AN INTEGRATED SECURITY ARCHITECTURE FOR ENTERPRISE NETWORKS. BY OWOH, Nsikak Pius (B.Sc. Computer Science & M.Tech Cyber Security Science)

Transcription

1 [ AN INTEGRATED SECURITY ARCHITECTURE FOR ENTERPRISE NETWORKS. BY OWOH, Nsikak Pius (B.Sc. Computer Science & M.Tech Cyber Security Science) Ph.D. PROPOSAL SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE FACULTY, DALHOUSIE UNIVERSITY, CANADA. IN PARTIAL FULFILMENT OF THE REQUIREMENTS FOR THE AWARD OF ADMISSION FOR A PH.D DEGREE IN COMPUTER SCIENCE. JULY, 2015

2 CHAPTER ONE 1.0 INTRODUCTION Enterprise networks are made up of a group of local area networks (LAN) interconnected using Wide Area Networks (WAN), and make use of hundreds of servers that render support and services to thousands of users(employees) across an organisation and consisting of distinct geographical locations (SANS, 2002). Enterprise networks mostly convey sensitive or classified information, extra efforts must be put in place to protect and secure them: these networks most times are partitioned from Internet traffic (Chang & Kim,2014), and employees and hosts within the network are put under strict security policies. Regardless of these measures, these networks are still vulnerable to attacks (Anirudh et al, 2009). 1.1 Statement of the Problem Complicated/weak Policies: several policies are implemented concurrently such as: ACLs, VLANs, NATs and firewalls to protect enterprise networks. To this effect, when the architecture/topology and management policies change the configuration mostly breaks subverting security policies and making the network vulnerable. Also, most of these policies do not support scalability and enterprise networks deployed with this kind of architecture mostly are not robust enough to survive cases of attacks and compromise. Increased Trust on Device Policies: since devices like switches and routers perform switching and forwarding of packets and also export link state and calculate routes of packets. If this mechanism is bypassed or compromised, the attacker can cause Denial of Service (DoS) thereby bringing down the entire network. 1.2 Objectives of the Study This research is aimed at designing and developing an integrated security architecture, unifying both Enterprise Network Management Security Architecture and Enterprise Network Technology Security Architecture to present a framework that will achieve the following: A distributed security architecture that is scalable and robust at both ends of the enterprise network (ingress and egress) such that even when managerial security policies change and expansion of the enterprise network is experienced, the security policies can still strive. An integrated security architecture that reduces the rate of dependency and trust on configured policies on devices like: firewalls, switches and routers to just the distributed end point controllers. The goal of this approach will allow policies to be made on other elements like: classification of data to be protected, security domains risk management and tiered network. 1

3 2.0 CHAPTER TWO LITERATURE REVIEW Firewalls have been very vital to enterprise security for a long time now. However, their function is restricted to a large extent to enforcing coarse-grain network perimeters (Weaver et al, 2004). Misconfiguration of firewalls have remained a continuous problem even with its limited role (Wool, 2004). Several factors are responsible for this which SANE tries to address; especially, their lowlevel policy specification and much localized view make firewalls very sensitive to modifications in architecture and topology. Several attempts have examined less error prone methods for policy specification (Bartal et al, 2004), together with techniques to detect policy errors automatically (Mayer et al, 2000). The wish for a mechanism that aids pervassive enforcement, independence in architecture and topology, centralized management, and meaningful end-point identifiers brought about the origination of distributed firewalls (Bellovin, 1999) (Loannidis et al, 2000). Distributed firewalls have much in common with SANE in their initial motivation but differ substantially in their trust and usage model. First, is the requirement of some software to be installed on the end host. This can be of great benefit as it provides greater visibility into end host behavior, however, the downside of this is the cost of convenience. Significantly, for end hosts to perform enforcement, that end host must be trusted (or at least some part of it, e.g., the Operating systems (Loannidis et al, 2000), a VMM (Garfinkel, et al, 2003), the NIC (Markham &Payne, 2003), or some small peripheral (Prevelakis & Keromytis, 2002). In addition, in a distributed firewall situation, the network infrastructure itself lacks protection, i.e., the network is still on by default. This design deploys no defense-in-depth if the end-point firewall is bypassed or compromised, as all other network elements (e.g., routers, switches, servers, and unprotected end hosts) will be left exposed. Existing configurations of coarse-grain network perimeters (e.g. multiple firewalls) and end host protective schemes (e.g. anti-virus software) are ineffective against worms, when are deployed individually or unified (Weaver et al, 2004). In SANE, network policy is service oriented and enforced via ACLs on a network directory service that operates similar to a file system. While a familiar policy model in the context of file systems, enterprise networks today do not contain named services. In addition to lack of compatibility, this change from traditional firewall declarations could bring about a usability set back to administrators. 2

