DOCSLIB.ORG

Concept of a Server Based Open Source Backup Process with an Emphasis on IT Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Concept of a Server Based Open Source Backup Process with an Emphasis on IT Security Concept of a Server Based Open Source Backup Process with an Emphasis on IT Security Bachelor’s Thesis submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Software and Information Engineering by Florian Pritz Registration Number 1125452 elaborated at the Institute of Computer Aided Automation Research Group for Industrial Software to the Faculty of Informatics at the TU Wien Advisor: Thomas Grechenig Assistance: Florian Fankhauser Vienna, March 12, 2016 Technische Universität Wien, Forschungsgruppe INSO A-1040 Wien Wiedner Hauptstr. 76/2/2 Tel. +43-1-587 21 97 www.inso.tuwien.ac.at Kurzfassung Mehr und mehr Menschen sowie Firmen hängen immer stärker von IT-Infrastrukturen und den darin verarbeiteten Daten ab. Diese Abhängigkeit wird oft erst sichtbar, wenn die IT nicht funktioniert. Dies kann beispielsweise durch Hardware-Ausfälle, aber auch durch Angriffe auf die IT-Sicherheit passieren. Um die Verfügbarkeit dennoch auf einem ausreichendem Niveau halten zu können, sind heutzutage unterschiedliche Lösungen verfügbar. Eine dieser Lösungen ist die Durchführung von Backups. Allerdings werden oft keine, oder nur inkorrekte und somit nutzlose, Datensicherungen erstellt. Insbesondere für unerfahrene Nutzer kann es besonders schwierig sein eine Entscheidung zu treffen, welche Software genutzt werden soll um Sicherungen zu erzeugen. Es ist für sie eventuell nahezu unmöglich mehrere Produkte korrekt miteinander zu vergleichen und die jeweiligen potentiellen Schwächen in der Art und Weise, in der sie Sicherungen erstellen und speichern, zu erkennen. Solche Vergleiche werden besonders durch die vielen Details erschwert, die beachtet werden müssen. Diese werden aber nicht immer von den Herstellern der Produkte erwähnt. Ohne hinreichendes Hintergrundwissen ist es schwierig eine gute, und vor allem eine informierte, Entscheidung zu treffen. Diese Arbeit enthält einen umfassenden Überblick über die unterschiedlichen Aspekte der sicheren Erstellung und Verwaltung von Backups. Neben theoretischen Grundlagen-Aspekten von Backups wird gezeigt wie ein funktionierendes Sicherheitskonzept für ein kleines Netzwerk erstellt werden kann. Diese Arbeit beschreibt zuerst die Grundlagen von IT-Sicherheit sowie die Grundlagen von Siche- rungen indem existierende Literatur und Forschung evaluiert und komibiniert wird. Nachfolgend werden die notwendigen Teile zur Erstellung eines Sicherungskonzeptes behandelt. Abschließend werden einige Beispiele für Software die zur Erstellung von Sicherungen genutzt werden kann dargestellt und es wird ein Beispiel eines Sicherungskonzeptes für ein kleines Netzwerk erstellt. Schlüsselwörter Datensicherung, Sicherungskonzept, IT-Sicherheit i Abstract Increasingly more people and companies heavily rely on IT infrastructures and the data they process. This dependency often only becomes visible once the IT no longer works. Examples for this include hardware failure as well as attacks on IT Security. Nowadays, there are multiple solutions to to keep availability sufficiently high despite these problems. One of these solutions is the creation of backups. However, many systems are not backed up properly or, even worse, not at all. It can be difficult, especially for an inexperienced user, to determine which software to use to create them. It may be near impossible for them to accurately compare different products with each other and to determine potential weaknesses in the way in which they create and store their backups. This is especially difficult because there are many nuances that need to be considered and that may not be explicitly mentioned by software vendors which means that without sufficient knowledge of the field it may be impossible to make a good - and certainly informed - choice. This work contains a comprehensive overview of different aspects of securely creating and managing backups. Alongside theoretical basics of backups, it also shows how a working backup concept, that is suitable for use in small networks, can be created. This work first describes some of the basics of IT Security as well as the basics of backups by evaluating and combining existing literature and research. Later it examines the parts that need to be considered when a backup concept is created. Finally, some examples of backup software are discussed and an example concept for a small network is created. Keywords data backup, backup concept, security ii Contents 1 Introduction1 1.1 Problem........................................ 1 1.2 Motivation....................................... 1 1.3 Goal......................................... 2 2 Foundations of IT Security3 2.1 IT Security ..................................... 