Meeting Cyber Security Challenges
Size: px
Start display at page:

Download "Meeting Cyber Security Challenges"

Transcription

1 Meeting Cyber Security Challenges Presented to Naval Postgraduate School Cyber Summit 29 October 2009 Cynthia Irvine, PhD, Professor Naval Postgraduate School UNCLASSIFIED

2 Overview Challenges in Cyber Security Important NPS capabilities Selected research activities Irvine, 29 October 2009 NPS Cyber Security Summit 2

3 Cyberspace Internet is today s core many interdependencies Information, software, virtual communities Critical infrastructure dependent upon information technology Cyberspace physical infrastructure Irvine, 29 October 2009 NPS Cyber Security Summit 3

4 Networks upon Networks Cyberspace: hierarchies of virtual and cyber-physical networks Range from tiny to large Many smart, small devices Highly interconnected Hybrid systems pervasive Sensor and control Enormous Complexity Irvine, 29 October 2009 NPS Cyber Security Summit 4

5 Cyber Security Grand Challenges Extensible Trustworthy Systems Cyber Identity Resilient Survivable Systems Information Provenance Measurement of Security Countering Insiders Ergonomic Security Usability Balance security and privacy Better Methods to Construct & Assess Secure Systems Economic Security reuse and composition Human Capacity Irvine, 29 October 2009 NPS Cyber Security Summit 5

6 Cyber Security Grand Challenges Extensible Trustworthy Systems Single flaw can topple entire system. Building blocks for which we have high confidence are needed Irvine, 29 October 2009 NPS Cyber Security Summit 6

7 Cyber Security Grand Challenges Cyber Identity: Who and what am I talking to? Irvine, 29 October 2009 NPS Cyber Security Summit 7

8 Cyber Security Grand Challenges Resilient Survivable Systems Systems must Degrade gracefully Maintain security under attack Recover securely from fall-back mode In worst case: fail secure Irvine, 29 October 2009 NPS Cyber Security Summit 8

9 Cyber Security Grand Challenges Information Provenance Real Fake Irvine, 29 October 2009 NPS Cyber Security Summit 9

10 Cyber Security Grand Challenges Measurement of Security We need to be able to quantify security Technically, to enable system construction So that decision makers can weigh risks Irvine, 29 October 2009 NPS Cyber Security Summit 10

11 Cyber Security Grand Challenges Countering Insiders Irvine, 29 October 2009 NPS Cyber Security Summit 11

12 Cyber Security Grand Challenges Ergonomic Security Usability Cyber security hygiene must be understandable and easy to use. Irvine, 29 October 2009 NPS Cyber Security Summit 12

13 Cyber Security Grand Challenges Balance security and privacy These are sometimes conflicting objectives Can information be authentic yet anonymous? Irvine, 29 October 2009 NPS Cyber Security Summit 13

14 Cyber Security Grand Challenges Better Methods to Construct & Assess Secure Systems Current tools for constructing secure systems are often inadequate and difficult to use. Irvine, 29 October 2009 NPS Cyber Security Summit 14

15 Cyber Security Grand Challenges Economic Security Reuse and composition of components Do we have to boil the ocean yet again each time we build a secure system? Irvine, 29 October 2009 NPS Cyber Security Summit 15

16 Cyber Security Grand Challenges Human Capacity The need for talent at all levels is critical Education must be a high priority Our competiveness in a globalized economy depends on it. Irvine, 29 October 2009 NPS Cyber Security Summit 16

17 Huge Benefits / Huge Risks Cyber security is enabling technology. Allows activities otherwise unthinkable Risks include Physical failures Technological failures Misuse Crime: extortion, theft Disruption, usurpation Propaganda, disinformation Many risks today adversaries have the upper hand Need to change the balance Irvine, 29 October 2009 NPS Cyber Security Summit 17

18 Overview Challenges in Cyber Security Important NPS capabilities CISR Educational Programs Selected research activities Irvine, 29 October 2009 NPS Cyber Security Summit 18

