SeaCat: SDN End-to-End Application Containment

Post on 22-Nov-2014

137 views 3 download

Preview:

Click to see full reader
Report this document
SHARE

description

This demonstration shows how the SeaCat Application Containment Architecture secures a medical record system applications (OPENMRS) in an end-to-end manner. Using this framework, medical personal can securely access patient medial records from mobile devices without fear that patients/ medical records will accidentally be exposed/compromised by malware. Junguk Cho, David Johnson, Makito Kano and Kobus Van der Merwe, University of Utah

transcript

SeaCat: an SDN End-to-end Application

Containment ArchitecTure

Enabling Secure Role Based Access To Sensitive Healthcare Data

Junguk Cho, David Johnson, Makito Kano,

Kobus Van der Merwe and Brent Elieson

Motivation

• “Everything” is networked– Nearly all business applications assume network

availability

• Also true in healthcare– Accessing patient records

– Remote diagnoses and consultation

– In-home monitoring

– Healthcare analytics

– Plus “regular” vocational applications• HR/payroll functions, accessing domain specific literature

– Plus non vocational use• Browsing the web, social networking etc.

Motivation cont.

• Problem:– Same individual, using same device potentially using

several of these applications simultaneously

– Applications have very different security and performance constraints:• Healthcare records: stringent regulatory privacy and security

requirements

• In-home patient monitoring: different privacy and security needs + reliability and soft real time guarantees

• Web use: no impact on core healthcare applications

– Devices are increasingly mobile (tablets, laptops, smartphones)• Often not part of managed and trusted enterprise environment

Motivation cont.

• Current approaches, combinations of:– Device scans when new devices attach to network

– Run applications on application servers with thin clients on devices

– Complex network and server access control policies

• Inadequate:– Device with up-to-date patch levels might still contain

malware

– Application servers with thin clients constrain the type of applications that can be used

– Access control policies only deal with access. Provide no protection once data is accessed

Motivation cont.

• Problem generalizes to broad range of access to sensitive data

• Different sets of regulations/practices– Protected health information (PHI)

• HIPAA regulations

– Student educational records• FERPA regulations

– Federal government work• FISMA regulations

– Business requirements• PCI DSS regulations

– Institutional requirements• IRB regulations

SeaCat Approach• Combine SDN and

application

containment:

– End-to-end application

containment

• Non-healthcare apps:

– default context

• Healthcare app:

– dynamic app specific

context

– app and data contained in

this end-to-end context

• Treat mobile device as

“semi-trusted” SDN

domain

– Inter-domain SDN

interaction to tie in

Threat Model

• Concerned with security and performance of health care applications used from variety of devices in a health care environment

• Assume healthcare applications can be trusted– different from conventional threat model where device needs to be

protected against untrusted applications

• Specific concerns:– Unauthorized access

• role based authentication and policies

– Data leakage• end-to-end application containment

– Resource guarantees• context based resource allocation with preemption

– Denial of service• resource guarantees plus separation of resources

SeaCat Architecture:

Endpoint Containment• Uses lightweight

containers

– Linux containers

• All applications execute

in containers:

– move “regular apps”

into default

container

• Minimize trusted

computing base:

– Only SeaCat Trusted

Daemon left in root

namespace

SeaCat Architecture:

Endpoint Containment

• SeaCat Trusted Daemon manages containers:– Set default

container up: apps unaware that anything changed

– Use Overlay FS to restrict container storage accesses

– Dynamically create secure app container(s)

SeaCat Architecture:

Endpoint Network Containment

• SeaCat Trusted Daemon:– Manages endpoint

SDN domain

• Single switch domain:– Sets up context for

default apps

– Sets up context for secure apps: based on interaction with enterprise SDN

SeaCat Architecture:

Enterprise Network Containment

• SeaCat Server:– Manages enterprise SDN domain

• Sets up context for secure apps

• Includes SDN-enabled WiFi

– Interacts with SeaCat trusted daemon in endpoint• Instructs trusted daemon to start secure container

• Coordinates SDN across domains

SeaCat Architecture:

Putting it all together• Enterprise network treats each mobile endpoint as semi-

trusted SDN domain

• Secure app user: authenticates using “normal” single-sign-on (SSO) technology– SeaCat server integrated with SSO

– Successful authentication triggers:• Creation of app specific SDN context in enterprise

