System Aware Cyber Security Architecture

Size: px
Start display at page:

Download "System Aware Cyber Security Architecture"

Transcription

1 System Aware Cyber Security Architecture Rick A. Jones October, 2011

2 Research Topic DescripAon System Aware Cyber Security Architecture Addresses supply chain and insider threats Embedded into the system to be protected Includes physical systems as well as informaaon systems Requires system engineering support tools for evaluaang architectures factors To facilitate reusability requires establishment of candidate Design PaMern Templates and iniaaaon of a design library Security Design System Impact Analyses ASRR 10/11 October

3 IncorporaAng Recognized Security FuncAons into an Integrated System Aware Security SoluAon Fault Tolerance Diverse ImplementaAons of Common FuncAons Data ConAnuity Checking via VoAng Cyber Security Moving Target with Diversity Physical ConfiguraAon Hopping Virtual ConfiguraAon Hopping Adversary SensiAve System ReconstrucAon AutomaAc Control Systems Data ConAnuity Checking via State EsAmaAon System IdenAficaAon TacAcal Forensics ASRR 10/11 October

4 System Aware Security Architecture Internal Controls Inputs System to be Protected Outputs Internal Measurements System-Aware Security Sub-System ASRR 10/11 October

5 System Aware Cyber Security Subsystem System-Aware Security Sub- System Measurements Measurement Analysis System to be Protected Hopping & Restoral Control System Control Signaling Security Control Decisions ASRR 10/11 October

6 System Aware Security Analysis Selected set for hopping Mission-Risk Ranked System Functions (1) (2) (3) (4) Number of hopped functions (N) System Latency Delay in compromise detection Rate of hopping Mission Risk System Latency ASRR 10/11 October

7 System Aware Security for Facility Defense ASRR 10/11 October

8 Facility Defense System to be Secured We consider a facility defense system consisang of: Streaming sensors conanuously monitoring discrete areas Streaming Servers distribuang sensor data, received over a wired network, to mobile users over a wireless broadcast network Mobile users receiving alerts and streaming data regarding potenaal problems ASRR 10/11 October

9 IllustraAve Architectural Diagram for Candidate Facility Defense System for System Aware Security 9

10 PotenAal Cyber AMacks Replay amacks masking malicious acavity iniaated through Sensor system Streaming servers User devices DoS amacks addressed through redundancy Sensor system Streaming servers OperaAonal procedures and redundancy regarding user devices ASRR 10/11 October

11 System Aware SoluAon for Securing the Facility Defense System Replay amack defense Diversely Redundant Streaming Sensors, with VoAng (Data ConAnuity Checking) Diversely Redundant, Virtually Hopped Streaming Servers Diverse User Devices, with RotaAng User Surveillance Assignments and Device Use Mobile User based Data ConAnuity Checking DoS defense Redundancy at the Sensor and Streaming server levels Streaming servers / User feed back loops to enable redistribuaon of data and job responsibiliaes ASRR 10/11 October

12 IllustraAve System Aware SoluAon Architecture 12

13 Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng Max Possible # of Observable Regions No VoAng/Single Stream ConAnuous 3 Stream VoAng Stream Fidelity (Kbps) 13

14 Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng Max Possible # of Observable Regions Loss in User PresentaAon Fidelity No VoAng/Single Stream ConAnuous 3 Stream VoAng Stream Fidelity (Kbps) 14

15 Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng Max Possible # of Observable Regions ReducAon in Maximum Observable Regions No VoAng/Single Stream ConAnuous 3 Stream VoAng Stream Fidelity (Kbps) 15

16 Duty Cycle VoAng for Increasing the Possible Number of Observable Regions Concept Use of Ame division for voang permits an increase in the number of possible surveillance points User compares streams concurrently received from mulaple diversely redundant servers to discover disconanuiaes 3 parameters can be ualized to govern voang Number of Observed Regions Deemed acceptable VoAng Interval for data conanuity checking across all regions Streaming period Ame allomed for conanuity checking (VoAng Time), which can be less than the VoAng Interval Given the VoAng Time can be a subset of the VoAng Interval, the use of Ame division can be ualized to manage informaaon distribuaon over the broadcast network, interleaving mulaple streams for voang users with single streams for other users who are not voang ASRR 10/11 October

17 IllustraAve System Aware SoluAon Architecture with Duty Cycle VoAng 17

18 IllustraAve System Aware SoluAon Architecture with Duty Cycle VoAng 18

19 IllustraAve System Aware SoluAon Architecture with Duty Cycle VoAng 19

20 Duty Cycle VoAng for Increasing the Possible Number of Observable Regions User 1 User 2 Time Time User 3 Time Wireless Network Time Column Heights = Data / Time Interval 20

21 Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng Max Possible # of Observable Regions No VoAng/Single Stream ConAnuous 3 Stream VoAng Duty Cycle VoAng Stream Fidelity (Kbps) 21

22 AddiAonal Collateral System Impacts Common Cause Failures are reduced MTBF increases in relaaonship to the individual diverse component reliabiliaes Development cost increases based on the cost to develop voang and duty cycle management components, as well as to resolve lower level technical issues that may arise SynchronizaAon needs Sohware integraaon Performance impact measurements and enhancement needs (e.g. CPU ualizaaon, memory, and energy usage) One Ame and life cycle cost increase in relaaonship to the increased complexity 22