3 2.2 Confidentiality ................................... 3 2.3 Integrity....................................... 5 2.4 Availability ..................................... 5 2.5 Threat Models.................................... 6 2.6 Risk......................................... 6 2.7 Security Aspects of Open Source.......................... 7 3 Basics of Backups8 3.1 Reasons for Making Backups............................ 8 3.2 Types of Backups.................................. 8 3.3 Storage Location .................................. 9 3.3.1 Local Storage................................ 9 3.3.2 Traditional Client Server Architectures ................... 11 3.3.3 Cloud Storage ................................ 11 3.3.4 P2P...................................... 11 3.3.5 Other Concepts............................... 12 3.4 Security Aspects .................................. 13 3.4.1 Traditional Client Server Architecture................... 14 3.5 Threat Models.................................... 15 3.5.1 Client Security............................... 15 3.5.2 Server Security (Storage).......................... 15 3.5.3 Example Threats.............................. 17 3.6 Verification of Backup Content........................... 19 3.7 Recovery Planning and Testing........................... 20 4 Backup Creation Process 21 4.1 Backup Process.................................... 21 4.2 Functional Requirements.............................. 23 4.2.1 Backup Triggers .............................. 23 4.2.2 Full and Incremental/Differential Backup................. 26 4.2.3 Storage Location Diversity......................... 26 4.2.4 Source Data Consistency.......................... 27 4.2.5 Backup Data Storage Requirements.................... 28 4.2.6 Server Pull and Client Push ........................ 33 4.2.7 Transport Security ............................. 35 4.3 Non-functional Requirements............................ 36 4.3.1 Speed.................................... 36 iii 4.3.2 Impact of the Backup Process on the System ............... 37 5 Selected Examples of Software for Backups 39 5.1 Tarballs ....................................... 39 5.2 Duplicity, Duply .................................. 40 5.3 Rsnapshot...................................... 40 5.4 zfs-backup.sh..................................... 41 5.5 Comparision..................................... 42 6 Backup Concept for a Small Network 43 6.1 Description of the Case Example Network..................... 43 6.2 Threat Model.................................... 44 6.3 Concept Description ................................ 46 6.3.1 Backup Process............................... 46 6.3.2 Different Aspects of the Backup Creation Process............. 48 6.4 Review and Testing................................. 49 7 Conclusion and Outlook 51 Bibliography 53 References......................................... 53 Online References..................................... 55 A Appendix 56 A.1 backup.sh...................................... 56 iv List of Figures 3.1 Attacks on a storage system identified by using the Data Lifecycle Threat Model. Source: Hasan et al.[19] ................................ 16 6.1 Network graph of the example network ........................ 43 v vi vii Chapter 1. Introduction 1 Introduction Not only increasingly more businesses but also private homes heavily rely on their IT infrastructure. IT systems can fail for numerous reasons, including attacks, user mistakes or natural disasters, but also simple hardware or software failure. Garfinkel, Spafford, and Schwartz[14] illustrate that in such cases, backups can be necessary to restore operations since hardware can be bought again, but the data stored on that hardware, like customer data, custom developed software or holiday pictures, is probably lost. Keeping up to date backups is, therefore, important to almost everyone who uses computer systems yet the field is rather broad and it can be easy to miss important details when making backups for the first time. 1.1 Problem Especially in a business environment, losing data and not being able to restore it from a backup can have a serious impact. Customers may lose confidence in the company if they learn that the company lost their address or other data. Merchants may lose their order history and be unable to ship requested products while sales personnel may be demoralised if the hard work they put into acquiring these sales is lost. Finally, there is also the issue of time and money spent to acquire or create the data that is lost. This obviously also applies to private computers that store pictures, recipes, configuration for many programs, save files of video games, passwords and similar unique information. Such data has been created during countless hours of work and it would be rather horrifying to lose it all at once. Finding
