STOS Symposium 2003

 

Schedule

 

Paper Presentations:
Wednesday - Friday, 3-5 December
Times: see Calendar

Research Updates
Vulnerabilities
Authentication
System & Security Analysis
Forensics
Open Source R&D Project Management & Funding

Security Directions
Core Services

 

Accepted Abstract Descriptions...

 


Research Updates


Title: Port of SELinux FLASK/TE to FreeBSD Using the TrustedBSD MAC Framework

The TrustedBSD MAC Framework, presented previously at STOS workshops, permits the compile-time and run-time extension of the FreeBSD operating system access control policy using pluggable policy modules. Sample modules include Biba integrity, MLS confidentiality, and a variety of OS hardening policies. The most recent addition to the supported policy modules is a port of NSA's SELinux FLASK/TE access control model to the MAC Framework. This experimental port provides access to a mature Type Enforcement implementation, as well as sample policy based on the SELinux policy. In this presentation, the high level design of the MAC Framework will be reviewed, the architecture of SELinux discussed, and the implementation approach for creating an "SEBSD" policy module presented.

Presenter:
Robert Watson, Research Scientist, Network Associates Laboratories

Duration: 60 - 75 Minutes
[top]


Title: Port of the TrustedBSD MAC Framework to Apple's Darwin Operating System

Apple's open source Darwin operating system provides the kernel and low-level services for the Mac OS X operating system. Based on Mach, BSD, NeXTStep, and FreeBSD, Darwin shares many components with the FreeBSD operating system, resulting in relatively easy transfer of new technologies between the two systems. The TrustedBSD MAC Framework, the access control extension technology developed by Network Associates Laboratories for the TrustedBSD Project, permits compile-time and run-time extension of the access control policy of the FreeBSD operating system, and includes sample modules implementing Biba integrity, MLS confidentiality, and the SELinux FLASK/TE model. Network Associates Laboratories is performing an experimental port of the MAC Framework, including sample policy modules such as the Biba, MLS, and SEBSD policy modules, to the Darwin operating system. This work-in-progress currently supports labeling of processes and file system objects, and ongoing research is underway to extend labeling and access control to the remaining kernel primitives (including Mach IPC), as well as to adapt the Darwin userland for these new primitives. This talk will review the MAC Framework design, and discuss the effort to port the MAC Framework and policy modules to the Darwin platform.

Presenter:
Robert Watson, Research Scientist, Network Associates Laboratories

Duration: 60 - 75 Minutes
[top]



Vulnerabilities


Title: CVE and OVAL - Security standards that are making a difference.

There are important changes to the cyber-security industry, being fostered by the Common Vulnerability Exposures (CVE) and Open Vulnerability Assessment Language (OVAL) Initiatives, a pair of international, community-based effort amongst industry, government, and academia. These changes will transform the way your enterprise deals with vulnerabilities in the commercial and open source components of your enterprise infrastructure and mission systems. With approximately 150 organizations working to support the CVE standard in more than 250 cyber-security products and services, CVE is quickly becoming an organizing mechanism that can make enterprise management of information security vulnerabilities less of a labor intensive art and more of an engineered practice. The OVAL effort builds upon CVE to create a means for making vulnerability alerts more applicable to individual enterprises. OVAL is aimed to provide the means for standardized vulnerability assessment and result in consistent and reproducible information assurance metrics for systems.

Presenter:
Robert Martin CVE Compatibility Lead, The MITRE Corporation

Duration: 45 Minute
[top]