23 Scoring Framework 23

24 Need: Methodology for EvaluaAng AlternaAve Security SoluAons for a ParAcular System A methodology is required in order to clarify reasoning and prioriazaaons regarding unavoidable cyber security vagaries: RelaAonships between soluaons and adversarial responses MulAdimensional contribuaons of individual security services to complex amributes, such as deterrence Scores can be derived in many different forms Single scalar value where bigger is bemer 2 scalar values: (1) security value added, (2) system level disvalues MulA objecave component scores providing more transparency ASRR 10/11 October

25 Metrics AMack phase based security value factors: Pre AMack (Deterrence) Trans AMack (Defense) Post AMack (RestoraAon) Would include collateral system impact metrics for the security architecture: Performance Reliability, Safety Complexity, Costs ASRR 10/11 October

26 System Aware Security System Scoring Matrix RelaDve Value Weights k 1 k 2 k 3 k 4 k 5 k 6 k j Value Factors Security Services Diversity (s 1 ) Hopping (s 2 ) Data ConAnuity Checking (s 3 ) TacAcal Forensics (s 4 ) Deterrence Real Time Defense Collateral System Impacts RestoraDon ImplementaDon Cost Life Cycle Cost s 11 s 12 s 1j s 21 s 22 s 2j s 31 s 32 s 3j s 41 s 42 s 4j Other (s i ) s i1 s i2 s ij Other ASRR 10/11 October

27 System Aware Security System Scoring Matrix RelaDve Value Weights k 1 k 2 k 3 k 4 k 5 k 6 k j Value Factors Security Services Diversity (s 1 ) Hopping (s 2 ) Data ConAnuity Checking (s 3 ) TacAcal Forensics (s 4 ) Deterrence Real Time Defense Collateral System Impacts RestoraDon ImplementaDon Cost Life Cycle Cost s 11 s 12 s 1j s 21 s 22 j= 1 s 2j s ij = Assurance Level of s 31 s 32 the ith service as s 3j related to the jth value factor s ij = QuanAzed Assurance Level = 0 M s 41 s p n 42 s 4j Security = k j s ij Score j= 1 i= 1 Other (s i ) s i1 s i2 Max Possible Score = n x M s ij p k j = 1 Other ASRR 10/11 October

28 Example Facility Defense Scoring Matrix RelaDve Value Weights K 1 =0.30 K 2 = 0.20 k 3 =0.10 K 4 = 0.20 K 5 = 0.05 K 6 = 0.15 Value Factors Security Services Diversity (s 1 ) Hopping (s 2 ) Data ConAnuity Checking (s 3 ) TacAcal Forensics (s 4 ) Deterrence Real Time Defense Collateral System Impacts RestoraDon ImplementaDon Cost Max Possible Score = 20 Facility Defense Score = 11.5 Life Cycle Cost Strongest Area is RestoraAon Weakest Area is Life Cycle Cost 28

29 On Going ExploraAon A pracacal methodology for determining Assurance Level Values Methodology for addressing uncertainty in assigning Assurance Level Values Methodology for ualizing RelaAve Value Weights Tradeoffs between scoring simplicity and transparency of results ASRR 10/11 October

30 Structured Arguments for System Scoring Builds upon the legacy of work developed for safety and informaaon assurance case evaluaaons UAlizes Goal Structuring NotaAon (GSN) for communicaang arguments to support assigned scores in a repeatable and clear manner System Aware security scoring arguments for a paracular system architecture include: Context supplied by the system owner and includes an available risk analysis for the system being protected and scoring guidelines System supplier provides the list of security services to be applied and characterizes the purposes expected of security services that are deemed as most peranent to reducing risk Specific claims about value factors and the anacipated effects of security services on these factors ExplanaAons of how each security service is anacipated to impact specific value factor claims, including explicitly dividing each service into policy, process, and technology components with corresponding explanaaons of value 30

31 Simplified DiagrammaAc RepresentaAon of a Structured Argument for Deterrence Scoring (1) Architectural Deterrence Claim Assigned suitable scores for deterrence Service SelecDon Strategy Decompose the Architecture to isolate, for the purposes of scoring, security services that address deterrence Data ConDnuity Service Claim Improves deterrence Diversity Service Claim See later slide Context Risk analysis and scoring guidelines Scoring Assignment Strategy UAlize experts to score service claims with accompanying raaonale Forensics Service Claim Hopping Service Claim 31

32 Simplified DiagrammaAc RepresentaAon of a Structured Argument for Deterrence Scoring (2) Data ConDnuity Service Claim (1) ExploitaAon design requires distributed exploit designers Data ConDnuity Service Claim Improves deterrence Data ConDnuity Service Claim (2) ExploitaAon design requires designers with deep systems knowledge.. Data ConDnuity Service Claim (n) 32

33 Simplified DiagrammaAc RepresentaAon of a Structured Argument for Deterrence Scoring (3) Data ConDnuity Service Claim (1) ExploitaAon design requires distributed exploit designers Red Team Evidence Document Data ConDnuity Service Claim Improves deterrence System Design Team Evidence Document Intelligence Analysis Evidence Document 33

