Secure Collaboration Architecture Microsoft Netmeeting and Solaris based Sunforum are among many programs that have been created for application sharing applications across Internet. While the use of these programs is very popular, they are lacking in important security aspects that are needed for a robust industrial usage. A typical industrial application need have the following design requirements- 1. Secure collaboration server outside the company firewall 2. Authentication mechanism tied to directory like LDAP 3. Encrypted data exchange tunnel 4. Backend services like FTP and application sharing 5. Predictable bandwidth for high volume data 6. Intrusion detection system NPTest has implemented the following architecture- Customer Site Customer Site Customer NPTest Site NPTest NxGenConneCollabSecure ExtendeSecure Connectivity Services Enclave NPTest, INTERNET or Dedicated NPTest Site SecureHowever, before we delve into the details of the system it is worthwhile to pause and look at the need for such collaboration software. NPTest Inc. is a semi-conductor equipment company. It makes testers to test the devices coming out of a semi -conductor fabrication factory. These equipments are used to do failure analysis for a device and to investigate process defects. The testers it makes typically sell for $1m - $4m with a total revenue of about $500m per annum. All the major semiconductor companies distributed all over the world- United States, Japan, Korea Singapore, China, Malaysia and a host of other places use the equipment. Many of the installations are in the production environments where downtime is extremely expensive. From a marketing perspective the important factors to sell the equipment are: -Mean Time Between Failure -Ability and to diagnose issues for the failure and be able to fix them -Ability to share the equipment between different facilities -Able to collaborate with the commercial test houses -Ability to demonstrate the image quality, user interface and other important aspects to the prospective customers -Cost of fixing the issues arising on the customer site The process of design-debug process for a device semi-conductor device often needs IP information to be shared between the collaborating laboratories. Confidentiality of the layout/netlist information is very important for companies like Intel and ST since it hol ds clues to the process innovation done on a particular generation of a technology. Typically NPTest tools are have an imaging mode used for navigation on the surface of the device. For most cases where a device packs millions of transistors it is necessary to align the live image acquisition with the “layout” done for the device. This involves going to three (or more) known locations on the device surface (akin to looking at it through an electron microscope) as well as the “ layout” and establish one-to-one relationship between them. This generates the transformation matrix between the twospaces. After that one can navigate on the surface of the device using the layout window if they are linked together. The layout information for a typical microprocessor is tens of gigabytes , which is difficult to share within the company. Also, because of the proprietary nature of the layout companies are unwilling to let this information go out of their firewall except in limited fashion. The debug houses and circuit edit houses, either inside the company or outside of it it need the layout information to be able to improve their suc cess rate for signal acquisition or device modification. The collaboration seeks to solve the following problems- -It allows remote debug of the system, especially at a beta software/hardware site -It allows some parts of the service to be done remotely -It allows quick response to any customer issues -It allows for remote demonstration of new products -It allows for sharing of equipment between dispersed laboratories justifying an expensive purchase -It allows for limited sharing of design data between the design house and a test house on as needed basis The important issues that had to be solved during the process of implementation were- -NPTest Server with tied LDAP based authentication: This assures that only the allowed users can get on to the server. This is different from public servers used by Netmeeting and Sunforum. -Assured Privacy to meetings: To create a secure space for each customer and be sure that no un-authorized person is accessing the space. This was solved using a combination of technology and policy implementation. A commercial third party tool was bought which divided the server into separate named spaces. Each user is provided access to some of these named spaces. Usually, these named spaces are on per customer basis. Only the customer for whom the named space is created could initiate meetings in that space. Thus, for a space created for ST Micro Inc. can have meetings initiated by peopleof that company. The server authenticates each user who signs on to the server and his user id is indicated in a separate window. This was needed since in applications like Netmeeting user can impersonate someone else’s identity easily. The person who initiates the meeting controls who can join the conference. All the participants in a meeting are displayed in real-time in a separate window and the initiator can kick out any participant. -Control Flow: The initiator of the meeting can declare a meeting in which he could allow passing of controls (view-execute) or does not allow that( view only). If a meeting is declared view-execute than any participant can request control, which the initiator can grant at will. After that anytime initiator does any mouse or keyboard activity the control is passed back to him automatically. -Security consideration on sharing a terminal window: On a Unix system it is possible to share a terminal window, which is potentially opening a big security hole in the firewall of the company. To obviate this two policies have been implemented- all the meetings are timed out and also the shared application should always have the current focus. The latter is to discount the possibility that a user inadvertently shares an application and forgets about that. -Encryption: Open SSH was used to created an encrypted tunnel. There is an option of using AES 128, 192,256, DES , blowfish or arkforce. This is helpful while talking to the IT security of the
View Full Document