Home> Schools> University of Colorado Colorado Springs> (CS) > CS 622> Secure Role Based IM
DOC PREVIEW
UCCS CS 622 - Secure Role Based IM
School name University of Colorado Colorado Springs
Course Cs 622- Distributed Networks
Pages 11

This preview shows page 1-2-3-4 out of 11 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 11 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 11 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 11 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 11 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
Premium Document
Do you want full access? Go Premium and unlock all 11 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access

Unformatted text preview:

Secure Role Based IM using ENforCESecure Role Based IMThe ENforCE SystemRole Based HierarchyWhat ENforCE ProvidesServer Algorithm(Two) One Way Communication Request(s)Conceptual DesignClientsProgressQuestions??Kelly Whitacre, Kunal Bele , and Mike GerschefskeSecure Role Based IMCreate an IM to cut down on excess chattingRestrict users to chat only with people with similar roles within departmentProvide Mechanism to allow users to request chat outside specific roleLeverage ENforCE2Policy Enforcement PointPolicy Enforcement PointGlobal.asaxASP.NET ApplicationFC4 machine (Firewall)FC4 machine (Firewall)Iptables Control ServiceB8) Network- resource AccessIIS AuthenticationISAPIProtected web resourcesProtected web resourcesA2) Http requestA5) XML responseSession policy sourceSession policy sourceA3/ B3) Get User's ACRPSPPSDomain ControllerDomain ControllerActive DirectoryActive DirectoryB2) Http request A1/B1) User RequestProtected Network resourcesProtected Network resources B7) XML response Policy DecisionPointPolicy DecisionPointB6) Open or Close service commandsA4/B4) GetDecisionThe ENforCE System3Role Based Hierarchy4What ENforCE ProvidesAbility to determine if a user has access to a resourcei.e. user changed jobs, or was firedUsers’ management chainsYet, Our Policy Enforcement is in our Server rather then Enforce5Server AlgorithmCheck if user 1 can communicate with user 2 via XACML request to ENforCEIf not, ENforCE determines highest manager of user 1 required to get authorization to user 2Send request to that manager and wait for acceptanceIf authorized allow user 1 to send data to user 2 for some period of timeObtain Public Key of Receiver by AD of ENforCE for Client of SenderNote:One way communicationMessage sent to manager requiring token to be sent back to acknowledge acceptance6(Two) One Way Communication Request(s)7Conceptual DesignENforCEServerBob AliceBob’sBossAlice’sBossADXACML8IISClientsVery SimpleSend messages containingMessageToBuddy List/Active Directory Browsing could be addedClients encrypt via destinations public keyCould look into asymmetric crypto9ProgressExtracted IIS and DC of ENforCERecreated FWProblems with Windows ActivationProblems with VMware Converter removing hardwareProblems with physical Unix

View Full Document

UCCS CS 622 - Secure Role Based IM

School: University of Colorado Colorado Springs
Course: Cs 622- Distributed Networks
Pages: 11
Documents in this Course
Multi-path Interdomain Routing

Multi-path Interdomain Routing

12 pages

SYLLABUS

SYLLABUS

2 pages

Internet Indirection Infrastructure

Internet Indirection Infrastructure

30 pages

INFORMED CONTENT DELIVERY ACROSS ADAPTIVE OVERLAY NETWORKS

INFORMED CONTENT DELIVERY ACROSS ADAPTIVE OVERLAY NETWORKS

47 pages

Human Motion Tracking and Reasoning for Rehab

Human Motion Tracking and Reasoning for Rehab

13 pages

Can Unstructured P2P Protocols Survive Flash Crowds?

Can Unstructured P2P Protocols Survive Flash Crowds?

12 pages

Data Network Design

Data Network Design

56 pages

LOCAL STABILIZATION IN SHORTEST PATH ROUTING

LOCAL STABILIZATION IN SHORTEST PATH ROUTING

12 pages

DDoS Defense by Offense

DDoS Defense by Offense

12 pages

Maximizing Lifetime of Sensor Surveillance Systems

Maximizing Lifetime of Sensor Surveillance Systems

12 pages

On Multicast Path Finding Algorithms

On Multicast Path Finding Algorithms

14 pages

STUDY NOTES

STUDY NOTES

16 pages

A COMPARISON OF OVERLAY ROUTING AND MULTIHOMING ROUTE CONTROL

A COMPARISON OF OVERLAY ROUTING AND MULTIHOMING ROUTE CONTROL

14 pages

I3 and Active Networks

I3 and Active Networks

33 pages

Introduction to Network Design

Introduction to Network Design

34 pages

Measurement Methodology, Dynamics, and Relation With TCP Throughput

Measurement Methodology, Dynamics, and Relation With TCP Throughput

13 pages

Fast Local Rerouting for Handling Transient Link Failures

Fast Local Rerouting for Handling Transient Link Failures

14 pages

“On Scalable Attack Detection in the Network”

“On Scalable Attack Detection in the Network”

24 pages

An Efficient and Cache- Friendly Transfer Protocol for the Web

An Efficient and Cache- Friendly Transfer Protocol for the Web

33 pages

Access Network Design

Access Network Design

49 pages

BGP Inefficiencies

BGP Inefficiencies

29 pages

Access Network Design

Access Network Design

49 pages

Load Balancing for Parallel Forwarding

Load Balancing for Parallel Forwarding

12 pages

Revisiting IP Multicast

Revisiting IP Multicast

12 pages

Review of Resilient Overlay Networks

Review of Resilient Overlay Networks

7 pages

Introduction to Content Switch

Introduction to Content Switch

32 pages

Journal of System Software

Journal of System Software

23 pages

AN EFFICIENT AND CACHE-FRIENDLY TRANSFER PROTOCOL FOR THE WEB

AN EFFICIENT AND CACHE-FRIENDLY TRANSFER PROTOCOL FOR THE WEB

14 pages

Terminating Telephony Services on the Internet

Terminating Telephony Services on the Internet

11 pages

Simple Pre-Provisioning Scheme to Enable Fast Restoration

Simple Pre-Provisioning Scheme to Enable Fast Restoration

13 pages

Fast TCP

Fast TCP

34 pages

Defense by Offense

Defense by Offense

27 pages

Mesh Network Design

Mesh Network Design

22 pages

Comparative Study of Various TCP Versions Over a Wireless Link With Correlated Losses

Comparative Study of Various TCP Versions Over a Wireless Link With Correlated Losses

14 pages

Distributed Council Election

Distributed Council Election

10 pages

Load more
Download Secure Role Based IM
Our administrator received your request to download this document. We will send you the file to your email shortly.

Please select your school

Login

Join to view Secure Role Based IM and access 3M+ class-specific study document.

Continue Continue
or
We will never post anything without your permission.
Don't have an account?

We couldn't create a GradeBuddy account using Facebook because there is no email address associated with your Facebook account.

Link an email address with your Facebook below or create a new account.

Sign Up

Join to view Secure Role Based IM 2 2 and access 3M+ class-specific study document.

Continue Continue
or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?

We couldn't create a GradeBuddy account using Facebook because there is no email address associated with your Facebook account.

Link an email address with your Facebook below or create a new account.