34 Simplified DiagrammaAc RepresentaAon of a Structured Argument for Deterrence Scoring (4) Data ConDnuity Service Claim Improves deterrence Data ConDnuity Service Claim (2) ExploitaAon design requires designers with deep systems knowledge System Design Team Evidence Document 34

System Aware Cyber Security

System Aware Cyber Security System Aware Cyber Security Application of Dynamic System Models and State Estimation Technology to the Cyber Security of Physical Systems Barry M. Horowitz, Kate Pierce University of Virginia April, 2012

More information

This chapter introduces you to Microso2 Office Access 2013. The chapter focuses on what a database is, the components of a database, what a database

This chapter introduces you to Microso2 Office Access 2013. The chapter focuses on what a database is, the components of a database, what a database This chapter introduces you to Microso2 Office Access 2013. The chapter focuses on what a database is, the components of a database, what a database can do and how to create a database. 1 The objecaves

More information

A System-Aware Cyber Security Architecture

A System-Aware Cyber Security Architecture A System-Aware Cyber Security Architecture Rick A. Jones and Barry Horowitz* Regular Paper Systems and Information Engineering, University of Virginia, Charlottesville, VA 22904 A SYSTEM-AWARE CYBER SECURITY

More information

IOmark Suite. Benchmarking Storage with Applica4on Workloads August, 2013. 2013 Evaluator Group, Inc.

IOmark Suite. Benchmarking Storage with Applica4on Workloads August, 2013. 2013 Evaluator Group, Inc. IOmark Suite Benchmarking Storage with Applica4on Workloads August, 2013 1 What is IOmark Suite?! A storage specific benchmark for applicaaon workloads Tests storage only Supports VDI and Virtual Machine

More information

BBM467 Data Intensive ApplicaAons

BBM467 Data Intensive ApplicaAons Hace7epe Üniversitesi Bilgisayar Mühendisliği Bölümü BBM467 Data Intensive ApplicaAons Dr. Fuat Akal akal@hace7epe.edu.tr FoundaAons of Data[base] Clusters Database Clusters Hardware Architectures Data

More information

How to Develop a Funding Model

How to Develop a Funding Model How to Develop a Funding Model Seri Renkin CEO, ten20 Foundation Caroline Chernov Executive Director, ten20 Foundation Greg Peel CEO & Managing Director, Bendigo Bank Community Sector Banking Jane Vadiveloo

More information

Data Center Reference Architectures. Manish Karir Merit Network Inc.

Data Center Reference Architectures. Manish Karir Merit Network Inc. Data Center Reference Architectures Manish Karir Merit Network Inc. Outline Background Generalized data center architecture Data center variaaons Factors affecang data design Generalizing scale and workload

More information

TL 9000 Measurements Handbook, Release 5.0

TL 9000 Measurements Handbook, Release 5.0 Logo or heading here TL 9000 Measurements Handbook, Release 5.0 Changes from Release 4.5 Overview Measurements Handbook Changes R4.5 to R 5.0 Input from Sub- teams and IniAaAves tasked with developing

More information

Mobile Device Security Risks and RemediaAon Approaches

Mobile Device Security Risks and RemediaAon Approaches Mobile Device Security Risks and RemediaAon Approaches Raj Chaudhary, Principal, Crowe Horwath LLP In- Depth Seminars D11 CRISC CGEIT CISM CISA Informal Poll What is your Atle/role? Internal Audit IT Audit

More information

SERC Security. By Jennifer Bayuk

SERC Security. By Jennifer Bayuk SERC Security By Jennifer Bayuk Annual SERC Research Review October 5 6, 2011 University of Maryland MarrioF Inn and ConvenHon Center HyaFsville, MD www.sercuarc.org Annual SERC Research Review, October

More information

Scality RING High performance Storage So7ware for Email pla:orms, StaaS and Cloud ApplicaAons

Scality RING High performance Storage So7ware for Email pla:orms, StaaS and Cloud ApplicaAons Scality RING High performance Storage So7ware for Email pla:orms, StaaS and Cloud ApplicaAons Friday, March 18, 2011 MARKET ExponenAal Storage Demand The Digital Universe: Growing by a factor of 44 in

More information

Grid CompuAng AnalyAcs with Splunk Finnbar Cunningham

Grid CompuAng AnalyAcs with Splunk Finnbar Cunningham Copyright 2014 Splunk Inc. Grid CompuAng AnalyAcs with Splunk Finnbar Cunningham Head of Grid CompuAng OperaAons & Support Credit Suisse Disclaimer During the course of this presentaaon, we may make forward-

More information

BBM467 Data Intensive ApplicaAons

BBM467 Data Intensive ApplicaAons Hace7epe Üniversitesi Bilgisayar Mühendisliği Bölümü BBM467 Data Intensive ApplicaAons Dr. Fuat Akal akal@hace7epe.edu.tr Problem How do you scale up applicaaons? Run jobs processing 100 s of terabytes