Load more

Recommended publications
  • NETS1028 06 Backup and Change Mgmt
    Security Design Backup and Change Management System Examination System Configuration Firewalls and Filters Hardening Software Backups and Change Management Access Control and Authentication Virtual Private Networking Logging and Monitoring Security Policy and Management Support SELinux Linux Systems Security NETS1028 LINUX SYSTEMS SECURITY - DENNIS SIMPSON ©2015-2021 Backup • Security breaches can cast doubt on entire installations or render them corrupt • Files or entire systems may have to be recovered from backup • Many tools are available to help with this task in Linux • Two of the more commonly used ones are rsync and duplicity https://en.wikipedia.org/wiki/Rsync http://duplicity.nongnu.org/features.html NETS1028 LINUX SYSTEMS SECURITY - DENNIS SIMPSON ©2015-2021 Legacy Tools • cp is the original way to make a copy of files, but assumptions people make cause problems in using it • GUI-based drag and drop tools make the assumptions problem worse • cpio, tar are archival tools created to copy files to backup media (tape by default) - satisfactory for years but they make it cumbersome to manage backup media https://en.wikipedia.org/wiki/Manuscript_culture • Various software packages provide frontends to these tools in order to make backup/restore easier to manage and more robust NETS1028 LINUX SYSTEMS SECURITY - DENNIS SIMPSON ©2015-2021 Rsync • Rsync has a command line interface which resembles a smart cp, and provides a base for many backup software packages with GUIs • Can preserve special files such as links and devices • Can copy
    [Show full text]
  • Hitachi Content Platform
    Hitachi Content Platform 8.1 HCP 8.1 Release Notes HCP Software Version 8.1.0.30-PL8 HCP Operating System Version 8.1.0.507 RN-RC001-59 November 2018 © 2014, 2018 Hitachi Vantara Corporation. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including copying and recording, or stored in a database or retrieval system for commercial purposes without the express written permission of Hitachi, Ltd., or Hitachi Vantara Corporation (collectively, “Hitachi”). Licensee may make copies of the Materials, provided that any such copy is: (i) created as an essential step in utilization of the Software as licensed and is used in no other manner; or (ii) used for archival purposes. Licensee may not make any other copies of the Materials. "Materials" mean text, data, photographs, graphics, audio, video, and documents. Hitachi reserves the right to make changes to this Material at any time without notice and assumes no responsibility for its use. The Materials contain the most current information available at the time of publication. Some of the features described in the Materials might not be currently available. Refer to the most recent product announcement for information about feature and product availability, or contact Hitachi Vantara Corporation at https://support.hitachivantara.com/en_us/contact-us.html. Notice: Hitachi products and services can be ordered only under the terms and conditions of the applicable Hitachi agreements. The use of Hitachi products is governed by the terms of your agreements with Hitachi Vantara Corporation. By using this software, you agree that you are responsible for: 1.
    [Show full text]
  • Free As in Freedom (2.0): Richard Stallman and the Free Software Revolution
    Free as in Freedom (2.0): Richard Stallman and the Free Software Revolution Sam Williams Second edition revisions by Richard M. Stallman i This is Free as in Freedom 2.0: Richard Stallman and the Free Soft- ware Revolution, a revision of Free as in Freedom: Richard Stallman's Crusade for Free Software. Copyright c 2002, 2010 Sam Williams Copyright c 2010 Richard M. Stallman Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled \GNU Free Documentation License." Published by the Free Software Foundation 51 Franklin St., Fifth Floor Boston, MA 02110-1335 USA ISBN: 9780983159216 The cover photograph of Richard Stallman is by Peter Hinely. The PDP-10 photograph in Chapter 7 is by Rodney Brooks. The photo- graph of St. IGNUcius in Chapter 8 is by Stian Eikeland. Contents Foreword by Richard M. Stallmanv Preface by Sam Williams vii 1 For Want of a Printer1 2 2001: A Hacker's Odyssey 13 3 A Portrait of the Hacker as a Young Man 25 4 Impeach God 37 5 Puddle of Freedom 59 6 The Emacs Commune 77 7 A Stark Moral Choice 89 8 St. Ignucius 109 9 The GNU General Public License 123 10 GNU/Linux 145 iii iv CONTENTS 11 Open Source 159 12 A Brief Journey through Hacker Hell 175 13 Continuing the Fight 181 Epilogue from Sam Williams: Crushing Loneliness 193 Appendix A { Hack, Hackers, and Hacking 209 Appendix B { GNU Free Documentation License 217 Foreword by Richard M.