4 3.0 CHAPTER THREE RESEARCH METHODOLOGY 3.1 Data Analysis ISAFEN will enforce network usage policies to check activities of users of d network (employees of the organisation) these policies are expected to keep the network running in cases where technological policies are breached. For ISAFEN to be designed and implemented efficiently, data will be classified into Public, Proprietary and private and d sensitiveness of data presented at each level. ISAFEN breaks down the enterprise networks into tiers of intranet and internet demonstrating the three different tiers. Enterprise Net work Enterprise Network Security Enterprise Network Security Architecture Enterprise Network Management Security Architecture Security Policies Enterprise Network Technology Security Architecture Firewalls Risk Management Trust Levels/Data Classification Security Domains Tiered Networks Intrusion Detection System Serve r - based Protection Host - based Protection Integrated Security Architecture Figure 3.1: Model for proposed Integrated Security Architecture for Enterprise Network. 3

5 4.0 CHAPTER FOUR EXPECTED FINDINGS AND SUMMARY Findings Integrated Security Architecture for Enterprise Network (ISAFEN) is a security architecture designed for enterprise networks: to this end, a university network will be used as a case study to design and implement the proposed security architecture in order to evaluate its performance adequately. Conclusion Enterprise Networks are deployed to facilitate businesses and services, to this end it is important to design schemes that will secure the Enterprise network and at the same time not negate the goal of the business. Since most cases of compromise are not always raised for fear of losing business relevance and importance. This research work however, presents an integrated security architecture that will unify managerial policies and frameworks together with technological policies that will further secure enterprise network from the design phase down to configuration and implementation phase. 4

6 5.0 REFERENCES Anirudh, R., Yogesh, M., Mukarram, B., Tariq, and Nick Feamster (2009). Securing Enterprise Networks Using Traffic Tainting. School of Computer Science, Georgia Institute of Technology, Bartal, Y., Mayer, A. J., Nissim, K. and Wool. F. A. (2004). A novel firewall management toolkit. ACM Trans. Computing. Systems., 22(4); Bellovin, S. M. (1999). Distributed firewalls. Chang-Su Moonand Sun-Hyung Kim (2014). A Study on the Integrated Security System based Real-time Network Packet Deep Inspection International Journal of Security and Its Applications Dept. of Information & Communication Eng., Graduate Soonchunhyang Univ., Chungnam, Republic of Korea, 8(1); Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M. and Boneh., T. D. (2003). A virtual machine-based platform for trusted computing. In Proceedings of the 19th Symposium on Operating System Principles, 8(10); 6-9. Ioannidis, S., Keromytis, A. D., Bellovin, S. M. and Smith, J. M. (2000). Implementing a distributed firewall. In ACM Conference on Computer and Communications Security, 8(9); Markham, T. and Payne, C. (2003). Security at the Network Edge: A Distributed Firewall Architecture. In DARPA Information Survivability Conference and Exposition, G. M. Marro. Attacks at the data link layer, 7(9); Mayer, A., Wool, and Ziskind E. (2000). A firewall analysis engine. In SP 00: Proceedings of the IEEE Symposium on Security and Privacy,, Washington, DC, USA, 5(8); Prevelakis, V. and Keromytis, A. D.. (2002). Designing an Embedded Firewall/VPN Gatweway. In Proceeding. International Network Conference, 10(13); 6-9. SANS Security Essentials GSEC,. (2002). As part of the Information Security Reading Room. Weaver, N., Ellis, D., S. Staniford, and Paxson, V. (2004). Worms vs. Perimeters: The Case for Hard-LANs. In Proceeding. Hot Interconnects, 3-5. Wool, A. (2004). A quantitative study of firewall configuration errors. IEEE Computer, 37(6);