19 Cyber Security In the NPS Computer Science Department, we do it. and we have been doing it well for a long time (1978) Irvine, 29 October 2009 NPS Cyber Security Summit 19

20 Things we ve been doing well Security Science Theoretical formalisms Models Protocol analysis Constructive Security Highly trustworthy systems Multilevel security Hardware security Security Engineering Tools and application Security Analytics Forensics Data mining Vulnerability analysis Security Applications Intrusion detection Identity management Security Education Courses & Curricula Certificates Games & Outreach Irvine, 29 October 2009 NPS Cyber Security Summit 20

21 Center for Information Systems Security Studies and Research CISR established in 1996 Began national security education outreach in 1997 Center of Academic Excellence NSA and DHS joint award Information Assurance Education Information Assurance Research Scholarship Programs IASP in cyber security for military officers Inaugural participant NSF Scholarship for Service 60 graduates to date civilian members of Federal workforce Monarch to encourage women and underrepresented groups Synergistic research and education Large research group with critical mass for hard problems Irvine, 29 October 2009 NPS Cyber Security Summit 21

22 Educational Programs MS and PhD degrees All MS students take introduction to computer security Security track in CS Department 4 required courses 4 electives Thesis research Certificate Programs Identity Management Certificate 4 courses Hybrid format Participants work at their regular jobs while taking classes Information Systems Security Engineering Certificate Currently teaching to students at NSA Irvine, 29 October 2009 NPS Cyber Security Summit 22

23 Courses: Elementary to Advanced Introduction to Computer Security Secure Management of Systems* Network Security* Secure Systems Principles* Security Policies Models and Formal Methods* Cyber Ethics and Policies Network Vulnerability Analysis and Risk Mitigation Biometrics CS Core * Security Track Required Information Systems Security Engineering Certificate Identity Management Certificate (joint with two IS courses) Identity Management Infrastructure Protocol Analysis Introduction to Information System Security Engineering Applied Information System Security Engineering Secure Systems Lifecycle Wireless Security Advanced Vulnerability Analysis Forensics Data Fusion Certification and Accreditation Advanced topics Irvine, 29 October 2009 NPS Cyber Security Summit 23

24 Security Applications Security Science Security Engineering Security Analytics Security Education Constructive Security Irvine, 29 October 2009 NPS Cyber Security Summit 24

25 Security Applications Security Science Security Engineering Security Analytics Security Education Constructive Security Irvine, 29 October 2009 NPS Cyber Security Summit 25

26 Overview Challenges in Cyber Security Important NPS capabilities Selected research activities Trusted Computing Exemplar Trustworthy Architectures Multilevel Security Cyber Security Game Hardware Security Irvine, 29 October 2009 NPS Cyber Security Summit 26

27 Trusted Computing Exemplar Project

28 Address Subversion - Limit Opportunity Need lifecycle assurance High assurance Protection via rigorous security engineering No unspecified functionality Use of formal verification techniques When Applied in MLS Context: Bound information flow Prevents Trojan Horse damage Uses formal models Supports implementation assessment Irvine, 29 October 2009 NPS Cyber Security Summit 28

29 TCX Integrated Activities Rapid High Assurance Development Framework Configuration Management, Engineering Process, Semantic programming-based documentation system Develop High Assurance Security Concepts Separation Kernel - EAL7 Many student research projects High Assurance Application Authentication Device for MLS Trusted Path Evaluate Components for High Assurance Developing EAL6+ Separation Kernel Protection Profile ST will be EAL7 Disseminate Results via Open Methodology Irvine, 29 October 2009 NPS Cyber Security Summit 29

30 TCX Benefits Evaluatable Reference Implementation Components with a priori Assurance Against System Subversion Public Availability of High Assurance Development Framework Transfer to Next Generation New Experts in Security Development High Assurance Knowledge and Capabilities Irvine, 29 October 2009 NPS Cyber Security Summit 30

