DÃ©partement RÃ©seau, SÃ©curitÃ© et MultimÃ©dia Rapport d'ActivitÃ©s 2008

More documents

Recommendations

Info

1) Normal Node behavior simulation: Westarted our simulation with the normalbehaviors of nodes without any attack. In thiscase, we noticed that none of the nodeschooses the future malicious node as MPR.2) Attack simulation: A malicious mechanism isnow implemented in the OLSR code of onenode which plays the role of a lying node byclaiming incorrect links. This time, weobserved that the malicious node achievedmanipulating the routing tables of other nodes.A normal node changes its routing table with afalse routing information. This change affectsthe routing tables of its neighbors. Without ouranalysis mechanism, none of the nodes candetect the malicious behavior.3) Use of the analysis mechanism: In thisstep, all nodes except the malicious node runthe same OLSR code in which the detectionmechanism is implemented. As for the normalnode behavior simulation, we notice that noneof the nodes chooses the malicious node asMPR. Our approach can thus detect anincorrect node behavior and the algorithmchooses another path where this incorrectnode behavior is not included.Conclusion and future workIn [3], our approach to detect maliciousbehaviors in MANET is further explained.Through this study, we chose the OLSRprotocol to analyze the availabilityrequirements for MANETs. Several propertiesrelated to the availability have been expressedbased on the specification of the protocolOLSR (these properties are compliant with theRFC3626) and malicious node profiles andused to deploy an intrusion detection andresponse technique. Each MANET nodeobserves the messages received by itsneighbors which provides means to check if itsneighbor is malicious or not. This approachseems the most adapted for MANETs.As a main result, we provide a securityextension to OLSR. Our primary issue withrespect to securing MANET routing protocols isto ensure the network integrity, even inpresence of malicious nodes.We are currently investigating secury protocolfor group management, in large and dynamicad hoc networks [4]. The protocol we suggestrelies on the TGDH protocol. In comparisonwith the previous solution, our algorithm helpsto uniformly dispatch the group key calculuson each node, and the global cryptographictree is optimized. Moreover, we propose anauthentication algorithm. Our algorithmprovides several well-known securityproperties, such as nodes authentication,messages freshness, passive attacks resistanceand known key attack resistance.As future work, we plan to develop reputationevaluation for such goup management protocoland define actice reaction mechanisms,including automatic exclusion of a maliciousnode from its group, based on this reputationevaluation.References[1] F. Cuppens, N. Cuppens-Boulahia et T.Sans. Nomad: A Security Model with NonAtomic Actions and Deadlines. 18th IEEEComputer Security Foundations Workshop(CSFW'05), Aix-en-Provence, France, June2005.[2] F. Cuppens, N. Cuppens-Boulahia, S. Nuonand T. Ramard. Property Based IntrusionDetection to Secure OLSR. Third InternationalConference on Wireless and MobileCommunications (ICWMC), Gosier,Guadeloupe, March 2007.[3] F. Cuppens, N. Cuppens-Boulahia, T.Ramard. Misbehaviors Detection to EnsureAvailability in OLSR. The 3rd InternationalConference on Mobile Ad-hoc and SensorNetworks (MSN), Beijing, China, December2007.[4] F. Cuppens, N. Cuppens-Boulahia, J.Thomas. S-TGDH, secure enhanced groupmanagement protocol in ad hoc networks.International Conference on Risk and Securityof Internet and Systems (CRiSIS). Marrakech,Morocco. 2-5 July 2007.48 Extract of Pracom’s Annual Report 2008
Access ControlSecurity of Web ServicesResearch Staff : Frédéric Cuppens, Nora Cuppens-Boulahia – Ph.D. Student: Diala Abi HaidarKeywords : Access Control, XACML, Trust negotiationApplications : Web Service SecurityPartners & Funding : partially funded by France Telecom R&D, ANRT through a CIFRE grant, part ofresearch work within the RNRT project POLITESS.IntroductionWith the emergence of web services, sharingdata between entities from different securitydomains raises the issue of protecting sensitiveresources. Access control and trustmanagement are research topics that offersolutions to such an issue. Access controlmodels offer a way of defining policies andrules for accessing protected data. In addition,many works have been done concerning thelanguages used to express the securityrequirements. These works have lead to anOASIS (Organization for the Advancement ofStructured Information Standards) standard,the eXtensible Access Control MarkupLanguage (XACML). Furthermore, trustmanagement is essential in a public worldinteraction. That is, entities need to negotiateto establish a certain level of trust betweenthem. A prototype for trust establishmentcalled TrustBuilder was proposed in theliterature [1]. It allows negotiating trust acrossorganizational