Extranet for Security Professionals (ESP) Group One
Team Members Heather T. Kowalski, Project Lead Tong Xu Ying Hao Hui Huang Bill Halpin
Task Extranet for Security Professionals Company: SEI Contact: Martin Lindner Security Analysis, using SNA Method
Milestones September 28, 2000 October 31, 2000 November 14, 2000 Initial Overview Presentation October 31, 2000 Essential Services Review November 14, 2000 Attack Threat Analysis December 5, 2000 Final Recommendations
Client Meetings – To Date September 15 Introductions High-level Review of Architecture September 20 Business Mission Detailed Overview of Client Goals Detailed Review of Architecture
Client Expectations Review the System Design and Architecture Identify and Document Vulnerabilities Identify Alternative Approaches to ESP Mission
SNA – System Definition Mission Requirements Environment Risk Definition Architecture Definition The SNA descriptions are taken from the Team Project Handout, so they don’t match 100% with the description in the master report.
ESP – Mission Central Repository of Security Information Central Location for Information Sharing Secure Environment, Manageable Resource
ESP – Requirements Security over Reliability Exchange of Information Responsible for Information Only While on ESP System User Driven and Maintained
ESP – Environment Dell PowerEdge Servers Windows NT 4.0 (SP3) SSL Only Minimal Options Activated SSL Cold Fusion Middleware
ESP – System Elements COTS Good Programming Practices Easier to Find Support Staff Easier to Maintain Updates Good Programming Practices Prevention Integrity Code Revision Controls
ESP – Architecture The Internet Router Firewall Web Servers © 2000 by Carnegie Mellon University/SEI ESP – Architecture The Internet Router Firewall There are additional Architecture slides in Marty’s original presentation. I thought that this was the most generic. We can always import the additional slides if needed. Web Servers To: George Marty From: Steve Workstation Database Servers Firewall
ESP – Risk Definition System Attacks Abrogation of User Responsibilities Equipment Failure On-going Process Key difference from other systems – Security over Availability. ESP will be shut down at first thought of trouble.
Client Meetings - Expected Mid-October Verify Traffic Flow Early November Discuss Attack Potential Late November Mitigation Recommendations
SNA - Step Two Pending Essential Services & Assets Trace Scenarios Through Architecture Identify Essential Components of Architecture
SNA – Step Three Pending Review Attacker Profiles Discuss Likely Levels of Attack Identify Possible Attack Scenarios Determine Weak Links in Architecture
SNA – Step Four Pending Identify Architecture Deficiencies Present Current Strategies for 3 R’s Present Suggested Strategy Improvements Present Plan to Implement Improvements 3 R’s = resistance, recognition & recovery.
Questions?