The Experts below are selected from a list of 1812 Experts worldwide ranked by ideXlab platform
Michael Lustenberger - One of the best experts on this subject based on the ideXlab platform.
-
Secure Remote Management and Software Distribution for Wireless Mesh Networks
2007Co-Authors: Thomas Staub, Daniel Balsiger, Michael Lustenberger, Torsten BraunAbstract:Wireless mesh networks (WMN) are usually spread over large physical areas. They can include node locations that are difficult to reach, e.g., roof tops. Physical access to certain nodes can even be unfeasible depending on bureaucratic or technical problems. During the life time of a WMN it is necessary to process reconfigurations and software updates. Configuration errors and faulty software updates may then destroy the access to individual nodes. Costly on-site reconfiguration is required. We propose a secure Management architecture for WMNs handling configuration errors as well as faulty software updates and avoiding on-site repairs. The architecture is tailored to productive and extensive testbed networks, in which reconfiguration is even more frequent. It is a fully distributed Management solution and provides fallback solutions for configuration errors, and kernel panics. The paper presents our architecture and its implementation including the Linux image, the development system and the Management Console.
-
Tutorial for Secure Remote Management of Wireless Mesh Networks
2007Co-Authors: Thomas Staub, Daniel Balsiger, Michael Lustenberger, Torsten BraunAbstract:1 Getting started with the Management Console 2 1.1 Hardware requirements......................... 2 1.2 Booting the LiveCD for the first time.................. 2 1.3 Creating a new configuration......................
Kalina Jan - One of the best experts on this subject based on the ideXlab platform.
-
Centralization of Java Security Policy Management
Vysoké učení technické v Brně. Fakulta informačních technologií, 2014Co-Authors: Kalina JanAbstract:WildFly is a platform for distributed environment which meets specification of Java Enterprise Edition. This thesis deals with possibilities of centralized Management of security policies in this environment. Security policy is a set of permissions to which the Java virtual machine (JVM) limits possibilities of running applications. Just possibilities of security policy using was in WildFly so far heavily restricted. The result of the thesis are extensions of WildFly which add possibility of central deployment of security policies to individual servers, without need for restart that server, into program interface of WildFly and into WildFly Management Console. Part of result is also patch of core of WildFly, which solve problem of exchange security policy at runtime of JVM
-
Centralization of Java Security Policy Management
Vysoké učení technické v Brně. Fakulta informačních technologií, 2014Co-Authors: Kalina JanAbstract:WildFly je platformou pro distribuované prostředí splňující specifikaci Java Enterprise Edition. Tato práce se zabývá možnostmi centrální správy bezpečnostních politik v tomto prostředí. Bezpečnostní politika je sada oprávnění, na které virtuální stroje Javy (JVM) omezují možnosti spuštěných aplikací. Právě možnosti používání bezpečnostních politik byly ve WildFly dosud silně omezeny. Výsledkem práce jsou rozšiřující moduly WildFly, doplňující programové rozhraní WildFly a webovou administrační konzolu WildFly o možnost centrálního nasazování bezpečnostních politik na jednotlivé servery domény WildFly bez potřeby jejich restartu. Součástí výsledku je také záplata samotného jádra WildFly, řešící problém výměny bezpečnostní politiky za běhu JVM.WildFly is a platform for distributed environment which meets specification of Java Enterprise Edition. This thesis deals with possibilities of centralized Management of security policies in this environment. Security policy is a set of permissions to which the Java virtual machine (JVM) limits possibilities of running applications. Just possibilities of security policy using was in WildFly so far heavily restricted. The result of the thesis are extensions of WildFly which add possibility of central deployment of security policies to individual servers, without need for restart that server, into program interface of WildFly and into WildFly Management Console. Part of result is also patch of core of WildFly, which solve problem of exchange security policy at runtime of JVM.
Bravo Bravo, Angel Heraldo - One of the best experts on this subject based on the ideXlab platform.