Title: General Approaches to Network Vulnerability Assessment

A well-planned vulnerability assessment and remediation procedure is a key component of an organization’s overall IT security program. Whereas firewalls take a preventive approach and intrusion detection takes a reactive approach, vulnerability assessment takes a proactive approach, with the goal of addressing any weak spots in the network before being discovered by intruders. A non-intrusive scanning tool which provides clear, detailed remediation information is the foundation of the vulnerability assessment procedure.
This talk will present an overview of the various types of network vulnerabilities, such as weak passwords, insecure file sharing, buffer overflows, format strings, and web exploits. The talk will continue with a discussion on implementing a network security scanning procedure, followed by a technical discussion on the workings of non-intrusive network vulnerability checks at the TCP/IP level. The talk will conclude with an introduction to the SAINT network vulnerability scanning tool. SAINT makes use of the aforementioned concepts to achieve an easy-to-manage, non-intrusive vulnerability assessment program.
As Chief Development Engineer and Architect for the SAINT™ suite of tools, Samuel Kline's responsibilities include the design, testing, and implementation of all SAINT™ products, the upgrades to all SAINT™ products, the interface of SAINT™ to other security products, and the management and staffing of the company’s security team. His information security experience includes the supervision of network vulnerability assessments and penetration testing at the Pentagon. Samuel Kline has a BS in Electrical and Civil Engineering from Washington University in St. Louis and a MS in Computer Science and Applications from Virginia Tech.

Presenter:
Samuel Kline Chief Development Engineer, SAINT Corporation

Duration: 45 Minutes
[top]



Authentication

Title: Using Kerberos To Provide Secure Access To DOD Supercomputers

The Department of Defense High Performance Computing Program consists of twenty difference supercomputing resources across the US, with approximately 5000 users scattered among DOD installations, universities, and private corporations. Providing secure access to these resources while maintaining security is challenging task.
Since 1998, the HPC program has used Kerberos to provide program-wide single sign-on for their user community. This talk details the technical and political challenges we faced during this implementation.

Presenter:
Ken Hornstein ITT Advanced Engineering and Sciences

Duration: 45 Minutes
[top]


Title: Kerberos, Theory and Practice

Kerberos is the most popular and widely supported protocol for enabling single sign-on across a network, even between different platforms. The latest versions of both Microsoft and Apple’s operating systems have standardized on the MIT Kerberos protocol for their authentication requirements. The Kerberos protocol is not new, after all, it has been available for over a decade now. Kerberos is emerging beyond the enterprise and large universities and now enjoys wide adoption in desktop operating systems. However, even though Apple and Microsoft now support and even, in some cases, enable Kerberos support by default out of the box, myths, misconceptions, and misunderstanding of Kerberos abound.
The intended audience of this talk will be anyone with an interest in learning more about Kerberos. This talk aims to clear the air surrounding Kerberos, both protocol and implementation. Particular focus will be given to its implementation by Apple in its latest Panther and Panther Server products. The lineage of Kerberos will be traced from the early development at MIT as part of Project Athena, through the introduction of the modern Kerberos 5 protocol, to today’s implementations and beyond. Interoperability between different operating systems' Kerberos implementations will also be discussed. Finally, the latest extensions to Kerberos that ensure its ability to integrate new authentication technologies in the future will be discussed.

Presenter:
Jason Garman Computer Forensics Analyst, Mantech National Security Solutions Group

Duration: 45 Minutes
[top]


Title: Developer’s Guide for Implementing X.509 Path Processing

One of the most complex problems in creating Public Key Enabled (PKE) applications is the ability to build and validate certification paths in complex infrastructures.  Public Key Infrastructures require relying parties to build and validate a certification path from a target certificate (signer or encryption recipient) to their anchor of trust.  As PKIs grow to connect multiple enterprises (i.e. Federal Bridge CA) the problem of developing a certification path becomes more difficult.  Over the past year, we have been working with NSA and NIST in the creation of documents and test data to help PKE application developers understand the process behind building and validating complex certification paths.  The first paper developed was a guide to help developers understand certification path processing and its impact on application development.  It offers insights and recommendations to developers integrating support for X.509 digital certificates into their applications.  By following the guidance and recommendations defined in the paper, an application developer is more likely to develop an X.509 certificate enabled application that can be interoperable with a broad set of similar applications.   The second document created was a test suite that can be used to test and applications ability to build and validate certification paths.  To ensure secure interoperation of PKI-enabled applications, the path validation must be done in accordance with the X.509 and RFC 3280 specifications.   The test suite provides the test assertions and the test cases for testing path validation software against these specifications.

