Presentation is loading. Please wait.

Presentation is loading. Please wait.

<cataldo.basile@polito.it> Policy chains: the PoSecCo approach to policy management in Future Internet Cataldo Basile Politecnico di Torino <cataldo.basile@polito.it>

Published byBjörn Melsbach Modified over 5 years ago

Similar presentations

Presentation on theme: "<cataldo.basile@polito.it> Policy chains: the PoSecCo approach to policy management in Future Internet Cataldo Basile Politecnico di Torino <cataldo.basile@polito.it>"— Presentation transcript:

1 <cataldo.basile@polito.it>
Policy chains: the PoSecCo approach to policy management in Future Internet Cataldo Basile Politecnico di Torino Pisa - June 9, 2011

2 Posecco scenario: Future Internet seen from a Service Provider (SP)
security reqs from customers security reqs from laws and regulations SP-customers security reqs from suppliers sec reqs from mgmt Service Provider Service Service Service service application application application application application Hints for graphics design: Posecco focuses on the view-point of the service provider (SP) The SP operates a shared environment to provide IT services to its customers, and partly relies on 3rd party services for business services (SaaS), platforms (PaaS) or infrastructure (IaaS) Security requirements stem from a variety of different sources (customers, laws & regulations, suppliers, internal risk analysis, etc.) All of these requirements need to be fulfilled in this shared environment In particular, access control requirements for customers, technical users, and SP staff need to be considered Legend: - Green arrow: User access to an IT resource (service, application, system, etc) - Red arrow: Security requirements imposed to the SP, and to be addressed by the security concept Targeted scenario: Large-scale, heterogeneous service landscapes Complex security and compliance requirements Problems: Multitude of stakeholders and interactions (intra- and interorganizational) Multiple technology layers involved, with interdependencies and different terminology Constant change on requirement and landscape level DB DB Supplier system SP-staff system system Supplier network

3 Abstraction layers: PoSecCo vs. Enterprise Architecture
customers, suppliers, countries laws and regulations, business reqs, business data, roles Business IT services applications, subservices structured data IT layer hardware, network topology, security capabilities Landscape product services, market segment, strategic goals, strategic projects, interactions with customers, interactions with suppliers Business business processes, organization units, roles and responsibilities, information flows, sites Process applications, application domains, technical services, IS-Functionality, information objects, interfaces Integration software components, datastructures Software hardware, network, software platforms Technology

4 Policy chain detection and analysis of req conflicts
high-level security requirements and business- and legal-driven policies selected IT policies and controls to fulfill requirements technology-specific security configurations to implement controls on a given IT landscape connects separated policy abstraction to form a policy chain: Changes of laws, regulations, standards, customers, … detection and analysis of req conflicts matching reqs against suppliers refinement / selection of security controls optimized configuration generation runtime analysis of reqs and landscape changes system validation and audit Hints for graphics design: -Design time activities aim at establishing the policy chain Runtime activities maintain and leverage the policy chain The provided slide text is to provide further explanations, and must not be all put in the image Changes of settings in productive systems

5 Governance meta-model
Stakeholder Model defines the stakeholders involved in the security requirements management process System Meta Model static concepts relevant for the security requirements management process (e.g., Business and IT services) security related information (e.g. security requirements and risks) attached to a functional concept (e.g., a business process or an IT resource) a System Model describes the status of the organisation at a certain point of time including its security status (e.g. actual security requirements) View Model: the portion of the system model seen by each stakeholder Process View: requests and change events

6 Implementing the policy chain: policy refinement:
examples from end-user partners (Crossgate, Deloitte) “manage private data according to customer privacy law” Business policy harmonization and refinement IT policy ontology-based refinement logical associations landscape configuration configurations set of statements in form subject-verb-object (options) form subject and objects may be groups or categories of individuals interesting for policy enforcement purposes may (implicitly) express relations Example: high security services ‘securely reach’ their sub-services high-level refinement ABSTRACT = device dependent / syntax independent Example (packet filter): from :80/TCP to :any/any ALLOW from :any/any to :any/any ALLOW DENY all Change and Configuration Management (CCM) software is used to: update landscape description create change requests audit the productive landscape with help of standardized, comparable checklists and checks. intermediate format express a relationship between network elements (individuals) relationships are associated to security properties topology independent Example sub-service App1 ‘securely reach’ sub-service WebFrontEnd or ‘reach’ :80/TCP landscape configuration

7 EffectPlus: building a common understanding
collaboration: standardize policy languages business policy format (October 2011) no official or de facto standards (BPMN?) IT policy language and formal models (2012) according to the different security properties to enforce allow conflict analysis, complex refinement process, backtracing common format for configurations (2012) filtering, channel protection, access control devices Policy Common Information Model bind to landscape description common outcome: define policy meta-models for EU projects maximum freedom to extend and customize policies according to other projects needs input: policy models from other projects collaboration: documents circulation of policy-related topics, meetings and synchronization events

