Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur

Published byLiana Edgcomb Modified over 10 years ago

Similar presentations

Presentation on theme: "Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur"— Presentation transcript:

1 Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur
SG17 Tutorial Geneva 15 Dec 2010 V1.1 Application of CYBEX (Cybersecurity Information Exchange) techniques to future networks Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur

2 CYBEX Basics The new cybersecurity paradigm
know your weaknesses minimize the vulnerabilities know your attacks share the heuristics within trust communities CYBEX – techniques for the new paradigm Weakness, vulnerability and state Event, incident, and heuristics Information exchange policy Identification, discovery, and query Identity assurance Exchange protocols X.1500 culminates a broadly supported 2-year effort Consists of a non-prescriptive, extensible, complementary “collection of tools” that can be used as needed

3 Today’s Reality “security by design” is not a reasonable objective today, as the code/systems are too complex, distributed, autonomous and constantly changing Common global protocol platforms for the trusted exchange of information are essential A distributed, “security management” network plane that supports autonomy is emerging Single “national centres” for this purpose are not feasible and would represent a massive vulnerability

4 CYBEX Facilitates a Global Cybersecurity Model
Measures for protection Encryption/ VPNs esp. for signalling Measures for threat detection Real-time data availability Resilient infrastructure Stored event data availability Provide basis for additional actions Forensics & heuristics analysis Provide data for analysis Provide basis for actions Identity Management Routing & resource constraints Measures for threat response Reputation sanctions Blacklists & whitelists Deny resources Patch development Provide awareness of vulnerabilities and remedies Network/ application state & integrity Vulnerability notices CYBEX Information Exchange Techniques

5 Cybersecurity Information acquisition Cybersecurity Information use
The CYBEX Model structuring cybersecurity information for exchange purposes identifying and discovering cybersecurity information and entities establishment of trust and policy agreement between exchanging entities requesting and responding with cybersecurity information assuring the integrity of the cybersecurity information exchange Cybersecurity Entities Cybersecurity Entities Cybersecurity Information acquisition (out of scope) Cybersecurity Information use (out of scope)

6 CYBEX Technique Clusters: Structured Information
Weakness, Vulnerability/State Exchange Event/Incident/Heuristics Exchange Knowledge Base Platforms Weaknesses Vulnerabilities and Exposures Event Expressions Malware Patterns State Security State Measurement Configuration Checklists Assessment Results Incident and Attack Patterns Malicious Behavior Exchange Policies Exchange Terms and conditions

7 CYBEX Technique Clusters: Utilities
Identification, Discovery, Query Common Namespaces Discovery enabling mechanisms Request and distribution mechanisms Identity Assurance Exchange Protocol Trusted Platforms Authentication Assurance Methods Authentication Assurance Levels Trusted Network Connect Interaction Security Transport Security

8 Today’s Use Cases Your computer X.1500 Appendices Patch Tuesday
Open Windows Update X.1500 Appendices NICT CYBEX Ontology Japan’s JVN USA Federal Desktop Core Configuration/ US Government Configuration Baseline

9 Significant adoption rate
SG17 December 2010 Geneva Cybersecurity Workshop Session 5.1 Robert A. Martin of MITRE described the essentials for Vendor Neutral Security Measurement & Management with Standards Ian Bryant of the EU NEISAS Project described the challenges in sharing security information for infrastructure protection Takeshi Takahashi of NICT described an ontological approach for cybersecurity information haring, especially for Cloud Computing Thomas Millar of the US-CERT presented an operational model of CIRT processes for improved collaboration and capability development Luc Dandurand of NATO described his organizations new initiative for cyber defence data exchange and collaboration infrastructure (CDXI) Damir Rajnovic of FIRST described the structure and mechanisms of the principal global organization of cybersecurity incident centers IETF October 2010 Beijing Meeting CYBEX conceptualized as a security management layer

10 Toward Network Security Planes: Security Automation Schemas Everywhere
OVAL Open Vulnerability and Assessment Language CWE Common Weakness Enumeration CVE Common Vulnerabilities and Exposures CPE Common Platform Enumeration CVSS Common Vulnerability Scoring System CWSS Common Weakness Scoring System CCE Common Configuration Enumeration XCCDF eXensible Configuration Checklist Description Format ARF Assessment Result Format SCAP Security Automation Tools

11 What about Future Networks/NGNs?
A potential implementation of a CYBEX reference model for NGNs is depicted in the following diagrams SCAP should be ubiquitous in the models This approach is adapted from a similar approach already being taken for NGN Identity Management NGN providers would play a substantial CYBEX framework-support function with understood assurance levels among themselves and all network devices and capabilities within their domain Under this approach, CYBEX techniques would be adapted as necessary through the use of extensions and reflected in a new extensible Y-series Recommendation ETSI TISPAN is already working on a similar model

12 CYBEX applied to Future Network Strata
Scope of CYBEX Management Plane Control Plane User Plane NGN Service Stratum Management Plane Control Plane User Plane NGN Transport Stratum Figure 2/Y.2011