Presenter(s):
Mr. Peter Hesse President, Gemini Security Solutions, Inc.
Ms. Susan Joseph Principal Secure Systems Engineer, DigitalNet Government Solutions

Duration: 45 Minutes
[top]


Title: PK-Enabling the Government - an introduction to GSC-IS Smart Cards

The US government will make the United States one of the top 3 consumers of smart card technology in the world and likely higher as most government agencies push for smart card id's. Since millions of cards have and will continue to be issued, good standards must exist to make sure interoperability between agencies can occur. We will discuss how these standards, known as GSC-IS 2.1 by NIST behave and what they are trying to solve.

Presenter:
David Corcoran Partner, Identity Alliance

Duration: 45 Minutes
[top]


Title: Authentication 101: Practical review of today's authentication methods

This paper will describe the evolution in authentication methods from passwords to certificates, biometrics and tokens. It will cover the issues with each type of identification and the issues of combining them to provide 'n-factor' authentication.

Presenter:
Tony Walker, VP of Development, CRYPTOCard, Inc.

Duration: 45 Minutes
[top]


Title: Biometrics - Ready or Not ?

Biometrics provide the promise for increasing both system security and end user satisfaction, while reducing help desk costs due to password resets. But can biometics really deliver on all of its promise? This talk discusses how biometrics are currently used for identification and authentication purposes. Also, the merits and problems of the current state of the art for the various biometric technologies are discussed with a focus on real world deployment and utilization.

Presenter:
Taylor Boon, Former CTO, BNX Systems

Duration: 45 Minutes
[top]



System & Security Analysis

Title: Application of the Views Security Modeling Approach

This paper reports on the application of a security modeling tool called Views. Views is a graphical modeling approach that aids the understanding of the security posture of various application systems. Unlike other disciplines, which almost uniformly have some analogue of a blueprint with which architects and engineers can discuss what is being built, security practitioners lack the ability to represent application-level security properties in a visual format. The goal of Views is to fill this gap so that visual descriptions of the security-related aspects of systems can be developed.
Views has successfully modeled authentication, confidentially, and access control scenarios for a variety of projects within its scope. The initial applications of Views describe the security properties of various Internal Revenue Service systems. The paper gives examples of the Views standardized, graphical notation as well as illustrating how Views notation has been used in real-world settings.

Presenter(s):
J. J. Brennan The MITRE Corporation
Don Faatz The MITRE Corporation
Mindy Rudell The MITRE Corporation

Duration: 45 Minutes
[top]


Title: Security Technical Implementation Guideline (STIG) Automation

In an effort to meet US Government security requirements for defense information systems, DISA created the Secure Technology Implementation Guides [STIGs]. This presentation will examine automating the STIG implementation process for OS X through a combination of scripting and a GUI wizard.

Presenter:
Robert Bagnall, iDEFENSE

Duration: 45 Minutes
[top]


Forensics


Title: An Open Source Solution for Computer Forensic Data Acquisition and Analysis

Other than a complicated command line utilizing "dd", an investigator's options for evidence acquisition are currently limited to proprietary commercial tools. The lack of open source solutions prevents third party validation and prices many of the smaller forensic labs out of business. In addition to the evidence acquisition problem, the analysis techniques employed while using commercial alternatives are limited and the internal mechanisms inadequately documented for typical forensic analysis needs.
During Mr. Jones's presentation, he will discuss a brand new open source initiative for forensic acquisition and analysis that runs on top of the open operating system named Linux. Mr. Jones will present for the first time the revolutionary new open source project named "Odessa" which gives investigators and forensics analysts a viable alternative to the market dominated commercial solutions that currently exist. The presentation will begin with an overview of Odessa's overall architecture and a demonstration on how it can be utilized in the real world. After the evidence is acquired with this new application, the presentation will conclude with examples of properly documented tools to perform several common analysis techniques on the data captured from a suspect's hard drive.

Presenter:
Keith J. Jones, Principal Computer Forensic Consultant, Foundstone, Inc.

