Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018

Published byKenneth Underwood Modified over 5 years ago

Similar presentations

Presentation on theme: "CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018"— Presentation transcript:

1 CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018
Rubén Trapero Burgos, ATOS Co-funded by the Horizon 2020 Framework Programme of the European Union

2 CIPSEC Framework Design Principles
Critical Infrastructures Commonalities Security Threats CIPSEC pilot requirements Data Lifecycle in Critical Infrastructures CIPSEC architecture

3 Data Acquisition Data Consumption Data Dissemination
Host and Network Sensors SOC Expertise Agents, sensors, sniffing, etc Data Acquisition Security Decision-Making Security Compliance Activity and Security Data (LOG) Status Heartbeats Reports Data Consumption Data Dissemination User Credentials Events/Alarms Tokens Software updates Security Data Insights Security Apps PKI Infrastructure Sotware Repository Dashboards Human End-Users (CI System admins) Post-Mortem Incident Analysis Security Operation Center Personnel Visualization of data Recommendations System administration Aggregate data Filter Data Reasoning Detect anomalies Document Management Repository Security and Activity monitoring engine

4 Acquisition Data Acquisition Data Consumption Data Dissemination
Host and Network Sensors SOC Expertise Agents, sensors, sniffing, etc Acquisition CIPSEC Core Framework Data Acquisition Security Decision-Making Security Compliance Activity and Security Data (LOG) Status Heartbeats Reports Data Consumption Data Dissemination User Credentials Events/Alarms Tokens Software updates Security Data Insights Security Apps PKI Infrastructure Sotware Repository Dashboards Human End-Users (CI System admins) Post-Mortem Incident Analysis Security Operation Center Personnel Aggregate data Filter Data Reasoning Presentation Detection Layer Visualization of data Recommendations System administration User/System manager Data Processing Document Management Repository Network Security Critical Infrastructure Components (sensors, computers, network, servers, routers, …) Security and Activity monitoring engine

5 High Level CIPSEC Framework
Critical Infrastructure Platform User/System manager Layer Presentation Layer Acquisition Layer Detection Layer Data Processing Layer Updating/Patching User training Compliance Management CIPSEC Core Framework Critical Infrastructure Components (sensors, computers, network, servers, routers, …) logs events/alerts correlator admin inferred threats, risks aggregated info (reports, etc) contingency (reconfigurations, etc) CIPSEC security features Compliance report Network Security security data CI security requirements

6 CIPSEC Framework Reference Architecture

7 Critical Infrastructure Platform Compliance Management
Partners’ role in CIPSEC Reference Architecture Critical Infrastructure Platform CIPSEC Core Framework System manager User/System manager Layer Contingency plan Recommendations Presentation Layer Forensics Analysis Visualization tool Dashboard Data Processing Layer Anonymized Sensitive Data Historic anomalies DB Forensics service Data anonymization and Privacy Updating/Patching Detection Layer Compliance Management Anomaly detection reasoner Acquisition Layer External Security Services Future security services plugged Endpoint Detection and Response Vulnerability Assessment Identity Access Management Integrity Management Crypto services Network Security (DPI firewalls, routers with ACL, network segmentation, DMZ, NAC, etc.) Critical Infrastructure Components (sensors, computers, network, servers, routers, …) User Training

8 CIPSEC Blocks Covered with Products
Reference Architecture Block Products Involved Dashboard Forensics Analysis Visualization tool Data anonymization and Privacy Anomaly detection reasoner Identity Access Management Integrity Management Crypto services Endpoint Detection and Response CIPSEC Pilots

9 CIPSEC Blocks Covered with Services
CIPSEC Core Services Service Leader Contingency Plan Forensics Service Vulnerability Assessment Updating / Patching User Training Compliance Management CIPSEC Pilots

10 Innovation targeted by CIPSEC Framework
CIPSEC proposal is not centred on providing an isolated solution for cybercrime but a more broad solution. CIPSEC which is not addressing individual aspects of large crisis but provides a global solution including additional services related with CIP. CIPSEC provides a more generic solution, focusing not only on securing network edge services of cloud infrastructures in CI scenarios, but also on the global picture, taking into account existing interdependencies. CIPSEC offers a close-to-market security platform with real validation trials on real CI operational scenarios.

11 Thanks for your attention! Questions?
Contact: Antonio Álvarez ATOS Rodrigo Díaz ATOS Rubén Trapero ATOS @CIPSECproject CIPSEC Technical Review Meeting Barcelona 22/11/2017

Download ppt "CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018"

Similar presentations

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.
CIRAS PROJECT OVERVIEW

CIRAS PROJECT OVERVIEW
Security Monitoring & Management Security Control Panel Sensors & Detection Devices $ $ $ $ $ $ Physical Security Monitoring.

Security Monitoring & Management Security Control Panel Sensors & Detection Devices $ $ $ $ $ $ Physical Security Monitoring.
1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.

1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Security Controls – What Works

Security Controls – What Works
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.

Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Controls for Information Security

Controls for Information Security
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Basel Accord IITRANSITIONSERVICES Business Integration Support FCM Management Limited Paris New York Toronto.

Basel Accord IITRANSITIONSERVICES Business Integration Support FCM Management Limited Paris New York Toronto.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.

Similar presentations

Ads by Google