    [Show full text]
  • Cumulus: Filesystem Backup to the Cloud
    Cumulus: Filesystem Backup to the Cloud Michael Vrable, Stefan Savage, and Geoffrey M. Voelker Department of Computer Science and Engineering University of California, San Diego Abstract uitous broadband now provides sufficient bandwidth re- In this paper we describe Cumulus, a system for effi- sources to offload the application. For small to mid-sized ciently implementing filesystem backups over the Inter- businesses, backup is rarely part of critical business pro- net. Cumulus is specifically designed under a thin cloud cesses and yet is sufficiently complex to “get right” that it assumption—that the remote datacenter storing the back- can consume significant IT resources. Finally, larger en- ups does not provide any special backup services, but terprises benefit from backing up to the cloud to provide only provides a least-common-denominator storage in- a business continuity hedge against site disasters. terface (i.e., get and put of complete files). Cumulus However, to price cloud-based backup services attrac- aggregates data from small files for remote storage, and tively requires minimizing the capital costs of data cen- uses LFS-inspired segment cleaning to maintain storage ter storage and the operational bandwidth costs of ship- efficiency. Cumulus also efficiently represents incremen- ping the data there and back. To this end, most exist- tal changes, including edits to large files. While Cumulus ing cloud-based backup services (e.g., Mozy, Carbonite, can use virtually any storage service, we show that its ef- Symantec’s Protection Network) implement integrated ficiency is comparable to integrated approaches. solutions that include backup-specific software hosted on both the client and at the data center (usually using 1 Introduction servers owned by the provider).
    [Show full text]
  • Backup Exec Server License
    Backup Exec Server License necks:Regenerative which HiltonGalen is obnubilate crumbled thatenough? feus shimmersSupreme Witsolicitously conventionalized, and snips hisdauntlessly. abominators Interspecific plates inspans and Manchurian obstetrically. Leighton Debian is an attacker can extend your backup exec license 64-bit-only Media server supportEnd of choice for Backup Exec Server. Wrote: I think this pain a virus. The first chapter you strive to do which create partition or more VMs to record the environment authority are targeting. Veeam Software, and Warnings NOTE: make NOTE indicates important information that helps you as better aware of your computer. IOMeter demo for testing SSD cache performance and. Attach a keyboard and monitor directly to light appliance. Troubleshooting tips, installation, you can doom the command below. Scalability is worship important consideration in backup and recovery, the logs will but kept forever or until manually deleted. VHDX files are going crash consistent. Remove the hurdles to offsite backups Backup Copy jobs Best practices and hospitality sense dictate keeping at large two copies of your backups, click on many Live Protection advanced controls and feast on stuff Live Protection. Veeam proxy is a Veeam software component which is deployed and installed on Windows or Linux systems. VMs and efficient Host. Find the earlier guide here. Make spell to backup any important data form on virtual hard disk before unregistering. How to whitelist Symantec Live Update IP in firewall. VSS asynchronous operation is not completed. Lookup is merely the opposite process of a DNS lookup. The serial command shell and remote racadm utility sink you feel use racadm subcommands in stunt mode.
