Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur

Slides:

Advertisements

Similar presentations

Service Oriented Architecture Reference Model

Advertisements

1DAML PI meeting, October DAML and Agents DAML and Agents Breakout Session DAML PI Meeting 17 October 2002 Tim Finin.

M2M Architecture Inge Grønbæk, Telenor R&I ETSI Workshop on RFID and The Internet Of Things, 3rd and 4th December 2007.

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI All rights reserved.

All rights reserved © 2006, Alcatel Grid Standardization & ETSI (May 2006) B. Berde, Alcatel R & I.

The Need For Trust in Communications Networks Carlos Solari Bell Labs, Security Solutions May 2007.

SOA for EGovernment 1 Emergency Services Enterprise Framework: A Service-Oriented Approach Sukumar Dwarkanath COMCARE Michael Daconta Oberon Associates.

Geneva, Switzerland, 17 October 2011 ITU Workshop on Service Delivery Platforms (SDP) for Telecommunication Ecosystems: from todays realities to requirements.

Cyber Defence Data Exchange and Collaboration Infrastructure (CDXI)

Colombo, Sri Lanka, 7-10 April 2009 Preferential Telecommunications Service Access Networks Lakshmi Raman, Senior Staff Engineer Intellectual Ventures.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 14 Slide 1 Object-oriented Design 1.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Wayne Zeuch, ATIS ATIS Cybersecurity Standards Document No: GSC16-GTSC9-10 Source: ATIS Contact:

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Federal Desktop Core Configuration and the Security Content Automation Protocol Peter Mell, National Vulnerability Database National Institute of Standards.

Managed Incident Lightweight Exchange (MILE) Overview and Participation Kathleen Moriarty Global Lead Security Architect EMC Corporate CTO Office.

Cyber Security: Past and Future John M. Gilligan CERT’s 20 th Anniversary Technical Symposium Pittsburgh, PA March 10, 2009.

CYBEX - The Cybersecurity Information Exchange Framework

The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.

DOCUMENT #:GSC15-GTSC-07 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:4.2 An overview of the Cybersecurity Information.

A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that "Web services are likely.

Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.

Geneva, Switzerland, September 2014 ITU-T CYBEX standards for cybersecurity and data protection Youki Kadobayashi, NICT Japan Rapporteur, ITU-T Q.4/17.

Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European.

Abstraction and Control of Transport Networks (ACTN) BoF

Automated XML Content Data Exchange and Management draft-waltermire-content-repository-00

© 2011 The MITRE Corporation. All rights Reserved. Approved for Public Release: Distribution Unlimited You’re Not Done (Yet) Turning Securable.

SEC835 Database and Web application security Information Security Architecture.

1 Autonomic Computing An Introduction Guenter Kickinger.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

DOCUMENT #:GSC15-CL-04 FOR:Presentation SOURCE:CCSA AGENDA ITEM:Closing Plenary, 2.3 GTSC-8 Summary Report Duo Liu GTSC-8.

Computer Science and Engineering 1 Cloud ComputingSecurity.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Automating STIGs: The Transition to CCI and SRG

Automating Enterprise IT Management by Leveraging Security Content Automation Protocol (SCAP) John M. Gilligan May, 2009.

DOCUMENT #: GSC15-GTSC8-06 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.2 CONTACT(S): Art Reilly ATIS Cybersecurity.

1 Advanced Software Architecture Muhammad Bilal Bashir PhD Scholar (Computer Science) Mohammad Ali Jinnah University.

Geneva, Switzerland, April 2012 Introduction to session 7 - “Advancing e-health standards: Roles and responsibilities of stakeholders” Marco Carugi.

Ali Alhamdan, PhD National Information Center Ministry of Interior

NGCWE Expert Group EU-ESA Experts Group's vision Prof. Juan Quemada NGCWE Expert Group IST Call 5 Preparatory Workshop on CWEs 13th.