More information

BBM467 Data Intensive ApplicaAons

BBM467 Data Intensive ApplicaAons Hace7epe Üniversitesi Bilgisayar Mühendisliği Bölümü BBM467 Data Intensive ApplicaAons Dr. Fuat Akal akal@hace7epe.edu.tr Overview What is Cloud CompuAng? VirtualizaAon Service Oriented CompuAng What is

More information

IBM's Strategic Approach to System- Centric MFT with Sterling Connect:Direct and WebSphere MQ Advanced

IBM's Strategic Approach to System- Centric MFT with Sterling Connect:Direct and WebSphere MQ Advanced IBM's Strategic Approach to System- Centric MFT with Sterling Connect:Direct and WebSphere MQ Advanced Dirk A. Maney Product Line Manager Managed File Transfer and Aspera Please Note IBM s statements regarding

More information

Unified Security Management

Unified Security Management Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy

More information

Lecture on Storage Systems

Lecture on Storage Systems Lecture on Storage Systems Network File Systems André Brinkmann Network File Systems Distributed File Systems NFS AFS Network A

More information

Niara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning

Niara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning Niara Security Analytics Automatically detect attacks on the inside using machine learning Automatically detect attacks on the inside Supercharge analysts capabilities Enhance existing security investments

More information

Business Case Development for Credit and Debit Card Fraud Re- Scoring Models

Business Case Development for Credit and Debit Card Fraud Re- Scoring Models Business Case Development for Credit and Debit Card Fraud Re- Scoring Models Kurt Gutzmann Managing Director & Chief ScienAst GCX Advanced Analy.cs LLC www.gcxanalyacs.com October 20, 2011 www.gcxanalyacs.com

More information

Mobile Security Wireless Mesh Network Security. Sascha Alexander Jopen

Mobile Security Wireless Mesh Network Security. Sascha Alexander Jopen Mobile Security Wireless Mesh Network Security Sascha Alexander Jopen Overview Introduction Wireless Ad-hoc Networks Wireless Mesh Networks Security in Wireless Networks Attacks on Wireless Mesh Networks

More information

Informa4on Security Management at Cer4ficate Authori4es

Informa4on Security Management at Cer4ficate Authori4es Informa4on Security Management at Cer4ficate Authori4es István Zsolt BERTA istvan@berta.hu Public Key Cryptographic Primi4ves 1 PKI lectures 1. Public key cryptography primiaves 2. CerAficates, CerAficate

More information

Niara Security Intelligence. Overview. Threat Discovery and Incident Investigation Reimagined

Niara Security Intelligence. Overview. Threat Discovery and Incident Investigation Reimagined Niara Security Intelligence Threat Discovery and Incident Investigation Reimagined Niara enables Compromised user discovery Malicious insider discovery Threat hunting Incident investigation Overview In

More information

Chapter 16 Objectives

Chapter 16 Objectives 1 Chapter 16 Objectives 1. Determine the number of units and amount of sales revenue needed to break even and to earn a target profit. 2. Determine the number of units and sales revenue needed to earn

More information

Recruitment Process Outsourcing

Recruitment Process Outsourcing Recruitment Process Outsourcing What, When and Why Some ideas to get you thinking about RPO What is Recruitment Process Outsourcing (RPO)? 2 What is Recruitment Process Outsourcing (RPO)? A client- centric

More information

Big Data & Data Visualiza.on: How to mine through the mess, discover what's important and put it to use

Big Data & Data Visualiza.on: How to mine through the mess, discover what's important and put it to use Big Data & Data Visualiza.on: How to mine through the mess, discover what's important and put it to use Erich Heneke Mayo Clinic Supply Chain Management My Team (SC Audit/Controls) Developed after a widespread

More information

2011 Cyber Security and the Advanced Persistent Threat A Holistic View

2011 Cyber Security and the Advanced Persistent Threat A Holistic View 2011 Cyber and the Advanced Persistent Threat A Holistic View Thomas Varney Cybersecurity & Privacy BM Global Business Services 1 31/10/11 Agenda The Threat We Face A View to Addressing the Four Big Problem

More information

Agile Contracts The Foundation of Successful Partnering

Agile Contracts The Foundation of Successful Partnering Agile Contracts The Foundation of Successful Partnering Hosts: Alex Brown Christine Hegarty 2011 Scrum Inc. Who We Are Scrum Inc. is the Agile leadership company of Dr. Jeff Sutherland, co-creator of Scrum.

More information

Part One: What is an EHR and the Top Ten Reasons to Implement Now

Part One: What is an EHR and the Top Ten Reasons to Implement Now Part One: What is an EHR and the Top Ten Reasons to Implement Now Brian Dimit Director of Industry MarkeAng PointClickCare February 1, 2012 EHR 101: What is EHR, Why Implement Now? We will begin in 5 minutes

More information

evm Virtualization Platform for Windows

evm Virtualization Platform for Windows B A C K G R O U N D E R evm Virtualization Platform for Windows Host your Embedded OS and Windows on a Single Hardware Platform using Intel Virtualization Technology April, 2008 TenAsys Corporation 1400

More information

Monitoring for network security and management. Cyber Solutions Inc.

