Upload
bhadreshsinh-gohil
View
347
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Security web portal, used for vulenerability Assessment.
Citation preview
Guided by :-
Dr. Sandeep K. Joshi Rishi K. Pathak Satyaswarup Yerramilli
Principle Technical Officer Senior Technical Officer Seniour Technical Officer
NPSF Group NPSF Group NPSF Group
C-DAC C-DAC C-DAC
Pune Pune Pune
12/4/2012 1
Prepared by :-
Bhadreshsinh Gohil
ME in Computer Engineering
3rd Sem.
Enroll no. :- 111060751030.
Gujarat Technological University,
Ahmedabad.
GTU
Introduction and Motivation
The Identified Problem
The Proposed Solution
Illustrative Case Studies
References
12/4/2012 2GTU
Internet is now ubiquitous Many Internet-based applications are in use
today Web services is an important paradigm for
designing Internet-based applications This all web services are hosted not only in DMZ
in datacenter but also with Public IPs using withvarious Network Technology like NAT.
For this we need implementation of SecurityDevices and controls like firewalls.
12/4/2012 3GTU
12/4/2012GTU 4
The web hosting setup and associatednetwork security and networking setupbeing vast and there being multiplestakeholders in the decision makingprocess, releasing new websites/ webportals to the public internet becomesvery intricate, cumbersome and errorprone often leading to delays,unsatisfied expectations and ownershipof responsibilities issues.
12/4/2012 5GTU
To resolve these issues it is proposed to build a framework which will streamline the process and also delegate most of the activities to several of designated stakeholders from each group.
The framework will enable the users/groups to do most of the work related to public release of the websites/webportals and other network based services on their own with the intervention from the systems administrators or network security experts coming in only towards the final steps, if at all required. The framework will also support different roles.
12/4/2012 6GTU
The proposed framework will be web enabled.
It will be built using standard web development technologies like PHP, Java, Javascripts and use databases like mysql/postgresql in the backend.
Apart from these the core networking technologies like firewall, router, bandwidth management and security/vulnerability assessment of web applications will be exploited to their maximum capabilities.
The framework will require extensive scripting in either bash or python on linux platform to handle several of the backend tasks like implementing policy changes on the security device, enabling virtual hosting on apache server etc.
The framework will use OpenAM based Single Sign-On or LDAP for user authentication and authorization purpose.
12/4/2012 7GTU
Intranet Security Framework Based on Shortlived Certificate
Symantec Security Framework
Cyberroam Security Framework
IBM unified Threat Management
12/4/2012 8GTU
Definition & Understanding
Computers
Mobile Devices
Information
Applications
Networks / Infrastructure
Assets At Risk!
Attack!
Atta
ck!
Atta
ck!
Attack!
Threat DirectionInternal to InternalExternal to Internal
Threat TargetInternal Data AssetInternal Disruption
Threat HighwayInternal Connection RequiredDirect/Wireless/Remote/VPN
Threat DetectionNetwork Based
Connection Oriented
12/4/2012 9GTU
Key Elements of Delivering Security
Communication Security• Protection of data and voice
communications between designated endpoints.
Authorisation & Access Control• Support of multi-level security
measures by implementing identity or role based access control on applications, application server, 802.1x etc
Reliability & Resilience• Tolerance to hardware and software
failures, asymmetric and unidirectional links, or limited range of wireless communication
Easy• Deploying technology should not
impact usability in a way that is intolerable
Network Infrastructure Protection• Protection of routing and network
management infrastructure against both passive and active attacks, such as rogue devices, insertion, deletion, modification or replay of control messages,
Efficiency• Electrical, computing power, RF
resource and network bandwidth
Transmission Security• The services include
countermeasures against radio signal detection, jamming, control/user data acquisition, and eavesdropping
12/4/2012 10GTU
12/4/2012 11GTU
12/4/2012 12GTU
12/4/2012 13GTU
12/4/2012 14GTU
12/4/2012 15GTU
1. Information Gathering and Discovery Example of tools: NMAP
2. Enumeration Example of tools: NMAP
3. Detection Example of tools: Retina,NESSUS.
12/4/2012 16GTU
1. Information Gathering and Discovery◦ Network Scanning
◦ Ports Scanning
◦ Directory Service
◦ DNS Zones and Registers
12/4/2012 17GTU
2. Enumeration◦ Hosts and OSs
◦ Ports (including the well-known: 0-1023)
◦ Services and their versions info
◦ SNMP Communities
12/4/2012 18GTU
3. Detection◦ Weakness
◦ Vulnerabilities
◦ Reports are generated
◦ Remediation Tools
12/4/2012 19GTU
12/4/2012 20GTU
12/4/2012 21GTU
Provide Access to the portal 24/7
Security Intelligence Awareness And Alerting
User Configuration & Policy Detail
Security Incident & Service Ticket Information
A Template Driven Reporting Dashboard
Authorization to download log data.
Mr. Rishi K. Pathak (Seniour Technical Officer,NPSFGroup,C-DAC) for valuable comments and suggestions
Satyaswarup Yerramilli(Seniour Technical Officer,NPSFGroup, C-DAC) for his review of the thesis
Mr. Rishi K. Pathak , Seniour Technical Officer, NPSF Groupfor continuous guidance and support
Dr. Sandeep K. Joshi, Research Guide for his motivationthroughout
All my colleagues and staff members of my department fortechnical interactions
The NPSF Group of C-DAC Pune for their administrativesupport
12/4/2012 22GTU
Zachman, J. A. (1987). A framework for information systems architecture. IBM Systems Journal, 26(3), 276-292. Retrieved 18:15, January 21, 2009, from http://www.research.ibm.com/journal/sj/263/ibmsj2603E.pdf
Zachman framework. (2009, January 19). In Wikipedia, The Free Encyclopedia. Retrieved 21:40, January 20, 2009, from http://en.wikipedia.org/w/index.php?title=Zachman_framework&oldid=267343979
CCITT, “The Directory—Authentication Framework,” Recommen-dation X.509, 1989.
935.ibm.com/services/au/gts/juniper/pdf/ibm_managed_security_services_for_unified_threat_management.pdf
http://www-935.ibm.com/services/us/en/it-services/unified-threat-management-utm-service.html
12/4/2012 23GTU
12/4/2012 24GTU
12/4/2012 25GTU
12/4/2012 26GTU