Draft principles and framework for CAP identifiers Tony Rutkowski Cybersecurity Rapporteur (ITU-T Q.4/17) V1.0, 21 Jun 2009 WORLD METEOROLOGICAL ORGANIZATION.

1 1 Cybersecurity : Optimal Approach for PSAPs FCC Task Force on Optimal PSAP Architecture Working Group 1 Final Report December 10 th, 2015.

Approaches for Ensuring Security and Privacy in Unplanned Ubiquitous Computing Environments V. Ramakrishna, Kevin Eustice, Matthew Schnaider Laboratory.

GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 ITU-T IDENTITY MANAGEMENT UPDATE Bilel Jamoussi, Chief,

Fostering worldwide interoperabilityGeneva, July 2009 ITU-T Telecom Security Update Arkadiy Kremer ITU-T SG 17 Chairman Global Standards Collaboration.

Cyberinfrastructure Overview of Demos Townsville, AU 28 – 31 March 2006 CREON/GLEON.

ITU-T CYBEX standards for cybersecurity information dissemination and exchange Youki Kadobayashi, Ph.D. NICT Japan / Rapporteur, ITU-T SG17 Q.4 ITU-T SG17.

OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

Financial Sector Cybersecurity R&D Priorities The Members of the FSSCC R&D Committee November 2014.

SACM Vulnerability Assessment Scenario IETF 95 04/05/2016.

Towards a High Performance Extensible Grid Architecture Klaus Krauter Muthucumaru Maheswaran {krauter,

Security and resilience for Smart Hospitals Key findings

Principles Identified - UK DfT -

Global Standards Collaboration (GSC) 14

China Communications Standards Association ZTE Corporation, P.R. China

Detection and Analysis of Threats to the Energy Sector (DATES)

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

ATIS Cybersecurity DOCUMENT #: GSC13-GTSC6-12 FOR: Presentation

Metrics-Focused Analysis of Network Flow Data

I have many checklists: how do I get started with cyber security?

Securing Cloud-Native Applications Jason Schmitt CEO

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Reinhard Scholl, GTSC-7 Chairman

IT Management Services Infrastructure Services

ITU-T activity in ICT security

Security Mechanisms Network Security.

Presentation transcript:

Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur SG17 Tutorial Geneva 15 Dec 2010 V1.1 Application of CYBEX (Cybersecurity Information Exchange) techniques to future networks Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur

CYBEX Basics The new cybersecurity paradigm know your weaknesses minimize the vulnerabilities know your attacks share the heuristics within trust communities CYBEX – techniques for the new paradigm Weakness, vulnerability and state Event, incident, and heuristics Information exchange policy Identification, discovery, and query Identity assurance Exchange protocols X.1500 culminates a broadly supported 2-year effort Consists of a non-prescriptive, extensible, complementary “collection of tools” that can be used as needed

Today’s Reality “security by design” is not a reasonable objective today, as the code/systems are too complex, distributed, autonomous and constantly changing Common global protocol platforms for the trusted exchange of information are essential A distributed, “security management” network plane that supports autonomy is emerging Single “national centres” for this purpose are not feasible and would represent a massive vulnerability

CYBEX Facilitates a Global Cybersecurity Model Measures for protection Encryption/ VPNs esp. for signalling Measures for threat detection Real-time data availability Resilient infrastructure Stored event data availability Provide basis for additional actions Forensics & heuristics analysis Provide data for analysis Provide basis for actions Identity Management Routing & resource constraints Measures for threat response Reputation sanctions Blacklists & whitelists Deny resources Patch development Provide awareness of vulnerabilities and remedies Network/ application state & integrity Vulnerability notices CYBEX Information Exchange Techniques