Monitoring for network security and management. Cyber Solutions Inc. Monitoring for network security and management Cyber Solutions Inc. Why monitoring? Health check of networked node Usage and load evaluation for optimizing the configuration Illegal access detection for

More information

Procedia Computer Science

Procedia Computer Science Procedia Computer Science 00 (2012) 000 000 Procedia Computer Science www.elsevier.com/locate/procedia New Challenges in Systems Engineering and Architecting Conference on Systems Engineering Research

More information

Cybersecurity Capacity Assessment of the Republic of Kosovo. Lara Pace Kosovo June 2015

Cybersecurity Capacity Assessment of the Republic of Kosovo. Lara Pace Kosovo June 2015 Cybersecurity Capacity Assessment of the Republic of Kosovo Lara Pace Kosovo June 2015 CMM - Five Dimensions Levels of Maturity Start- up: At this level either nothing exists, or it is very embryonic in

More information

Network Mission Assurance

Network Mission Assurance Network Mission Assurance Michael F. Junod, Patrick A. Muckelbauer, PhD, Todd C. Hughes, PhD, Julius M. Etzl, and James E. Denny Lockheed Martin Advanced Technology Laboratories Camden, NJ 08102 {mjunod,pmuckelb,thughes,jetzl,jdenny}@atl.lmco.com

More information

On Reliability of COTS Hardware

On Reliability of COTS Hardware On Reliability of COTS Hardware Dr. Li Mo Chief Architect, CTO Group Agenda Differences between Telecom Hardware and COTS Hardware Analysis Framework Enhancing ApplicaAon Reliability via Backups TheoreAcal

More information

Wireless Sensor Networks Chapter 14: Security in WSNs

Wireless Sensor Networks Chapter 14: Security in WSNs Wireless Sensor Networks Chapter 14: Security in WSNs António Grilo Courtesy: see reading list Goals of this chapter To give an understanding of the security vulnerabilities of Wireless Sensor Networks

More information

Understand Your SAP HR and Payroll Reporting Options In A Cloud, On-Premise and Hybrid World

Understand Your SAP HR and Payroll Reporting Options In A Cloud, On-Premise and Hybrid World Understand Your SAP HR and Payroll Reporting Options In A Cloud, On-Premise and Hybrid World SpinifexIT Webinar Danielle Larocca, SpinifexIT Copyright 2014 SpinifexIT Pty Ltd. Questions How to submit a

More information

Leonardo Aniello aniello@dis.uniroma1.it

Leonardo Aniello aniello@dis.uniroma1.it SDCI 2012 HOT TOPICS IN SECURE AND DEPENDABLE COMPUTING FOR CRITICAL INFRASTRUCTURES JANUARY 15 TH 19 TH, CORTINA D AMPEZZO, ITALY COLLABORATIVE EVENT PROCESSING FOR THE PROTECTION OF CRITICAL INFRASTRUCTURES

More information

Intrusion Tolerance to Mitigate Attacks that Persist

Intrusion Tolerance to Mitigate Attacks that Persist Intrusion Tolerance to Mitigate Attacks that Persist Arun Sood Professor (Computer Science) and Co-Director International Cyber Center George Mason University, Fairfax, VA asood@gmu.edu The variety and

More information

Innova&ve IT Solu&ons. Oracle ACFS / Cloud File System. Unleash your Business- criacal ApplicaAons. Ma#hias Pölzinger Senior Consultant

Innova&ve IT Solu&ons. Oracle ACFS / Cloud File System. Unleash your Business- criacal ApplicaAons. Ma#hias Pölzinger Senior Consultant Oracle ACFS / Cloud File System Unleash your Business- criacal ApplicaAons Ma#hias Pölzinger Senior Consultant Speaker Ma#hias Pölzinger ma#hias.poelzinger@initso.at h#p://kb.initso.at Senior Consultant

More information

Network Management and Monitoring Software

Network Management and Monitoring Software Page 1 of 7 Network Management and Monitoring Software Many products on the market today provide analytical information to those who are responsible for the management of networked systems or what the

More information

A distributed data processing architecture for real time intelligent transport systems

A distributed data processing architecture for real time intelligent transport systems A distributed data processing architecture for real time intelligent transport systems K. Nesenbergs (krisjanis.nesenbergs@edi.lv) L. Selavo (leo.selavo@edi.lv) Institute of Electronics and Computer Science

More information

University of California Compu3ng Services Conference 2009. Campus Web Content Management

University of California Compu3ng Services Conference 2009. Campus Web Content Management University of California Compu3ng Services Conference 2009 Campus Web Content Management Why are you here? What do you want to get out of this session? What areas of emphasis do you want us to focus on?

