Grid_Security_David_Jackson

Document Sample
Grid_Security_David_Jackson Powered By Docstoc
					   Grid security
          David Jackson
Rutherford Appleton Laboratory, UK

             GridKa,
Friday 12 Sept 2008, 10:50 – 11:30
• Welcome
• Grid site attacks
• Risk + Grid specific risk
• What you can do
• Welcome
• Grid site attacks (or security incidents)
• Risk + Grid specific risk
• What you can do
         Grid site attacks
Grid sites collaborate for science.




              Internet
 Users                            Resources
                  Grid site attacks
User password / pass        Network port scan       SSH Dictionary attack
  phrase capture




                          Internet
    Users                                                       Resources

                                     Site firewall admin.
                                                                       YOU
               Attacker
       Grid site attacks
Typical attack characteristics:
• Enter via the internet
• Attempts to get User/Root access –
  potentially via Stolen credentials
• Applications, middleware & OS
  attacked, looking for: missing patches,
  poor configuration, buffer over flows,
  logic errors etc.
         Grid site attacks
Q: Are they unique to the Grid?
A: No!

 These are typical “traditional” attacks.
 We just see more off them as we offer
 more IT systems (Grid hosts) to be
 attacked.
         Grid site attacks
Q: Why attack a Grid?

 There is no effective way to know the
 true motivation of an attacker…. all we
 can only speculate!
             Grid site attacks
By participating in Grid activity:
–   Attractiveness of site as a target
–   Number of vulnerabilities
–   Number of users                      Increases
–   Level of activity



you increase the probability of some
attacks, but they are not necessary new
types of attack.
• Welcome
• Grid site attacks
• Risk + Grid specific risk
• What you can do
                 Risk
“the potential that a given threat will exploit
vulnerabilities of an asset or group of assets
and thereby cause harm to the organisation.
It is measured in terms of a combination of
the probability of an event and its
consequence.”
         (Section 2.19, ISO/IEC 13335-1:2004)
                               Risk

A threat is or                                                The impact
group a                                                       is the effect
person (or                                                    on your
event) with the                                               business
motivation
and capability
to cause harm
to an asset



             A vulnerability is a weakness within the infrastructure or a
             management process that can be exploited to expose an
             asset (or group of assets) to possible compromise or
             damage
                        Risk




An anonymous external internet attacker (threat) may use
a weak password (vulnerability) to access your finance
system (asset) to steel money from your organisation
(impact).
                             Risk




You can reduce risk to an acceptable level (residual risk) by
reducing or removing one of Threat, Vulnerability or Impact.
       Grid specific risks
Threats: There is at least one new class
of threat that can cause you harm, the VO
(Virtual Organisation).

• VOs have NO motivation to harm you.
• VOs do have the capability to harm you.
            Grid specific risks
Threats: There is at least one new class
of threat that can cause you harm, the VO
(Virtual Organisation).
VO’s control there own membership
• Researchers join VOs.
• As a site, you no longer know who is using the resources that you host for the
  VO.
Researchers can offer resources to VOs
• As a site, do you know what VOs you have in your network?
           Grid specific risks
Vulnerabilities:
Sites use homogenous IT resources
Break in to one site => break in to many sites
One flaw on one node = X flaws on X similar nodes

Middleware
Any new component of a system introduces new vulnerabilities

Users and Activity
The numbers of both are up. This is increases the probability of
an password/pass phrase compromise.
           Grid specific risks
Impact:
Turing off the Grid at a site is a measure of last resort.
Not impossible, just not probable. Sites and institutes rely more
and more on Grids and Internet connections




                             KEIN
                           EINTRAG
         Grid specific risks
Key differences with Grids
•   Collaboration & resources sharing
•   No single “owner” so not like “clouds”
•   Limitations on sharing some information
•   Middleware that can initiate jobs
•   Scale and speed of resources…..

when you compare them with traditional IT.
         Grid specific risks
Key differences with Grids
 The risks are the same as any traditional IT service, just
                  more likely to happen.


In practical terms, you have to work as a team to resolve
                    security incidents.

 Some traditional responses to security incidents are no
                      longer valid.
              Grid specific risks
               Common top 12 threats

•Faulty access rights management   •   Repudiation of system use
•Password compromise               •   Software Alteration
•Intrusion (by scanning)           •   Insecure/unauthorized
•Data interception                     software
•Fraudulent connection             •   Absent/insufficient staff
•Software vulnerabilities          •   Lack of security awareness or
                                       job training




         for both Grids and Traditional IT.
• Welcome
• Grid site attacks
• Risk + Grid specific risk
• What you can do
          What you can do
Protect
Detect                   Against security incidents
Respond




Plan and prepare for incidents before they happen.
                                        Protect


            What you can do
• Use the minimum system components you need
• Harden the operating system & applications
• Keep the operating system and application up-
  to-date (e.g. patch)
• Protect passwords                    especially
• Use a strong passwords               privileged ones
• Restrict direct Root access to the Internet
• Monitor security lists etc.
• Know where to get help
                                       Detect


            What you can do
• Take advantage of the logs
• Use relevant security products (e.g. IDS, anti-
  virus etc.)
• Learn what is ‘normal’ for your system
• If in doubt, ask for help!
• Monitor security lists etc.
• Know where to get help
                                             Respond


             What you can do
• You are not alone. Know who can help you.
  Check with your local site and identify:

   • Your local/national/regional CSIRT
     (Computer Security Incident Response Team)

   • What your local site process is (if there is one)

   • Your role in an incident and what you can do.


• Plan and prepare for incidents before they
  happen!
               Summary
• Grid sites are under attack, but the
  attacks are not new, just plentifully.
• Reduce your risks by following good
  system management guidance.
• Plan to protect, detect and respond to
  security incidents.
• Know who can help you.
Questions

				
DOCUMENT INFO
Description: grid computing security