13 CYBEX applied to Future Network Functions
Resources Transfer Functional Area Transport Management Functions Infrastructural, application, middleware and baseware services Services Transport Control Functions Service Management Functions Service Control Functions Scope of CYBEX Figure 3/Y.2011

14 CYBEX applied to Future Network Models toward a NGN/FN security plane
CYBEX Exchange on UNI Interfaces CYBEX Exchange on UNI Interfaces CYBEX Exchange on NNI Interfaces NGN Provider A NGN Provider B CYBEX CYBEX Management Functions Management Functions Application Support Application Support CYBEX Functions CYBEX Functions End User Functions End User Functions Service Control Service Control CYEX Functions Cybex Functions Transport Stratum Transport Stratum CYBEX Functions CYBEX Functions

Download ppt "Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur"

Similar presentations

Service Oriented Architecture Reference Model

Service Oriented Architecture Reference Model
1DAML PI meeting, 16-18 October DAML and Agents DAML and Agents Breakout Session DAML PI Meeting 17 October 2002 Tim Finin.

1DAML PI meeting, October DAML and Agents DAML and Agents Breakout Session DAML PI Meeting 17 October 2002 Tim Finin.
M2M Architecture Inge Grønbæk, Telenor R&I ETSI Workshop on RFID and The Internet Of Things, 3rd and 4th December 2007.

M2M Architecture Inge Grønbæk, Telenor R&I ETSI Workshop on RFID and The Internet Of Things, 3rd and 4th December 2007.
Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI 2010. All rights reserved.

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI All rights reserved.
All rights reserved © 2006, Alcatel Grid Standardization & ETSI (May 2006) B. Berde, Alcatel R & I.

All rights reserved © 2006, Alcatel Grid Standardization & ETSI (May 2006) B. Berde, Alcatel R & I.
The Need For Trust in Communications Networks Carlos Solari Bell Labs, Security Solutions May 2007.

The Need For Trust in Communications Networks Carlos Solari Bell Labs, Security Solutions May 2007.
SOA for EGovernment 1 Emergency Services Enterprise Framework: A Service-Oriented Approach Sukumar Dwarkanath COMCARE Michael Daconta Oberon Associates.

SOA for EGovernment 1 Emergency Services Enterprise Framework: A Service-Oriented Approach Sukumar Dwarkanath COMCARE Michael Daconta Oberon Associates.
Geneva, Switzerland, 17 October 2011 ITU Workshop on Service Delivery Platforms (SDP) for Telecommunication Ecosystems: from todays realities to requirements.

Geneva, Switzerland, 17 October 2011 ITU Workshop on Service Delivery Platforms (SDP) for Telecommunication Ecosystems: from todays realities to requirements.
Cyber Defence Data Exchange and Collaboration Infrastructure (CDXI)

Cyber Defence Data Exchange and Collaboration Infrastructure (CDXI)
Colombo, Sri Lanka, 7-10 April 2009 Preferential Telecommunications Service Access Networks Lakshmi Raman, Senior Staff Engineer Intellectual Ventures.

Colombo, Sri Lanka, 7-10 April 2009 Preferential Telecommunications Service Access Networks Lakshmi Raman, Senior Staff Engineer Intellectual Ventures.
International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 14 Slide 1 Object-oriented Design 1.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 14 Slide 1 Object-oriented Design 1.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Wayne Zeuch, ATIS ATIS Cybersecurity Standards Document No: GSC16-GTSC9-10 Source: ATIS Contact:

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Wayne Zeuch, ATIS ATIS Cybersecurity Standards Document No: GSC16-GTSC9-10 Source: ATIS Contact:
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Federal Desktop Core Configuration and the Security Content Automation Protocol Peter Mell, National Vulnerability Database National Institute of Standards.

Federal Desktop Core Configuration and the Security Content Automation Protocol Peter Mell, National Vulnerability Database National Institute of Standards.
Managed Incident Lightweight Exchange (MILE) Overview and Participation Kathleen Moriarty Global Lead Security Architect EMC Corporate CTO Office.

Managed Incident Lightweight Exchange (MILE) Overview and Participation Kathleen Moriarty Global Lead Security Architect EMC Corporate CTO Office.
Cyber Security: Past and Future John M. Gilligan CERT’s 20 th Anniversary Technical Symposium Pittsburgh, PA www.gilligangroupinc.com March 10, 2009.

Cyber Security: Past and Future John M. Gilligan CERT’s 20 th Anniversary Technical Symposium Pittsburgh, PA March 10, 2009.
CYBEX - The Cybersecurity Information Exchange Framework

CYBEX - The Cybersecurity Information Exchange Framework
The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.

The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.
DOCUMENT #:GSC15-GTSC-07 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:4.2 An overview of the Cybersecurity Information.

DOCUMENT #:GSC15-GTSC-07 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:4.2 An overview of the Cybersecurity Information.

Similar presentations

Ads by Google