More information

A Systems of Systems. The Internet of Things. perspective on. Johan Lukkien. Eindhoven University

A Systems of Systems. The Internet of Things. perspective on. Johan Lukkien. Eindhoven University A Systems of Systems perspective on The Internet of Things Johan Lukkien Eindhoven University System applications platform In-vehicle network network Local Control Local Control Local Control Reservations,

More information

Proposed Central Corridor Loyalty Program

Proposed Central Corridor Loyalty Program Proposed Central Corridor Loyalty Program 1 Business Problem Retail business will lose revenue in the range of 20% to 60% due to construcaon CCLRT ADer construcaon has started, idenafying current customers

More information

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,

More information

SECURITY. Risk & Compliance Services

SECURITY. Risk & Compliance Services SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize

More information

SAN Conceptual and Design Basics

SAN Conceptual and Design Basics TECHNICAL NOTE VMware Infrastructure 3 SAN Conceptual and Design Basics VMware ESX Server can be used in conjunction with a SAN (storage area network), a specialized high speed network that connects computer

More information

Cyber Security Metrics Dashboards & Analytics

Cyber Security Metrics Dashboards & Analytics Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics

More information

Execu&ve Coaching Program Design Checklist

Execu&ve Coaching Program Design Checklist Execu&ve Coaching Program Design Checklist Anyone responsible for execu1ve coaching in his/her organiza1on will benefit from this checklist. We have compiled all the key ques1ons that must be asked for

More information

University of Greenwich Graduate Internship Programme. Welcome Jerry Allen

University of Greenwich Graduate Internship Programme. Welcome Jerry Allen University of Greenwich Graduate Internship Programme Welcome Jerry Allen th Monday 5 November AdministraAon IntroducAon unal 12.30 12.30-1.30 lunch 1.30-4.30 CompeAtor Analysis AdministraAon Passport/ID

More information

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services Managing Vulnerabilities for PCI Compliance White Paper Christopher S. Harper Managing Director, Agio Security Services PCI STRATEGY Settling on a PCI vulnerability management strategy is sometimes a difficult

More information

Identity & Access Management: Strategic Roadmap. April 2013

Identity & Access Management: Strategic Roadmap. April 2013 Identity & Access Management: Strategic Roadmap April 2013 What is IAM? Identity & Access Management is the set of policies, process, and technologies used to manage digital identities and their access

More information

Federal CIO: Cloud Selection Toolkit. Georgetown University: Chris Radich Dana Christiansen Doyle Zhang India Donald

Federal CIO: Cloud Selection Toolkit. Georgetown University: Chris Radich Dana Christiansen Doyle Zhang India Donald Federal CIO: Cloud Selection Toolkit Georgetown University: Chris Radich Dana Christiansen Doyle Zhang India Donald Agenda Project Introduction Agency Cloud Challenges Toolkit Solution Overview Step 1:

More information

Graph Databases What makes them Different?

Graph Databases What makes them Different? www.objectivity.com Graph Databases What makes them Different? Darren Wood Chief Architect, InfiniteGraph NoSQL Data Specialists Everyone specializes Doctors, Lawyers, Bankers, Developers Why was data

More information

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 Table of Contents Introduction AMI Communication Architecture Security Threats Security

More information

Improving Cybersecurity and Resilience through Acquisition [DRAFT] IMPLEMENTATION PLAN

Improving Cybersecurity and Resilience through Acquisition [DRAFT] IMPLEMENTATION PLAN Improving Cybersecurity and Resilience through Acquisition [DRAFT] IMPLEMENTATION PLAN Version 1.0 February 2014 Page 1 of 7 Table of Contents Introduction... 3 Purpose... 3 Plan Development Process...

More information

CSC 774 Advanced Network Security. Outline. Related Work

CSC 774 Advanced Network Security. Outline. Related Work CC 77 Advanced Network ecurity Topic 6.3 ecure and Resilient Time ynchronization in Wireless ensor Networks 1 Outline Background of Wireless ensor Networks Related Work TinyeRync: ecure and Resilient Time

More information

GETTING STARTED WITH LABVIEW POINT-BY-POINT VIS

GETTING STARTED WITH LABVIEW POINT-BY-POINT VIS USER GUIDE GETTING STARTED WITH LABVIEW POINT-BY-POINT VIS Contents Using the LabVIEW Point-By-Point VI Libraries... 2 Initializing Point-By-Point VIs... 3 Frequently Asked Questions... 5 What Are the

More information

Process Solutions. Mitigating Cyber Security Risks in Legacy Process Control Systems. White Paper

Process Solutions. Mitigating Cyber Security Risks in Legacy Process Control Systems. White Paper Process Solutions White Paper Mitigating Cyber Security Risks in Legacy Process Control Executive Summary The term legacy process control system has different connotations for different people. To many,

More information

But I m Not a Salesman! Energy Efficiency Contractor Sales Training Success Stories

But I m Not a Salesman! Energy Efficiency Contractor Sales Training Success Stories But I m Not a Salesman! Energy Efficiency Contractor Sales Training Success Stories Elizabeth Stuart / Megan Billingsley Lawrence Berkeley NaDonal Laboratory BECC Conference, Sacramento, CA November 14,

More information

Stories from being an agile coach, Scrum developer and ScrumMaster. Companies: 2 startups acquired, one in Workforce, Warehouse & TransportaAon

Stories from being an agile coach, Scrum developer and ScrumMaster. Companies: 2 startups acquired, one in Workforce, Warehouse & TransportaAon Stories from being an agile coach, Scrum developer and ScrumMaster. Companies: 2 startups acquired, one in Workforce, Warehouse & TransportaAon SoBware SoluAons 1 in online booking & payment for tourism

