A Management System for Heterogeneous Networks (MSHN) Security Analysis
Abstract
A team of interdisciplinary experts funded by DARPA is in the process of developing a Resource Management System termed MSHN (a Management System for Heterogeneous Networks). MSHN's primary function is to accept a sequence of jobs, and intelligently determine what jobs should be executed on which machines and when. It is designed to take both machine affinity and loads into account, thus providing superior performance and Quality of Service (QoS). The current prototype of MSHN does not provide protection against the threats of inadvertent disclosure and corruption of sensitive information and resources. A rigorous security analysis of MSHN is the first step required to successfully incorporate security into the MSHN project. The approach taken was to analyze MSHN's architecture, information flow diagrams and user interfaces and explain how fundamental security concepts may be applied to MSHN. By exercising the MSHN simulator, this work was able to expose many security weaknesses and outline conceivable methods of exploitation. As a result of this effort, a security policy tailored to MSHN is proposed, a functional breakout process based on the principle of least privilege between common user interface capabilities and administration capabilities is provided, and finally design recommendations for the incorporation of security into MSHN are presented.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 01, 1997
- Accession Number
- ADA341530
Entities
People
- John P. English
Organizations
- Naval Postgraduate School