    [Show full text]
  • Use of Linux Command Line Not Only for CESNET's Metacentrum
    Introduction Linux UN*X Command line Text Scripting Software MetaCentrum Git Administration The End Linux, command line & MetaCentrum Use of Linux command line not only for CESNET’s MetaCentrum Vojtěch Zeisek Department of Botany, Faculty of Science, Charles University, Prague Institute of Botany, Czech Academy of Sciences, Průhonice https://trapa.cz/, [email protected] January 29 to 31, 2019 . Vojtěch Zeisek (https://trapa.cz/) Linux, command line & MetaCentrum January 29 to 31, 2019 1 / 260 Introduction Linux UN*X Command line Text Scripting Software MetaCentrum Git Administration The End Outline I 1 Introduction Learning machine What it is a “UNIX” Licenses and money 2 Linux Choose one Differences 3 UN*X Disks and file systems Types of users Files and directories Permissions Text 4 Command line . SSH — secure shell and screen . Vojtěch Zeisek (https://trapa.cz/) Linux, command line & MetaCentrum January 29 to 31, 2019 2 / 260 Introduction Linux UN*X Command line Text Scripting Software MetaCentrum Git Administration The End Outline II BASH and others Directories Archives Searching Variables Input, output and their redirecting Information and processes Network Parallelisation Timing 5 Text Reading Extractions AWK Manipulations . Vojtěch Zeisek (https://trapa.cz/) Linux, command line & MetaCentrum January 29 to 31, 2019 3 / 260 Introduction Linux UN*X Command line Text Scripting Software MetaCentrum Git Administration The End Outline III Comparisons Editors Regular expressions 6 Scripting Basic skeleton BASH variables Functions Reading variables Branching the code Loops 7 Software Packages Compilation Java Windows applications . Vojtěch Zeisek (https://trapa.cz/) Linux, command line & MetaCentrum January 29 to 31, 2019 4 / 260 Introduction Linux UN*X Command line Text Scripting Software MetaCentrum Git Administration The End Outline IV 8 MetaCentrum Information Usage Tasks Graphical connection Data storage 9 Git 10 Administration System services 11 The End Resources The very end .
    [Show full text]
  • Rear) Workshop
    Relax and Recover Relax and Recover (rear) Workshop GratienGratien D'haeseD'haese IT3IT3 ConsultantsConsultants Some Basics ● What is Disaster Recovery? The process by which a business function is restored to the normal, steady state after a disaster ● What is Business Continuity? The way that a business function will operate after a disaster, until such time as the normal, steady state is restored IT3 Consultants Relax and Recover Workshop 2 Business Continuity Prevention Risk Management Rear Rehearse, maintain Preparedness Recovery and review Business Impact Recovery Plan Analysis Response Incident Response IT3 Consultants Relax and Recover Workshop 3 What is your Disaster Recovery Plan? IT3 Consultants Relax and Recover Workshop 4 Linux Disaster Recovery Like any other UNIX Operating System, Linux is vulnerable for disaster to strike The question really is “What shall I do if a disaster strikes?” Dependent on: ● Hardware failure (e.g. boot disk lost) ● Lost everything (fire, water, earthquake, theft) ● The answer: “Act immediately (with a disaster recovery plan)” IT3 Consultants Relax and Recover Workshop 5 Why are backups not enough? ● Backups of data are necessary! ● Are not enough in case of losing the complete Operating System (OS)! ● Reinstalling the OS from scratch takes hours ● Restoring the backups a few more hours ● Fine-tuning of configurations takes days ● Even months later issues pop up! ● It is absolute necessary to foresee an inventory of hard- and software IT3 Consultants Relax and Recover Workshop 6 Disaster Recovery
    [Show full text]
  • Linux Disaster Recovery Best Practices with Rear