-
Implantación De Una Herramienta Ossim Para El Monitoreo Y Gestión De La Seguridad De La Red Y Plataformas Windows Y Linux Aplicado A Empresas Medianas
ESPOL, 2015Co-Authors: Villafuerte Quiroz, Alvaro Luis, Bravo Bravo, Angel HeraldoAbstract:El presente artículo consiste en presentar un análisis de la seguridad de la infraestructura de red y de los servidores en una empresa privada, el enfoque principal es de mantener centralizado todos los eventos “logs” que son generados por los diferentes servidores y equipos de red en una sola consola de administración y realizar un análisis detallado de cada evento, así mismo como obtener reportes personalizados de las vulnerabilidades existentes en los hosts que corren bajo el sistema operativo Windows, de ataques ocasionados y del estado de la red en general. Es así que por medio del desarrollo de este documento se busca presentar una solución informática con la implementación de la herramienta llamada OSSIM, siendo una aplicación Open Source y más que una herramienta de monitoreo de eventos “logs” también es un SIEM (Security Information and Event Management) y trae incorporado diversas formas para gestionar la seguridad en la red, bases de datos, analizar virus y malwares en plataformas Windows, OSSIM específicamente está orientado a los Administradores de red de empresas medianas que necesitan tener un monitoreo general de su infraestructura, obtener reportes en tiempo real de lo que está sucediendo en la red para poder analizar las anomalías y le ayuden en la toma de decisiones y correcciones oportunas.This article is to present an analysis of the security of the network infrastructure and servers in a private company, the main focus is to keep centralized all events "logs" that are generated by different servers and network devices a single Management Console and perform an analysis of each event, also getting custom reports of vulnerabilities on hosts that run under the Windows operating system, the different attacks in the devices and the status of the network in general. Thus, through the development of this document, we are to present a software solution with the implementation of the tool called OSSIM, this software is an open source application and It isn't a just a tool to monitor events "logs" it's also a SIEM (Security Information and Event Management) and has a built tools and more ways to manage network security, databases, analyze viruses and malware on Windows systems operating, OSSIM is specifically aimed for network manager of the medium companies that need a comprehensive monitoring infrastructure, get real-time reports of what is happening in the network to analyze anomalies and to help in making decisions and corrections
Piedrahita Villarraga, Elkin Mauricio - One of the best experts on this subject based on the ideXlab platform.
-
Análisis comparativo de un Firewall de aplicaciones web comerciales y un Open Source frente al top 10 de Owasp.
Universidad Nacional Abierta y a Distancia UNAD, 2016Co-Authors: Piedrahita Villarraga, Elkin MauricioAbstract:Desarrollar una aplicación web podría conllevar un gran número de riesgos informáticos inherentes, existen diferentes tipos de técnicas que han sido utilizadas para tomar provecho de este tipo de aplicaciones algunas de las más conocidas se pueden encontrar en el top OWASP 10, sin embargo día a día nuevas vulnerabilidades son encontradas y la posibilidad que un riesgo se materialicé es cada vez mayor. Por esta razón, las empresas que hacen uso de este tipo de aplicaciones deben tomar conciencia de las vulnerabilidades a las que pueden estar expuestos y establecer algún tipo de control que permita disminuir los riesgos. Los controles que se pueden llevar a cabo en una aplicación web son dos, el primero es realizar una auditoria periódica donde se hace una revisión del código y se ejecutan pruebas de sombrero blanco con el fin de encontrar algún tipo de vulnerabilidad, la segunda es implementar un firewall de aplicación web. Cada control ofrece sus ventajas y desventajas, y en el mejor de los casos lo ideal sería disponer de ambos, si bien la auditoria permitiría generar código más robusto habría una brecha de seguridad en el lapso que una nueva vulnerabilidad sea encontrada hasta el momento en que la auditoria sea realizada. Así que disponer de un WAF que esté en todo momento revisando las peticiones de los usuarios podría incrementar el nivel de seguridad. Ahora la pregunta sería, ¿Qué nivel de seguridad y confiabilidad ofrece un WAF?, históricamente los WAF empezaron a ganar popularidad luego que en el Consejo de Estándares de Seguridad (PCI-DSS) exigieran a las entidades emisoras de tarjetas de crédito realizar controles sobre las aplicaciones web bien sea por revisión del código o mediante un WAF. Hoy en día existen diferentes fabricantes dedicados al desarrollo de WAF y analizando lenguajes de programación tales como HTML, HTTPS, SOAP and XML-RPC, además permiten prevenir ataques como XSS, inyecciones de SQL, secuestro de sesión, desbordamiento de buffer, ataques de día cero entre otros. Así que con base en la anterior los WAF hoy en día tienen una gran reputación y ofrecen un alto nivel de seguridad. Teniendo en cuenta que existen tantas marcas de WAF así como beneficios a nivel seguridad, este proyecto se enfocó en evaluar las diferencias que podrían existir entre un WAF comercial frente a uno de libre de distribución, esta comparación se hizo con base en el Top 10 de OWASP donde cada una de las vulnerabilidades fue probada en cada uno de los WAF. La implementación del esquema de pruebas requirió que el WAF operará en un modo de proxy reverso de esta forma el servidor web no sufrió ningún tipo de alteración durante el desarrollo del proyecto y así garantizar unas pruebas ecuánimes. Los resultados obtenidos de la prueba han permitido evidenciar que el WAF de marca F5 dispone una plantilla de gran cantidad lenguajes de programación web que permiten implementar reglas tan granulares tanto como se especifiquen por el administrador, además dispone un consola de administración web amigable que permite identificar de forma