Presentation is loading. Please wait.

Presentation is loading. Please wait.

Earl Crane Hap Huynh Jeongwoo Ko Koichi Tominaga 11/14/2000 Physician Reminder System SNA Step 3.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Earl Crane Hap Huynh Jeongwoo Ko Koichi Tominaga 11/14/2000 Physician Reminder System SNA Step 3."— Presentation transcript:

1 Earl Crane Hap Huynh Jeongwoo Ko Koichi Tominaga 11/14/2000 Physician Reminder System SNA Step 3

2 Overview Attacker Profiling Vulnerabilities Existing Mediation Strategies Attack Scenarios which attackers will mount Attack Traces Compromiseable components Soft spots(*) Next Steps

3 Attacker Profiling Type of Attacker Attack Objective MotivationAttack Methods “Hacker” Hospital network and PRS Server General curiosity; need to cause mischief Social engineering, malicious code, or IP sniffing to capture client passwords Competitor Hospital network and PRS server; denial of service Likely to be highly motivated to demonstrate provider’s weak security Social engineering, malicious code, or IP sniffing to capture client passwords Insider (current or former employees) Access to patient information; corruption; denial of service Motivation from curiosity to financial gain Range from unauthorized commands to sophisticated attacks involving spoof attack and data integrity attack

4 Attacker Profiling Most Likely Attacker 1.Insider: High probability due to current policies and PRS configuration Mode of attack will be within the Hospital network 2.Hacker: Medium probability if attack is outside of the Hospital network because the network is closed PRS will not be its primary target since it does not perform critical functions. 3.Competitor: Low probability because repercussions will be more damaging than potential gain

5 Vulnerabilities Hospital network works under a trusted group model PRS clinic policy allows for all users to view patient information PRS system does not have real-time notification of unauthorized access by users PRS system does not have an intelligent way of auditing user activity Back-door installed from the inside network Modem dial-in pool

6 Existing Mediation Strategies Tracking by “Audit trail” Security policy education to the staffs Password policy Virus checks Firewall implementation In the process of eliminating modem pool

7 Types of Attacks & Related Intrusion Usage Scenarios (IUS) 1. Internal Network Access: IUS(1) Unauthorized use of PRS IUS(2) Spoofing/man-in-middle 2. External Network Access: IUS(3) Malicious code IUS(4) Intrusion via modem pool

8 Intrusion Usage Scenarios for Type 1: Internal Network Attack IUS(1) Unauthorized use of PRS via access to confidential patient information Who is the attacker  Insider (Disgruntled employee, former employee, or corporate spy) What are at stake  View or modify private patient information  Disclosure of patient information to embarrass and harm the hospital How does it happen  Abuse of legitimate access rights

9 Hospital Information System Tracing of IUS 1 PRS System PRS Server PRS Client Database Browser PRS Client Program Email Other Client Affinity System (Registration) LABEclypsis Interface Engine FirewallEmail Server Web Server Modem pool Intruder’s Machine

10 Intrusion Usage Scenarios for Type 1: Internal Network Attack IUS(2): Access to the PRS server/client via sniffing, man-in-middle, and spoof-the-server. Who is the attacker  Insider (Curious employee, Disgruntled employee, former employee, or corporate spy) What are at stake  Compromise the availability of the system  Denial of service  View or modify patient information  Disclosure of patient information to embarrass and harm the hospital How does it happen Illegitimately obtain passwords  Abuse of legitimate access rights

11 Hospital Information System Tracing of IUS 2 PRS System PRS Server PRS Client Database Browser PRS Client Program Email Intruder’s Machine X X Other Client Affinity System (Registration) LABEclypsis Interface Engine FirewallEmail Server Web Server Modem pool Intruder’s Machine

12 Intrusion Usage Scenarios for Type 2: External Network Attack IUS(3): Malicious Code Who is the attacker  Hacker  Competitor What are at stake  Data integrity, privacy, and availability.  Limit or deny access to the PRS How does it happen  Client machines intentionally/unintentionally download malicious code from outside the network.

13 Tracing of IUS 3 PRS System PRS Server PRS Client Database Browser PRS Client Program Email Public network Hospital Information System Other Client Affinity System (Registration) LABEclypsis Interface Engine FirewallEmail Server Web Server Modem pool

14 Intrusion Usage Scenarios for Type 2: External Network Attack IUS(4): Intrusion via modem pool Who is the attacker  Hacker  Competitor What are at stake  Data integrity, privacy, and availability How does it happen  Attacker locates modem pool to bypass hospital security system.

15 Tracing of IUS 4 PRS System PRS Server PRS Client Database Browser PRS Client Program Email Public network Hospital Information System Other Client Affinity System (Registration) LABEclypsis Interface Engine FirewallEmail Server Web Server Modem pool

16 All Compromisable Components Hospital Information System Other Client PRS System Affinity System (Registration) LABEclypsis Interface Engine PRS Server PRS Client Database Browser PRS Client Program Email FirewallEmail Server Web Server Public network

17 Soft Spots Hospital Information System Other Client PRS System Affinity System (Registration) LABEclypsis Interface Engine PRS Server PRS Client Database Browser PRS Client Program Email FirewallEmail Server Web Server Public network Soft Spots

18 Next Step Identification of Soft Spots (with WPH staffs) Confirmation of existing strategies for resistance, recognition, and recovery More detailed Analysis of intrusion scenarios Presentation of Survivable map for the architecture, suggested policy changes, cost estimate, and recommended timeline for implementation

Download ppt "Earl Crane Hap Huynh Jeongwoo Ko Koichi Tominaga 11/14/2000 Physician Reminder System SNA Step 3."

Similar presentations

© Ravi Sandhu www.list.gmu.edu Introduction to Information Security Ravi Sandhu.

© Ravi Sandhu Introduction to Information Security Ravi Sandhu.
Distance Education Team 1 Adrian Sia Xavier Appé Anoop Georges Salvador Gonzales Augustine Ani Zijian Cao Joe Ondercin SNA Step 3 November 14, 2001.

Distance Education Team 1 Adrian Sia Xavier Appé Anoop Georges Salvador Gonzales Augustine Ani Zijian Cao Joe Ondercin SNA Step 3 November 14, 2001.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Student Application System SNA Step 3 Attacker Profiles and Scenarios 11.14.2001.

Student Application System SNA Step 3 Attacker Profiles and Scenarios
A Common Language for Computer Security Incidents John D. Howard, Thomas A. Longstaff Presented by: Jason Milletary 9 November 2000.

A Common Language for Computer Security Incidents John D. Howard, Thomas A. Longstaff Presented by: Jason Milletary 9 November 2000.
Taxonomy of Computer Security Incidents Yashodhan Fadnavis.

Taxonomy of Computer Security Incidents Yashodhan Fadnavis.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.

Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Extranet for Security Professionals Intrusion Scenarios Heather T. Kowalski Tong Xu Ying Hao Hui Huang Bill Halpin Nov. 14, 2000.

Extranet for Security Professionals Intrusion Scenarios Heather T. Kowalski Tong Xu Ying Hao Hui Huang Bill Halpin Nov. 14, 2000.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From www.451group.com/security/451_security.php.www.451group.com/security/451_security.php.

1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Distance Education Team 2 Security Architectures and Analysis.

Distance Education Team 2 Security Architectures and Analysis.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Similar presentations

Ads by Google