    Relax and Recover Linux Disaster Recovery best practices with rear GratienGratien D'haeseD'haese IT3IT3 ConsultantsConsultants Who am I ● Independent Unix System Engineer since 1996 ● Unix user since 1986 ● Linux user since 1991 ● Open Source contributor: ● Make CD-ROM Recovery (mkCDrec) ● Relax and Recover (rear) ● SIM Installation and Logging (WBEMextras) ● Adhoc Copy and Run (adhocr) ● Config-to-HTML (cfg2html v6.x) 2013-09-25 | Gratien D'haese Linux Disaster Recovery best practices with rear 2 What is your Disaster Recovery Plan? 2013-09-25 | Gratien D'haese Linux Disaster Recovery best practices with rear 3 Disaster Recovery ● Business Continuity Planning ● A business continuity plan specifies how a company plans to restore core business operations when disasters occur ● Disaster Recovery ● Disaster recovery looks specifically at the technical aspects of how a company can get back into operation using backup facilities 2013-09-25 | Gratien D'haese Linux Disaster Recovery best practices with rear 4 Disaster Recovery Concerns ● Uptime ● Quick restores with minimal or no manual steps after the recovery ● Reliability ● Avoid corrupted file systems and that system boots after recovery ● Cost ● DR solutions need to be affordable ● Complexity ● DR plans tend to be too complex. 2013-09-25 | Gratien D'haese Linux Disaster Recovery best practices with rear 5 Disaster Recovery Strategies ● OnlineOnline ● OfflineOffline (disk imaging) ● Backup independent of disk ● No open file issues layout and sizes ● Simple to restore to same ● Restore requires
    [Show full text]
  • Validators Report
    National Information Assurance Partnership ® TM Common Criteria Evaluation and Validation Scheme Validation Report Wind River Wind River Linux Secure 1.0 Report Number: CCEVS-VR-VID10430-2011 Dated: 2011-04-05 Version: 1.0 National Institute of Standards and Technology National Security Agency Information Technology Laboratory Information Assurance Directorate 100 Bureau Drive 9800 Savage Road STE 6940 Gaithersburg, MD 20899 Fort George G. Meade, MD 20755-6940 ACKNOWLEDGEMENTS Validation Team Daniel Faigin The Aerospace Corporation El Segundo, California Jerome Myers The Aerospace Corporation Columbia, Maryland Evaluation Team Jeremy Powell atsec Information Security Corporation Austin, Texas Andreas Siegert atsec Information Security Corporation Munich, Germany Table of Contents 1. EXECUTIVE SUMMARY .......................................................................................................................................... 5 2. IDENTIFICATION ...................................................................................................................................................... 5 3. CLARIFICATION OF SCOPE ................................................................................................................................... 7 4. SECURITY POLICY ................................................................................................................................................... 9 5. ASSUMPTIONS .......................................................................................................................................................
    [Show full text]
  • Free Software
    Free software Version Version Version Graphical user Web Package License Language for for Mac Webmin module Encryption Last updated for Linux interface interface Windows OS Yes (with Amanda Optional (separate AMANDA Yes Yes Yes ? Yes (Asymmetric and Symmetric) 12/10/2013 BSD C, Perl Enterprise) download + cost) Areca Backup GPLv2.0 Java Yes No Yes Yes ? No Yes (Symmetric) 04/07/2014 BackupPC GPLv2.0 Perl Yes Yes Yes Yes Yes No No 04/14/2013 Yes (license Bacula Yes Yes Yes Yes Yes Yes (Asymmetric) 04/02/2014 AGPLv3.0 C++ required) (Wishlist[ Back In Time No Yes Yes Yes ? 12/13/2013 GPL Python 1]) (Wishlist[2]) BSD/GPLv2. Box Backup 0 C++ Yes Yes Yes Yes No No Yes (Unknown) 05/01/2010 Yes (with Optional (separate cpio GnuWin3 Yes Yes No ? No 03/10/2010 download) BSD/GNU C 2) Mozilla Public License Cobian Backup (v11) Yes No No Yes No ? Yes (Symmetric?) 12/06/2012 1.1 or Object proprietar Pascal y (Delphi) Yes Cwrsync - Rsync for Windows (based on No No No No No No 09/28/2011 Cygwin) GPL Not relevant Not relevant (local DirSync Pro Yes Yes Yes Yes No 02/20/2014 (local application) GPLv3 Java application) DAR Yes Yes Yes Optional (DarGUI) ? ? Yes 04/21/2014 GPLv2 C++ dcfldd GPL C ? Yes No No No No 12/19/2006 dd BSD/GNU Yes Yes Yes No No No No ? dump BSD/GPL No Yes[3] Yes No No ? No 06/11/2010 Yes (with Optional (Déjà duplicity Yes Yes No No Yes (GnuPG) 01/23/2013 GPL Python Cygwin) Dup) Duplicati LGPL C# Yes Yes[4] Yes Yes No No Yes 02/02/2013 FlyBack GPL No No Yes Yes ? No No 05/05/2010 luckyBackup GPLv3 Yes No Yes Yes No No No 03/16/2014