• Signaling to endpoint SDN to:– Create secure container

– Create endpoint app specific SDN context

– Ties to enterprise SDN context

• App and data remains in this secure end-to-end context

• When app exits:– Complete context is destroyed

SeaCat Workflow/Interaction

SeaCat Workflow/Interaction

SeaCat Workflow/Interaction

EHRServer

Default Context

OtherAppsOther

AppsOtherApps

Internet/

Non HealthcareResources

Mobile Endpoint

SeaCat

Enterprise/Campus

Network

SeaCat

SSO

Secure Context1

2

SeaCat Workflow/Interaction

EHRServer

Default Context

Other

AppsOtherAppsOther

AppsInternet/

Non HealthcareResources

Mobile Endpoint

SeaCat

Enterprise/CampusNetwork

SeaCat

SSO

Secure Context

3

SeaCat Workflow/Interaction

EHRServer

Default Context

Other

AppsOtherAppsOtherApps

Internet/

Non HealthcareResources

Mobile Endpoint

SeaCat

Enterprise/CampusNetwork

SeaCat

SSO

Secure Context

4

5

SeaCat Workflow/Interaction

EHRServer

Default Context

OtherAppsOther

AppsOtherApps

Internet/

Non HealthcareResources

Mobile Endpoint

SeaCat

Enterprise/Campus

Network

SeaCat

SSO

Secure Context

6

SeaCat Workflow/Interaction

SeaCat Demo

• Mobile endpoint:– Linux WiFi-enabled tablet

– With SeaCat Trusted Daemon:• Container and SDN management

• Enterprise network:– SDN enabled WiFi access point

• Tallac Networks

• Virtual APs

• Mapped to OpenFlow switch

– Rest of enterprise SDN emulated in a Mininet instance

• Single Sign On (SSO):– Uses Shibboleth SSO

– SeaCat (Service Provider) to realize SeaCat functionality

• Medical application:– OpenMRS (Medical Record System)

SeaCat Demo

WiFi AP

Emulated Network

HUB

Enterprise SDN Controller

VIF1

OVS

Other Apps

Client tablet

lxc

VIF0

Ryu controller

DHCPFLOW

MANAGER

ETH2

OVS

OpenMRS server

SSO:SeaCatService Provider SSO:

Identity Provider

ETH3

H1

H2

H3

MININET

ETH0

PolicyVAP

DefaultVAP

OVS

ETH0

ETH1

Wireless network

Real Ethernet network

Virtual Ethernet network

Trusted Daemon

LXC CONTROLLER

OVSCONTROLLER

OtherServer

H4

Enterprise/Campus Network

lxc

Status and plans

• Have working prototype…

• Current focus on access to electronic health

records

• SeaCat is a general application framework…

– other health care apps

– other apps that require access to sensitive data

• Interested in exploring possibility of trial

deployment…

Top related

Aisle Containment Systems Physical Containment Systems ...
Documents
SeaCAT/Sealogger RS-232 & Navigation InterfaceBox User Manual
Documents
SeaCat - Atlas Elektronik · 2017. 12. 19. · ATLAS ELEKTRONIK SeaCat Hybrid Autonomous Underwater Vehicle System SeaCat Unmanned Vehicles Key Features Fast Mobilisation due to low
Documents
COARE Seacat data: Calibrations and quality control procedures · 2006. 8. 9. · NOAATechnicalMemorandumERLPMEL-115 COARE Seacat data: Calibrations and quality control procedures
Documents
SBE 21 SEACAT Thermosalinograph - IRD Bretagne · This manual is to be used with the SBE 21 SEACAT Thermosalinograph ... the SBE 21 averages the sample data, ... Optional SBE 38 Connector
Documents
Aisle Containment Solutions · Aisle Containment Solutions Aisle Containment is a popular way of cooling high density server installations. Aisle containment can work in two ways:
Documents
Containment Siemon
Documents
Vigilante: End-to-End Containment of Internet Worms Paper by: Manuel Costa, Jon Crowcroft, Miguel Castro, Ant Rowstron, Lidong Zhou, Lintao Zhang, Paul.
Documents
Vigilante: End-to-End Containment of Internet Wormssino.di.ubi.pt/05.pdf · 2005. 11. 16. · Vigilante: End-to-End Containment of Internet Worms Manuel Costa Joint work with: Jon
Documents
CONTAINMENT SOLUTIONS - Extract Technologyextract-technology.com/...containment-solutions... · Complete containment solutions based around an innovative range of Downflow Containment
Documents
THE LABOW/SEACAT PAPERWEIGHT COLLECTION
Documents
A Vapor Containment Performance Protocol for Closed … · A Vapor Containment Performance Protocol for ... Application of the Vapor Containment Performance Protocol ... Vapor Containment
Documents
Containment Sumps spill berms Ultra-Containment … · Containment Sumps spill berms Ultra-Containment Sumps ... and are often utilized at construction ... Ultra-Containment Berm
Documents
Vigilante: End-to-End Containment of Internet Worms Manuel Costa, Jon Crowcroft, Miguel Castro, Antony Rowstron, Lidong Zhou, Lintao Zhang, Paul Barham.
Documents
SBE 16plus SEACAT - Microsoft · solution (Triton-X) SBE 16plus manual SBE 16plus SEACAT SBE 16plus SEACAT (shown in both plastic and titanium housing) Conductivity cell filling and
Documents
Vigilante: End-to-End Containment of Internet Worms Authors : M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham In Proceedings.
Documents
Seapower centre - navy.gov.auOnboard displays included small arms equipment. diving gear. fire-fighting equipment 'kara and Seacat Missiles flag-hoisting end. to delight a Navy cooking
Documents
Cost Containment
Documents
SBE 19 SEACAT PROFILER - brest.ird.fr · 2-6.1 SAMPLE SESSION ... 1 1-1 INTRODUCTION The SBE 19 SEACAT Profiler is designed to ... Also available for use with the SEACAT Profiler
Documents
SBE 19-03 SeaCat Primera Edicion
Documents

Copyright © 2018 DOCUMENTS