Date post: | 27-Mar-2015 |
Category: |
Documents |
Upload: | christian-skinner |
View: | 212 times |
Download: | 0 times |
1
Resonance: Dynamic Access Control in Enterprise Networks
Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark
School of Computer ScienceGeorgia Institute of Technology
2
Motivation
• Enterprise and campus networks are dynamic– Hosts continually coming and leaving
– Hosts may become infected
• Today, access control is static, and poorly integrated with the network layer itself
• Resonance: Dynamic access control– Track state of each host on the network
– Update forwarding state of switches per host as these states change
3
State of the Art
• Today’s networks have many components “bolted on” after the fact– Firewalls, VLANs, Web authentication portal,
vulnerability scanner
• Separate (and perhaps competing) devices for performing the following functions– Registration (based on MAC addresses)– Scanning– Filtering and rate limiting traffic
4
Authentication at GT : “START”
3. VLAN with Private IP
6. VLAN with Public IP
.1. New MAC Addr 2. VQP
7. REBOOT
Web Portal
4. Web Authentication 5. Authentication
Result
VMPS
Switch
New Host
5
Problems with Current Architecture
• Access Control is too coarse-grained– Static, inflexible and prone to misconfigurations– Need to rely on VLANs to isolate infected machines
• Cannot dynamically remap hosts to different portions of the network– Needs a DHCP request which for a windows user
would mean a reboot
• Monitoring is not continuous
Idea: Express access control to incorporate network dynamics.
6
Resonance Approach
• Step 1: Associate each host with generic states and security classes
• Step 2: Specify a state machine for moving machines from one state to the other
• Step 3: Control forwarding state in switches based on the current state of each machine– Actions from other network elements, and distributed
inference, can affect network state
7
Applying resonance to START
Registration
AuthenticatedOperation
Quarantined
SuccessfulAuthentication
Vulnerability detected
Clean after update
Failed Authentication
Infection removed or manually fixed
Still Infected afte
r an update
8
Resonance: Step by Step
Internet
3. Scanning
1. DHCP request
4. To the Internet
2. WebAuthenticai-tion
Controller
OpenflowSwitch
New Host
DHCP Server Web Portal
9
Preliminary Implementation: OpenFlow
• OpenFlow: Flow-based control over the forwarding behavior of switches and routers– A switch, a centralized controller and end-hosts– Switches communicate with the controller through an open
protocol over a secure channel
• Why OpenFlow?– Dynamically change security policies– Central control enables
• Specifying a single, centralized security policy• Coordinating the mechanisms for switches• Granularity of control. VLANs don’t provide that granularity
10
Resonance Controller: NOX
• NOX: Programmatic interface to the OpenFlow controller– Ability to add, remove
and reuse components
• We are building the Resonance controller using NOX
11
Research Testbed
12
Potential Challenges
• Scale– How many forwarding entries per switch?
• OF switches support ~130K flow entries and 100 wildcard entries.
– How much traffic at the controller?
• Performance– Responsiveness
• Security– MAC address spoofing– Securing the controller (and control framework)
13
Summary
• Resonance: An architecture to secure and maintain enterprise networks.– Preliminary design– Application to Georgia Tech campus network– Planned evaluation
• Many challenges remain– Scaling– Performance
Questions?