More information

LoRaWAN. What is it? A technical overview of LoRa and LoRaWAN. Technical Marketing Workgroup 1.0

LoRaWAN. What is it? A technical overview of LoRa and LoRaWAN. Technical Marketing Workgroup 1.0 LoRaWAN What is it? A technical overview of LoRa and LoRaWAN Technical Marketing Workgroup 1.0 November 2015 TABLE OF CONTENTS 1. INTRODUCTION... 3 What is LoRa?... 3 Long Range (LoRa )... 3 2. Where does

More information

Large Scale Breach Lessons Learned. September 2013

Large Scale Breach Lessons Learned. September 2013 Large Scale Breach Lessons Learned September 2013 1 A Comprehensive Approach to Advanced Threat Defense The threat landscape has changed Adversaries have the ability to develop customized, targeted, and

More information

Agile Cyber Security Security for the Real World, Architectural Approach

Agile Cyber Security Security for the Real World, Architectural Approach Agile Cyber Security Security for the Real World, Architectural Approach Osama Al-Zoubi Senior Manger, Systems Engineering Fahad Aljutaily Senior Solution Architect, Security Market Trends Welcome to the

More information

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global

More information

REPORT. 2015 State of Vulnerability Risk Management

REPORT. 2015 State of Vulnerability Risk Management REPORT 2015 State of Vulnerability Risk Management Table of Contents Introduction: A Very Vulnerable Landscape... 3 Security Vulnerabilities by Industry... 4 Remediation Trends: A Cross-Industry Perspective...

More information

4.1 CD 301 - BSc (Hons) Information Technology (Diploma to Degree Upgrade 1.5 Years Part Time)

4.1 CD 301 - BSc (Hons) Information Technology (Diploma to Degree Upgrade 1.5 Years Part Time) 4.1 CD 301 - BSc (Hons) Information Technology (Diploma to Degree Upgrade 1.5 Years Part Time) 1. OBJECTIVES This Programme is geared towards producing computer professionals, with a thorough understanding

More information

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE0000191

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE0000191 Interim Techlogy Performance Report 3 PROJECT BOEING SGS Contract ID: DE-OE0000191 Project Type: Revision: V1 Company Name: The Boeing Company November 19, 2013 1 Interim Techlogy Performance Report 3

More information

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments What You Will Learn In many enterprises, physical security departments are making a notable

More information

Marble & MobileIron Mobile App Risk Mitigation

Marble & MobileIron Mobile App Risk Mitigation Marble & MobileIron Mobile App Risk Mitigation SOLUTION GUIDE Enterprise users routinely expose their employers data and threaten network security by unknowingly installing malicious mobile apps onto their

More information

A Primer on Cyber Threat Intelligence

A Primer on Cyber Threat Intelligence A Primer on Cyber Threat Intelligence AS ADVERTISED 2 BUZZWORD BINGO! 3 TODAY S CYBER SECURITY CHALLENGES CISOs finding it difficult to define security ROI to executives Short shelf life for CISOs Vastly

More information

Audit Logging. Overall Goals

Audit Logging. Overall Goals Audit Logging Security Training by Arctec Group (www.arctecgroup.net) 1 Overall Goals Building Visibility In Audit Logging Domain Model 2 1 Authentication, Authorization, and Auditing 3 4 2 5 6 3 Auditing

More information

Boundless Security Systems, Inc. digital video security systems to deter, intervene and investigate

Boundless Security Systems, Inc. digital video security systems to deter, intervene and investigate Security Systems, Inc. digital video security systems to deter, intervene and investigate Comparison of Video Security System Architectures Comparison Table, 2 Digital Video Recorder (DVR) has centralized

More information

Black River Entertainment Privacy Policy

Black River Entertainment Privacy Policy Black River Entertainment Privacy Policy This privacy policy applies to the Black River Entertainment website located at www.blackriverent.com (the Website ). The purpose of this privacy policy is to disclose

More information

using metrics to be.er discover, manage and charge for your cloud services

using metrics to be.er discover, manage and charge for your cloud services using metrics to be.er discover, manage and charge for your cloud services Robert E Stroud CGEIT CRISC Vice President Strategy & Innova;on CA Technologies IT Business Management RobertEStroud Robert E

More information

Combating Cyber Risk in the Supply Chain

Combating Cyber Risk in the Supply Chain SESSION ID: CRWD-W01 Combating Cyber Risk in the Supply Chain Joshua C. Douglas CTO Raytheon Cyber Products @RaytheonCyber Did You Know? 76% of all data breaches result from a third-party which introduced

More information

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial

More information

Software Development around a Millisecond

Software Development around a Millisecond Introduction Software Development around a Millisecond Geoffrey Fox In this column we consider software development methodologies with some emphasis on those relevant for large scale scientific computing.

