Tolling Systems Security. Ken Philmus Xerox Transportation Services

Transcription

1 Tolling Systems Security Ken Philmus Xerox Transportation Services Page 1 8/25/2015

2 Tolling Systems Security Must Be at Every Step and Overall Images sensor data Lane Controller Transactions images OPR results Transponder files Employee file Fare tables ITS interfaces Toll Collection Point ORT Monitor and Audit Transactions images OPR results Transponder files LPR/VSR Processing Human image review on low conf./first time Human review results Plate match Image Review Clerk Post Image Toll MVA or State DMV License plate, state, and type DMV name/address Back Office System Transponder match Post Toll Toll Bill or NOI Toll bill/ NOI payments TOR Page 2 8/25/2015

3 Three Layers of Controls and Protection Application and Data Firewalls and software security patches Servers MacAfee Anti-virus, File integrity monitoring, and applying security patches Network Intrusion detection, Virtual Firewalls Security Features and Controls are Implemented at Each Layer of the System Page 3 8/25/2015

4 First and not to be Forgotten - Physical Security Physical access controls (Door access and monitoring via CCTV) for cabinet areas Collector Terminals in cash/electronic lanes require proximity cards to obtain access Lane equipment cabinets are physically locked and electronically monitored Digital video and audit cameras in place and monitored Proximity or Smart Cards are used to obtain access to building and all sensitive areas Page 4 8/25/2015

5 System Infrastructure Security System Architecture Design Separated software environments in another three-tier architecture with the Agency and personal data isolated and secured Display Interfaces for collector and/or Plaza supervisor screens Business layer logic on how to interpret the data received from equipment Data layer Transaction data stored in the file or database Isolated networks are implemented and limited Protect lane controller and transaction data from unauthorized access within the agency and from various contractors Restrict unauthorized access to lane controller or cameras from agency network Server Security Operating System elements are hardened with appropriate vendor security patches, Anti-Virus software and other monitoring software Service accounts (Used for running jobs and application) are not generally granted direct logon Access to servers is monitored and alerted based on policies such as logon failures and access to critical server file systems Page 5 8/25/2015

6 Application Software Security Software Security for Lane, Plaza and Host Vendor recommended security patches and updates are installed for all 3rd party software System access is controlled through a centralized directory service (Active Directory / LDAP) and based on user/group/role Network access to lane controllers is encrypted using secure encrypted shells Daily updates to all work stations through centralized patch management servers All browsers support latest security protocols Page 6 8/25/2015

7 Data Exchange between Lane / Plaza / Host All file transfers to / from Lane Controllers (i.e. File Downloads/ uploads) are encrypted Real-time messages use two levels of secured web service connections Image transfers use secure protocols to copy files File integrity before and after exchanges is done via MD5 Checksums for binaries, configuration files and system directories such as for fare and toll schedules and lane software User Interface to lane and other plaza / host functionality is via browsers that support latest security protocols Sensitive personal information for all agency employees(collector name and pin/password information) is secured in the database using encryption techniques Page 7 8/25/2015

8 Benefits of Secure System Protect driver information, credit info and images Minimize risk of data loss that could lead to loss of revenue to the agency Prevent Interference in dynamic pricing algorithms calculating real-time traffic Protect loss of agency employee (toll collector and/or supervisor) personal information Travelers see correct, timely fare and message info on any variable message displays Maintain accuracy of tag and toll fare files on lane controller Mandated Compliance through Annual Third-Party, In-Depth Security Assessments Page 8 8/25/2015

9 Ken Philmus Senior Vice President