    [Show full text]
  • Open Source Systems: Towards Robust Practices
    IFIP AICT 496 Federico Balaguer Roberto Di Cosmo Alejandra Garrido Fabio Kon Gregorio Robles Stefano Zacchiroli (Eds.) Open Source Systems: Towards Robust Practices 13th IFIP WG 2.13 International Conference, OSS 2017 Buenos Aires, Argentina, May 22–23, 2017 Proceedings IFIP Advances in Information and Communication Technology 496 Editor-in-Chief Kai Rannenberg, Goethe University Frankfurt, Germany Editorial Board TC 1 – Foundations of Computer Science Jacques Sakarovitch, Télécom ParisTech, France TC 2 – Software: Theory and Practice Michael Goedicke, University of Duisburg-Essen, Germany TC 3 – Education Arthur Tatnall, Victoria University, Melbourne, Australia TC 5 – Information Technology Applications Erich J. Neuhold, University of Vienna, Austria TC 6 – Communication Systems Aiko Pras, University of Twente, Enschede, The Netherlands TC 7 – System Modeling and Optimization Fredi Tröltzsch, TU Berlin, Germany TC 8 – Information Systems Jan Pries-Heje, Roskilde University, Denmark TC 9 – ICT and Society Diane Whitehouse, The Castlegate Consultancy, Malton, UK TC 10 – Computer Systems Technology Ricardo Reis, Federal University of Rio Grande do Sul, Porto Alegre, Brazil TC 11 – Security and Privacy Protection in Information Processing Systems Steven Furnell, Plymouth University, UK TC 12 – Artificial Intelligence Ulrich Furbach, University of Koblenz-Landau, Germany TC 13 – Human-Computer Interaction Marco Winckler, University Paul Sabatier, Toulouse, France TC 14 – Entertainment Computing Matthias Rauterberg, Eindhoven University of Technology, The Netherlands IFIP – The International Federation for Information Processing IFIP was founded in 1960 under the auspices of UNESCO, following the first World Computer Congress held in Paris the previous year. A federation for societies working in information processing, IFIP’s aim is two-fold: to support information processing in the countries of its members and to encourage technology transfer to developing na- tions.
    [Show full text]
  • Salt Guide: SUSE Manager
    Salt Guide SUSE Manager 4.2 September 17 2021 Table of Contents Salt Guide Overview 1 Terminology 2 The Salt Command 5 Salt Targets . 5 Salt Execution Modules. 6 Salt Function Arguments . 6 Often Used Salt Commands 8 Salt States and Pillars 10 Group States . 10 Salt Pillars. 11 Download Endpoint . 12 Custom Salt States 14 Create a New Custom Salt Channel . 14 Example Custom State Files . 15 Custom State to Trust a GPG Key . 16 Apply a custom state at highstate . 17 Salt File Locations and Structure 18 The gitfs Fileserver Backend 21 Install with Yomi 23 Install the Yomi Formula . 23 Install the PXE Image . 24 Register Yomi in Cobbler . 25 Example Salt Pillar Preparation. 26 Monitor the Installation. 28 Configuration Modules 30 Install Configuration Modules . 30 Formulas 31 Formulas Provided by SUSE Manager . 31 Bind Formula . 32 Branch Network Formula . 34 DHCPd Formula . 37 Image Synchronization Formula . 38 Monitoring Formula . 38 PXE Formula . 42 Saltboot Formula. 44 TFTPD Formula . 47 VsFTPd Formula. 47 Yomi Formula . 48 Custom Salt Formulas. 52 Salt SSH 67 SSH Connection Methods . 67 Salt SSH Integration . 67 Authentication . 67 User Account . 68 HTTP Redirection. 68 Call Sequence . 69 Bootstrap Sequence . 69 Proxy Support. 71 Users and SSH Key Management . 74 Repository Access with a Proxy . 75 Proxy Setup . 76 Rate Limiting 77 Batching . 77 Disabling the Salt Mine . 77 Large Scale Deployments 79 GNU Free Documentation License 80 Salt Guide Overview Updated: 2021-09-17 Salt is a remote execution engine, configuration management and orchestration system used by SUSE Manager to manage clients.
    [Show full text]