boundaries due to iterativeexchanges of policies and certified attributes.Access control is important for private dataprotection and trust management isunavoidable if one needs to negotiate theaccess. This is why access control and trustmanagement should be done simultaneously inheterogeneous worlds such as the webservices. We consider that the negotiation fortrust establishment is an usptream of accesscontrol management. We have been workingon this idea to find a flexible framework thatallows the expression of multiple accesscontrol models in web services.This research work is part of a thesisundertaken within a collaboration betweenTELECOM Bretagne and France Telecom R&D.It is also supported by ANRT through CIFREunder a contract number 1026/2005. It is alsopart of research work within the RNRT projectPOLITESS.RealizationWe have defined XeNA [2, 3] (XACMLNegotiation of Access), a framework tointegrate the negotiation for trustestablishment within an access controlarchitecture based on XACML. XeNAincorporates our proposed negotiationarchitecture [4] based on two modules; (1) thenegotiation module that implements a resourceclassification based negotiation methodologyand (2) the exception treatment module that iscalled whenever exceptions are raised in thenegotiation process.According to our proposed resourceclassification based negotiation, resources areclassified at three different levels. Ressourcesclassified at level 1 are managed by directpolicies without negotiation. Ressources atlevel 2 are managed by public access controlpolicies that can be revealed. Within the class3 are resources managed by policies thatcannot be revealed. That is, we have definedtwo strategies for obfuscation that are used toobfuscate such resources' negotiation policies.Besides, we have formalized a derivationprocess that allows obtaining attribute-basedpolicies, i.e. negotiation policies, used withinthe negotiation process. This derivationprocess is a correlation between the accesscontrol policies and the mapping policies.These mapping policies define the conditionsof mapping concrete entities (subject, action,and object) into corresponding organizationalentities (role, activity, view and context).Furthermore, we have specified thenegotiation protocol that is used at the level ofthe negotiation module. This protocol canimplement four different strategies ofPracom’s Annual Report 2008 49
Page 2 and 3:
Présentation générale...........
Page 4 and 5:
Activités d’enseignementLe dépa
Page 6 and 7:
Activités de rechercheLe départem
Page 8 and 9:
Notre implication dans les organism
Page 10 and 11:
le cadre du projet NextTV4all où l
Page 12 and 13:
cloisonnement par domaine tels qu
Page 14 and 15:
- le GIS ITS (Intelligent Transport
Page 16 and 17:
Twente aux Pays Bas, Université de
Page 18 and 19:
Liste des doctorants présents en 2
Page 20 and 21:
Annexe 2 : liste des publicationsAr
Page 22 and 23:
COMA-BREBEL Céline, CUPPENS Nora,
Page 24 and 25: PHAN LE Cam Tu, CUPPENS Frédéric,
Page 26 and 27: Annexe 3 : description détaillée
Page 28 and 29: Access Control ....................
Page 30 and 31: schemes specifically suitable for l
Page 32 and 33: An easy-to-use solution for IPv6 co
Page 34 and 35: Loss Synchronization and Router Buf
Page 36 and 37: Sensor NetworksRandom Walk Techniqu
Page 38 and 39: Suppressing Neighbor Discovery in W
Page 40 and 41: Media and NetworksIP-based transmis
Page 42 and 43: One of the most difficult aspects o
Page 44 and 45: Another direction is the associatio
Page 46 and 47: classes. In our simple study case,
Page 48 and 49: Management of Multiple Access Netwo
Page 50 and 51: Adaptation of Multimedia Flows in a
Page 52 and 53: Optimized mobility management in he
Page 54 and 55: ecause it offers a generic framewor
Page 56 and 57: Future workOur next step is to fina
Page 58 and 59: Security Analysis and ValidationAna
Page 60 and 61: RealizationFigure 1 shows a classif
Page 62 and 63: Policy AdministrationResearch Staff
Page 64 and 65: execution in a distributed manner.
Page 66 and 67: Intrusion DetectionDetection and co
Page 68 and 69: eported alerts have to be managed b
Page 70 and 71: inside the corresponding detection
Page 72 and 73: function has a limitation that it d
Page 76 and 77: negotiation. These strategies speci
Page 78 and 79: A Fast Adaptative Secure Technology
Page 80 and 81: estricted to the organization to wh
Page 82 and 83: ights and external identities, and
Page 84 and 85: Peer 2 peerP2PIm@gesResearch Staff
Page 86 and 87: Managing a Peer-to-Peer Storage Sys
Page 88 and 89: Applications of networks to transpo
Page 90 and 91: Adaptive Application Support in Mob
Page 92 and 93: Wireless Mesh NetworksResearch Staf
Page 94 and 95: TestbedsA showroom for practical IP
Page 96 and 97: egistrar and proxies, video streami
show all

DÃ©partement RÃ©seau, SÃ©curitÃ© et MultimÃ©dia Rapport d'ActivitÃ©s 2008

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?