Duration: 45 Minutes
[top]


Open Source R&D Project Management & Funding


Title: Getting the Federal Government to Fund your R&D Ideas
Developing a Winning Proposal

Over the years, many good – sometimes even great – R&D ideas have gone unfunded while other, rather mediocre projects have flourished with significant financial support. Why is “the system” so frustratingly illogical? How can a bright, worthy, new technical idea garner support and funding in the political Washington, DC arena? This session will focus on this unique environment with its pressures, perspectives and politics that drive funding decisions. Anecdotes will illustrate the main points so that the reasons for this apparently illogical behavior can be readily understood and interpreted. The session will also cover techniques for improving your proposals and marketing skills to increase your probability of getting funded by the Federal Government. Don Gay, as both an engineer and manager, has worked in the Federal Government for 32 years and in industry for 6 years. He consults with and teaches classes to the Navy labs and National labs, among others, in marketing R&D projects to the Federal bureaucracy.

Presenter:
Don Gay, R&D Projects Marketing, Inc.

Duration: 45 Minutes
[top]


Security Directions


Title: Security on Mac OS X - Architecture and Direction

This will be a medium level overview of the security architecture of Mac OS X, with an emphasis on demonstrating the benefits of close integration of security with the operating system. The security features in the new version of the Mac OS, Panther, will be discussed. One particular area of focus is the role of digital certificates as the Internet evolves.

Presenter:
John Hurley, Ph.D., Security Policy Architect, Apple Computer

Duration: 45 Minutes
[top]


Core Services


Title: Privman: Making it easier to write programs that use privilege separation

Privman is a library that makes it easier to write programs that use privilege separation, a technique that prevents the leak or misuse of privilege from applications that must run with some elevated permissions. The Privman library targets UNIX platforms, and can be used by programs running on Darwin. Privman is available as open source software, licensed under a two-clause BSD license, from opensource.nailabs.com.
This talk will discuss the Privman libraries and APIs, and will discuss porting techniques to port applications from traditional
privilege management to the Privman library. This talk will also discuss creating policy files for programs that use the Privman
library.

Presenter:
Douglas Kilpatrick, Development Engineer, Network Associates Laboratories

Duration: 60 Minutes
[top]


Title: IPSec for Admins
Practical deployments of IPSec security policies in a wide range of environments

IPSec used to be a technology that was only available to those who had deeply studied the protocols involved. That security landscape, however, has been significantly changed as more and more firewire and software vendors incorporate IPSec into their products. The field is now wide open for home users to enterprise environments to use IPSec in their daily routine. Problem is there are still some hurdles to overcome.
This paper will discuss case studies in IPSec deployments ranging from home users using inexpensive routers to large government organizations utilizing state of the art technology. In particular the paper will pay close attention to utilizing the built-in IPSec capacity of Darwin/OSX covering the latest changes to the OS. The paper will also explore network topologies and other best practices for the deployment of IPSec.

Presenter:
Joel Rennich

Duration: 45 Minutes
[top]


Title: A Credit Card with security logic and a large storage volume

Digital technology has been the greatest enabler of products that have spawned significant innovations such as the personal computer, Internet, e-mail, instant messaging, and entertainment. This new environment for commerce and communications has created concerns relating to trust and security, particularly where there is a need to certify that “you are who you say you are, and are authorized to perform the transaction”.
A solution in the form of a “Trusted Computing Platform” has been proposed. This locks data to hardware to achieve the necessary security, but makes it inconvenient and cumbersome to transport information and utilize it wherever and whenever needed. Other “trusted” implementations utilize Smart Cards to control access to secure networks, but provide no means to manage the information once it is communicated to the Client.
This talk will present a technology that enables large storage capacity, greater than 100 Megabytes, with authentication logic and high-speed encryption capabilities in the familiar form factor of a Credit Card. The solution guarantees that all information will remain secure and conveniently portable with 24/7 policy enforcement wherever and whenever required, whether in an “on-line” or an “off-line” transaction without compromising any security policy.

Presenter:
Anil Nigam Chief Technical Officer, StorCard Inc.

Duration: 45 Minutes
[top]