fácil el ataque o información anómala detectada, también se observa que la herramienta dispone de esquema de aprendizaje el cual permite notificar al WAF eventos como falso positivos y aceptar parámetros que en un principio son marcados como anómalos y lo cual es modelo de seguridad positivo permitiendo tener una mayor escalabilidad. Por su parte Modsecurity ofrece una gran versatilidad para el desarrollo de nuevas firmas de ataques, su consola de administración es a través de línea de comando, y el nivel de seguridad que se ofrece es igual al proporcionado por WAF de marca F5 con base en las pruebas realizadas en este proyecto, las cuales no involucrando técnicas avanzadas de ataques web. Así que los niveles de seguridad brindados por el WAF comercial como el de libre distribución están iguales, sin embargo las diferencias radican en las funcionalidades que ofrece el WAF comercial que permite una mayor escalabilidad y mejor modelo de implementación.Developing a web application could entail a large number of inherent computer risks, there are different types of techniques that have been used to take advantage of these types of applications some of the best known can be found in the top OWASP 10, however day by day New vulnerabilities are encountered and the possibility that a risk materialized is increasing. For this reason, companies that use this type of applications must be aware of the vulnerabilities to which they may be exposed and establish some type of control to reduce risks. The controls that can be performed in a web application are two, the first is to perform a periodic audit where the code is checked and white hat tests are run in order to find some kind of vulnerability, the second is to implement A web application firewall. Each control offers its advantages and disadvantages, and in the best case the ideal would be to have both, although the audit would allow to generate more robust code would have a security gap in the time that a new vulnerability is found until the moment in which The audit is performed. So having a WAF that is at all times reviewing the requests of users could increase the level of security. Now the question would be, what level of security and reliability does a WAF ?, WAF historically began to gain popularity after the PCI-DSS required credit card issuers to perform checks on The web applications either by revision of the code or by means of a WAF. Nowadays there are different manufacturers dedicated to the development of WAF and analyzing programming languages such as HTML, HTTPS, SOAP and XML-RPC, besides they can prevent attacks like XSS, SQL injections, session hijacking, buffer overflow, day attacks Zero among others. So based on the above the WAFs today have a great reputation and offer a high level of security. Considering that there are so many WAF marks as well as security benefits, this project focused on evaluating the differences that could exist between a commercial WAF versus a free-distribution one, this comparison was based on the Top 10 of OWASP where each of the vulnerabilities was tested in each of the WAFs. The implementation of the test scheme required that the WAF will operate in a reverse proxy mode in this way the web server did not suffer any type of alteration during the development of the project and thus ensure fair tests. The results obtained from the test have made it possible to show that the WAF F5 brand has a large number of web programming languages that allow the implementation of such granular rules as specified by the administrator, and has a friendly web Management Console that allows the identification It is also observed that the tool has a learning scheme which allows to notify the WAF events as false positives and to accept parameters that are initially marked as anomalous and which is a positive security model Allowing greater scalability. On the other hand, Modsecurity offers a great versatility for the development of new signatures of attacks, its Console of administration is through line of command, and the level of security that is offered is equal to the one provided by WAF of mark F5 based on the Tests carried out in this project, which do not involve advanced techniques of web attacks. So the security levels offered by the commercial WAF as the free distribution are the same, however the differences lie in the functionality offered by the commercial WAF that allows a greater scalability and better implementation model
Daniel Balsiger - One of the best experts on this subject based on the ideXlab platform.
-
Secure Remote Management and Software Distribution for Wireless Mesh Networks
2007Co-Authors: Thomas Staub, Daniel Balsiger, Michael Lustenberger, Torsten BraunAbstract:Wireless mesh networks (WMN) are usually spread over large physical areas. They can include node locations that are difficult to reach, e.g., roof tops. Physical access to certain nodes can even be unfeasible depending on bureaucratic or technical problems. During the life time of a WMN it is necessary to process reconfigurations and software updates. Configuration errors and faulty software updates may then destroy the access to individual nodes. Costly on-site reconfiguration is required. We propose a secure Management architecture for WMNs handling configuration errors as well as faulty software updates and avoiding on-site repairs. The architecture is tailored to productive and extensive testbed networks, in which reconfiguration is even more frequent. It is a fully distributed Management solution and provides fallback solutions for configuration errors, and kernel panics. The paper presents our architecture and its implementation including the Linux image, the development system and the Management Console.
-
Tutorial for Secure Remote Management of Wireless Mesh Networks
2007Co-Authors: Thomas Staub, Daniel Balsiger, Michael Lustenberger, Torsten BraunAbstract:1 Getting started with the Management Console 2 1.1 Hardware requirements......................... 2 1.2 Booting the LiveCD for the first time.................. 2 1.3 Creating a new configuration......................
