Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Defence Data Exchange and Collaboration Infrastructure (CDXI) Luc Dandurand NATO C3 Agency 2 Addressing security challenges.

Similar presentations


Presentation on theme: "Cyber Defence Data Exchange and Collaboration Infrastructure (CDXI) Luc Dandurand NATO C3 Agency 2 Addressing security challenges."— Presentation transcript:

1

2 Cyber Defence Data Exchange and Collaboration Infrastructure (CDXI) Luc Dandurand NATO C3 Agency 2 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

3 NATO C3 Agency Mission: Enable NATOs success through the unbiased provision of comprehensive C4ISR capabilities NC3A mainly provides acquisition and scientific support to NATO and NATO Nations Key player at helping Nations achieve interoperability CDXI is sponsored by NATO Allied Command Transformation (ACT, Norfolk, VA) 3 Geneva, 6-7 December 2010Addressing security challenges on a global scale

4 What is the CDXI? Ultimately, the goal of CDXI is to transport cyber defence data between organisations through a resilient, global infrastructure structure the data for machine processing feed it directly into automated applications provide assurance of its origin and quality provide access controls for confidentiality provide tools to collaborate on improving the data enable commercial exploitation 4 Geneva, 6-7 December 2010Addressing security challenges on a global scale

5 Cyber Defence Data Reference Information Vulnerabilities Software (Applications and Operating Systems) Hardware Malware Patches and Fixes Verification Tests (e.g. IDS signatures & VA tests) Protocol specifications Certifications 5 Geneva, 6-7 December 2010Addressing security challenges on a global scale

6 Cyber Defence Data Operational Information Events Incidents IP addresses Implicated parties 6 Geneva, 6-7 December 2010Addressing security challenges on a global scale

7 What problems does it solve? Beyond the basic need to exchange data Lots of data sources saying different things Errors & Discrepancies Different focus and taxonomies No simple way to fix known errors and collaborate Limited ability to automate CD applications Importing from the Web is often manual Limited quality assurance THIS IS A MAJOR PROBLEM No resilience Need a local copy of all data! No automated implementation/enforcement of sharing policies 7 Geneva, 6-7 December 2010Addressing security challenges on a global scale

8 Examples of Discrepancies 8 Addressing security challenges on a global scaleGeneva, 6-7 December 2010 CVE Nov 2010 Possibly execute arbitrary code via a crafted packet

9 CVE Addressing security challenges on a global scaleGeneva, 6-7 December 2010

10 CVE Addressing security challenges on a global scaleGeneva, 6-7 December 2010

11 CVE Addressing security challenges on a global scaleGeneva, 6-7 December 2010 […]

12 CVE Addressing security challenges on a global scaleGeneva, 6-7 December 2010 […] ? ?

13 CVE Addressing security challenges on a global scaleGeneva, 6-7 December 2010 […]

14 How do we fix this? Support dissension to reach consensus Easily modify the data and send back to community Multiple truths co-exist until further research uncovers the ultimate truth Reject or block erroneous data coming into own automated systems Custom Quality Assurance Processes 14 Geneva, 6-7 December 2010Addressing security challenges on a global scale

15 Structured Cyber Defence Data Strategy of CDXI is currently based on Pure enumerations for the specified topics Single identifier for each element (e.g. CVE-ID) Used to create all links to other data Agile Data Model User-defined taxonomies User-defined relationships CDXI could implement most, if not all, standards in CYBEX X Geneva, 6-7 December 2010Addressing security challenges on a global scale

16 Confidentiality Limited sharing is a reality User-based and role-based access controls Organisational sharing policies Can limit user actions Can automate sharing Multiple security labels and mappings Instances of CDXI exist at every security level (Unclassified, Secret and Top Secret) 16 Geneva, 6-7 December 2010Addressing security challenges on a global scale

17 Commercial Exploitation Required since Industry has lots of data, but more importantly, the resources to refine it Proposed strategy is to encrypt records Sell keys to decrypt the data through contract Industry can resell Tools that use the CDXI Content Quality assurance of content Data-mining 17 Geneva, 6-7 December 2010Addressing security challenges on a global scale

18 CDXI Architecture 18 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

19 Relation to CYBEX Similar to CYBEX in that use/acquisition of the data is out of scope Implements the following CYBEX functions Structuring cybersecurity information for exchange purposes Identifying and discovering cybersecurity information and entities Establishment of trust and policy agreement between exchanging entities Providing assured cybersecurity information exchange Adds support for Dissension to reach consensus, collaboration mechanisms Custom quality assurance processes Commercial exploitation Provides Resilience CDXI tackles the problem from a prototype implementation point- of-view, rather than the CYBEX standards-based approach 19 Geneva, 6-7 December 2010Addressing security challenges on a global scale

20 CDXI Way Ahead Concept, high-level requirements and proposed architecture will be completed Q We plan to build and test a prototype in 2011 We plan to continue prototype development/testing in 2012 and beyond We hope for: Implementation by Industry? Concept valid for any knowledge centric community! For further information: 20 Geneva, 6-7 December 2010Addressing security challenges on a global scale


Download ppt "Cyber Defence Data Exchange and Collaboration Infrastructure (CDXI) Luc Dandurand NATO C3 Agency 2 Addressing security challenges."

Similar presentations


Ads by Google