader and base personnel.

Role: Enemy Combatant

Action: The enemy combatant is actively attempting to break into the data stream in an attempt to discern details about enemy activity and planning.

Outcome: Attempts to break into the data stream are frustrated by the combination of new architecture, data obfuscation, and multi layered encryption algorithms. If the enemy combatant is able to breach protocols far enough to access the AVOM structure, failure to meet authentication protocols results in the access to data that is purposely incorrect in a proactive attempt to mislead the opponent.



Appendix J - Major Milestones,” (see Figures 5a. & 5b)

    Figure 5a







Appendix K – DISA Cost Quotation



Cyvergence Corporation Confidential and Proprietary Page



Download 206.13 Kb.

Share with your friends:
1   2   3   4




The database is protected by copyright ©ininet.org 2024
send message

    Main page