8 Landscape Refinement topology aware
many refinement modules one for each security property e.g., reachability, channel protection, Access Control (= different requirements) implement refinement strategies at the lowest level and optimize configurations in distributed systems logical associations topology-independent relations (between network elements) Kommunikation SUN cluster 1 ‘reach’ Kommunikation SUN cluster 1 ‘reach’ SAP II EDI process engine ‘securely reach’ WebEDI Business process Engine optional attributes time (weekdays, ), protection level (HIGH/MEDIUM/LOW), … formats depend on the security property outcome for other projects: a set of modules to be used as configuration generation services input: support for virtualization and cloud

9 Refinement Strategies: service4 securely ‘reach’ service2
sub-services may cipher data at the application layer topology-independent, non invasive impact on performance end-to-end security (transport layer, SSL/TLS) easy to configure may impact on performance end-to-end security (transport mode) configure Ipsec + IKE may impact on performance basic VPN (tunnel mode) no impact on service performance no channel protection if services are in the same physical machine (isolation)

10 Ontology-based refinement
extend the landscape description with semantically rich concepts and logically connect them landscape: network and topology, FI and service-related, external service providers concepts; policy and refinement concepts (strategies) business business and governance meta model business concepts Abstraction policy concepts IT layer designer/user dependent concepts context dependent concepts (FI, services, virtual, etc.) landscape landscape concepts

11 EffectPlus: building a common understanding
landscape meta-models (initial model in October 2011) input: landscape descriptions in other projects security ontologies (initial model in October 2011) input: ontologies to represent policy-related and landscape concepts collaboration: merge with non-PoSecCo ontologies collaboration: build components on top of the PoSecCo refinement architecture use PoSecCo refinement models and tools as services collaboration: formal models for refinement, conflict analysis, enforceability analysis collaboration: PoSecCo and virtualization improve the model in other scenarios e.g., cloud computing

12

13 Disclaimer

14

Download ppt "<cataldo.basile@polito.it> Policy chains: the PoSecCo approach to policy management in Future Internet Cataldo Basile Politecnico di Torino <cataldo.basile@polito.it>"

Similar presentations

1 Aspects of IEEE P1471 Viewpoints in Unified Modeling Language (UML) Manzur Ashraf, BRAC University Humayra Binte Ali, Dhaka University Md.Mahfuz Ashraf,

1 Aspects of IEEE P1471 Viewpoints in Unified Modeling Language (UML) Manzur Ashraf, BRAC University Humayra Binte Ali, Dhaka University Md.Mahfuz Ashraf,
© 2012 Open Grid Forum Simplifying Inter-Clouds October 10, 2012 Hyatt Regency Hotel Chicago, Illinois, USA.

© 2012 Open Grid Forum Simplifying Inter-Clouds October 10, 2012 Hyatt Regency Hotel Chicago, Illinois, USA.
Network Security Essentials Chapter 11

Network Security Essentials Chapter 11
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Infrastructure layer Massonet Philippe, CETIC RESERVOIR Dissemination Activity Leader John Kennedy, INTEL Infrastructure Leader.

Infrastructure layer Massonet Philippe, CETIC RESERVOIR Dissemination Activity Leader John Kennedy, INTEL Infrastructure Leader.
02/12/00 E-Business Architecture

02/12/00 E-Business Architecture
Protocols and the TCP/IP Suite

Protocols and the TCP/IP Suite
Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System architectures Updated: November 2014.

Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System architectures Updated: November 2014.
Integration of Applications MIS3502: Application Integration and Evaluation Paul Weinberg Adapted from material by Arnold Kurtz, David.

Integration of Applications MIS3502: Application Integration and Evaluation Paul Weinberg Adapted from material by Arnold Kurtz, David.
1 Objective of today’s lesson S oftware engineering occurs as a consequence of a process called system engineering. Instead of concentrating solely on.

1 Objective of today’s lesson S oftware engineering occurs as a consequence of a process called system engineering. Instead of concentrating solely on.
Course Instructor: Aisha Azeem

Course Instructor: Aisha Azeem
Chapter 1: The Database Environment

Chapter 1: The Database Environment
Department of Computer Science 1 CSS 496 Business Process Re-engineering for BS(CS)

Department of Computer Science 1 CSS 496 Business Process Re-engineering for BS(CS)
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.

Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.
Architectural Design.

Architectural Design.
Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Delivering an Architecture for the Social Enterprise Alpesh Doshi, Fintricity Information Age Social&Mobile Business Conference Tuesday 31st January 2012.

Delivering an Architecture for the Social Enterprise Alpesh Doshi, Fintricity Information Age Social&Mobile Business Conference Tuesday 31st January 2012.
Chapter 6 System Engineering - Computer-based system - System engineering process - “Business process” engineering - Product engineering (Source: Pressman,

Chapter 6 System Engineering - Computer-based system - System engineering process - “Business process” engineering - Product engineering (Source: Pressman,
1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.

1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.

Similar presentations

Ads by Google