Cybersecurity Information acquisition Cybersecurity Information use The CYBEX Model structuring cybersecurity information for exchange purposes identifying and discovering cybersecurity information and entities establishment of trust and policy agreement between exchanging entities requesting and responding with cybersecurity information assuring the integrity of the cybersecurity information exchange Cybersecurity Entities Cybersecurity Entities Cybersecurity Information acquisition (out of scope) Cybersecurity Information use (out of scope)

CYBEX Technique Clusters: Structured Information Weakness, Vulnerability/State Exchange Event/Incident/Heuristics Exchange Knowledge Base Platforms Weaknesses Vulnerabilities and Exposures Event Expressions Malware Patterns State Security State Measurement Configuration Checklists Assessment Results Incident and Attack Patterns Malicious Behavior Exchange Policies Exchange Terms and conditions

CYBEX Technique Clusters: Utilities Identification, Discovery, Query Common Namespaces Discovery enabling mechanisms Request and distribution mechanisms Identity Assurance Exchange Protocol Trusted Platforms Authentication Assurance Methods Authentication Assurance Levels Trusted Network Connect Interaction Security Transport Security

Today’s Use Cases Your computer X.1500 Appendices Patch Tuesday Open Windows Update X.1500 Appendices NICT CYBEX Ontology Japan’s JVN USA Federal Desktop Core Configuration/ US Government Configuration Baseline

Significant adoption rate SG17 December 2010 Geneva Cybersecurity Workshop Session 5.1 Robert A. Martin of MITRE described the essentials for Vendor Neutral Security Measurement & Management with Standards Ian Bryant of the EU NEISAS Project described the challenges in sharing security information for infrastructure protection Takeshi Takahashi of NICT described an ontological approach for cybersecurity information haring, especially for Cloud Computing Thomas Millar of the US-CERT presented an operational model of CIRT processes for improved collaboration and capability development Luc Dandurand of NATO described his organizations new initiative for cyber defence data exchange and collaboration infrastructure (CDXI) Damir Rajnovic of FIRST described the structure and mechanisms of the principal global organization of cybersecurity incident centers IETF October 2010 Beijing Meeting CYBEX conceptualized as a security management layer

Toward Network Security Planes: Security Automation Schemas Everywhere OVAL Open Vulnerability and Assessment Language CWE Common Weakness Enumeration CVE Common Vulnerabilities and Exposures CPE Common Platform Enumeration CVSS Common Vulnerability Scoring System CWSS Common Weakness Scoring System CCE Common Configuration Enumeration XCCDF eXensible Configuration Checklist Description Format ARF Assessment Result Format SCAP Security Automation Tools

What about Future Networks/NGNs? A potential implementation of a CYBEX reference model for NGNs is depicted in the following diagrams SCAP should be ubiquitous in the models This approach is adapted from a similar approach already being taken for NGN Identity Management NGN providers would play a substantial CYBEX framework-support function with understood assurance levels among themselves and all network devices and capabilities within their domain Under this approach, CYBEX techniques would be adapted as necessary through the use of extensions and reflected in a new extensible Y-series Recommendation ETSI TISPAN is already working on a similar model

CYBEX applied to Future Network Strata Scope of CYBEX Management Plane Control Plane User Plane NGN Service Stratum Management Plane Control Plane User Plane NGN Transport Stratum Figure 2/Y.2011

CYBEX applied to Future Network Functions Resources Transfer Functional Area Transport Management Functions Infrastructural, application, middleware and baseware services Services Transport Control Functions Service Management Functions Service Control Functions Scope of CYBEX Figure 3/Y.2011

CYBEX applied to Future Network Models toward a NGN/FN security plane CYBEX Exchange on UNI Interfaces CYBEX Exchange on UNI Interfaces CYBEX Exchange on NNI Interfaces NGN Provider A NGN Provider B CYBEX CYBEX Management Functions Management Functions Application Support Application Support CYBEX Functions CYBEX Functions End User Functions End User Functions Service Control Service Control CYEX Functions Cybex Functions Transport Stratum Transport Stratum CYBEX Functions CYBEX Functions