More information

Strategic Plan FY 2014-2016

Strategic Plan FY 2014-2016 Strategic Plan FY 2014-2016 CONTENTS SUMMARY 3 ACADEMIC SERVICES 4 DATA MANAGEMENT & REPORTING 6 COMMUNICATIONS & COLLABORATION 7 IT SERVICES 8 INFRASTRUCTURE 9 SECURITY 10 BRAND BUILDING 11 INITIATION

More information

70-646 R3: Windows Server 2008 Administration. Course Overview. Course Outline. Course Length: 4 Day

70-646 R3: Windows Server 2008 Administration. Course Overview. Course Outline. Course Length: 4 Day 70-646 R3: Windows Server 2008 Administration Course Length: 4 Day Course Overview This course will prepare the student for Exam 70-646: Pro: Windows Server 2008, Server Administrator. Topics covered include

More information

SERVICE SCHEDULE MANAGED HOSTED APPLICATIONS

SERVICE SCHEDULE MANAGED HOSTED APPLICATIONS SERVICE SCHEDULE MANAGED HOSTED APPLICATIONS This is a Service Schedule as defined in the Conditions. Where the Services set out in this Service Schedule form part of the Services to be supplied under

More information

Scaling 10Gb/s Clustering at Wire-Speed

Scaling 10Gb/s Clustering at Wire-Speed Scaling 10Gb/s Clustering at Wire-Speed InfiniBand offers cost-effective wire-speed scaling with deterministic performance Mellanox Technologies Inc. 2900 Stender Way, Santa Clara, CA 95054 Tel: 408-970-3400

More information

McAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version 8.1.0 and earlier

McAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version 8.1.0 and earlier Application Note TrustedSource in McAfee Firewall Enterprise McAfee version 8.1.0 and earlier Firewall Enterprise This document uses a question and answer format to explain the TrustedSource reputation

More information

Distribution One Server Requirements

Distribution One Server Requirements Distribution One Server Requirements Introduction Welcome to the Hardware Configuration Guide. The goal of this guide is to provide a practical approach to sizing your Distribution One application and

More information

Cyber Incident Response

Cyber Incident Response State Capitol P.O. Box 2062 Albany, NY 12220-0062 www.its.ny.gov New York State Information Technology Standard IT Standard: Cyber Incident Response No: NYS-S13-005 Updated: 03/20/2015 Issued By: NYS ITS

More information

Secure Networks for Process Control

Secure Networks for Process Control Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than

More information

POLIWALL: AHEAD OF THE FIREWALL

POLIWALL: AHEAD OF THE FIREWALL POLIWALL: AHEAD OF THE FIREWALL FIREWALL HISTORY Since the earliest days of the Internet, when hackers sat in their darkened basements dialing into networks with dial-up modems, both network threats and

More information

Windows Embedded Security and Surveillance Solutions

Windows Embedded Security and Surveillance Solutions Windows Embedded Security and Surveillance Solutions Windows Embedded 2010 Page 1 Copyright The information contained in this document represents the current view of Microsoft Corporation on the issues

More information

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

GETTING REAL ABOUT SECURITY MANAGEMENT AND BIG DATA GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA" A Roadmap for "Big Data" in Security Analytics ESSENTIALS This paper examines: Escalating complexity of the security management environment, from threats

More information

Introduction to Wireless Sensor Network Security

Introduction to Wireless Sensor Network Security Smartening the Environment using Wireless Sensor Networks in a Developing Country Introduction to Wireless Sensor Network Security Presented By Al-Sakib Khan Pathan Department of Computer Science and Engineering

More information

Proactive Network Performance Monitoring

Proactive Network Performance Monitoring Proactive Network Performance Monitoring No other tool is as flexible and robust as Goliath Performance Monitor We have been using Goliath Performance Monitor for many years. We have looked at other tools

More information

Smart Manufacturing as a Real-Time Networked Enterprise and a Market-Driven Innovation Platform

Smart Manufacturing as a Real-Time Networked Enterprise and a Market-Driven Innovation Platform Smart Manufacturing as a Real-Time Networked Enterprise and a Market-Driven Innovation Platform Jim Davis Vice Provost IT & CTO at UCLA and SMLC Board Director Technology Denise Swink CEO SMLC Role/Viewpoint

More information

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved. Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control

More information

Above and Beyond Meaningful Use

Above and Beyond Meaningful Use Above and Beyond Meaningful Use Our templates are designed with the user in mind. To increase visibility, we color- coded the appointment statuses. To reduce confusion, we ve added special intervals between

More information

Intrusion Detection of Sinkhole Attacks in Wireless Sensor Networks

Intrusion Detection of Sinkhole Attacks in Wireless Sensor Networks Intrusion Detection of Sinkhole Attacks in Wireless Sensor Networks Ioannis Krontiris, Tassos Dimitriou, Thanassis Giannetsos, and Marios Mpasoukos Athens Information Technology, P.O.Box 68, 19.5 km Markopoulo

More information

Announcement of a new IAEA Co-ordinated Research Programme (CRP)

Announcement of a new IAEA Co-ordinated Research Programme (CRP) Announcement of a new IAEA Co-ordinated Research Programme (CRP) 1. Title of Co-ordinated Research Programme Design and engineering aspects of the robustness of digital instrumentation and control (I&C)

More information

(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative

(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative (U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative (U) Presidential Directive NSPD 54/HSPD 23, Cybersecurity Policy, established United States policy, strategy, guidelines,

More information

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014 Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security

More information