31 Trustworthy Architectures emergency access to critical data

32 Emergency Access to Critical Data Most of the time Joe is an ordinary guy During emergencies, he is allowed to access critical information Extraordinary information cannot be leaked to the internet When emergency ends, collected information sent to emergency management Device is purged of emergency information, reset for next emergency Irvine, 29 October 2009 NPS Cyber Security Summit 32

33 Key Concepts Based on Least Privilege Separation Kernel Ensures separation of normal and emergency information Permits emergency activities to access selected normal data Extraordinary access mediated by high assurance enforcement mechanism Gives cooperating organizations confidence that shared information is protected Trusted path mechanism Receives initial emergency signal Insures that only authorized first responders have access to emergency information Provides ergonomic security Irvine, 29 October 2009 NPS Cyber Security Summit 33

34 Multilevel Security

35 Networks that cannot share National policies information protection must be enforced Separate networks for each classification level Internet / NIPRNET / SIPRNET / JWICS Some communities require mandatory separation of compartments Coalitions result in additional networks Problem: No coherent view of classified information Requirements Secure - enforce national policies Usable - support applications that make users productive Scalable - extensible beyond small laboratory experiments Irvine, 29 October 2009 NPS Cyber Security Summit 35

36 Our Solution: MYSEA The Monterey Security Architecture (MYSEA) A high assurance client-server system that allows authenticated users executing popular commercial applications to securely access data and services at different classification levels simultaneously High assurance multilevel LAN/WAN architecture Many commodity components Commercial off-the shelf workstations, OS and applications Legacy single-level networks Reduce system footprint one PC, many classification levels Strategic high assurance components Policy decision and enforcement Prototype implementation and integrated MLS testbed Irvine, 29 October 2009 NPS Cyber Security Summit 36

37 MYSEA System View MULTILEVEL ENCLAVE Internet Stateless Client Trusted Path Extension Encrypted Channel Authentication Server MLS Store Single Level COTS Services Firewall FOUO User Dynamic Security Services Manager MLS Store Application Server MLS Store Trusted Channel Module Single Level COTS Services Encryptor Encryptor SECRET User Stateless Client Trusted Path Extension Application Server MLS Store MYSEA High Assurance Component GOTS Component FEDERATION OF MYSEA MLS SERVERS Trusted Channel Module Single Level COTS Services Encryptor Encryptor TOP SECRET Irvine, 29 October 2009 NPS Cyber Security Summit 37

38 MYSEA Security Features Technical elements Familiar user work environment Integration of MLS LAN with classified networks Centralized security management Dynamic security policies and services True multilevel access to data Single sign-on within the MLS LAN Server replication supports scalability High assurance trusted path SUMMARY MYSEA gives users coherent view of information at different classifications levels Irvine, 29 October 2009 NPS Cyber Security Summit 38

39 CyberCIEGE a cyber security game

40 ATTACKERS Player = Information Security Decision Maker User Countermeasures VPNs User Firewalls Antivirus Link encryptors PKI Authentication servers Trojan horse Trap door Insiders Virus / worms / Bots Wiretaps Denial of service Goal Goal Access control lists Cross domain solutions Card readers Biometric scanners Procedural security Goal Goal Asset $$ Network Asset $ Asset $$$$ Vandals Computer Computer Irvine, 29 October 2009 NPS Cyber Security Summit 40

41 Who Uses CyberCIEGE? Requests by the numbers Navy 60 Army 103 Air Force 104 Marines 20 US Government 139 University 245 Community College 45 High School 18 Other 85 Irvine, 29 October 2009 NPS Cyber Security Summit 41

42 3Dsec Security in Hardware

43 Processor Layer Security Layer Post 3DSec: Trustworthy System Security through 3D Integrated Hardware Goal: Build trustworthy systems using commercial hardware components Problem: Integrating specialized security mechanisms is too costly for hardware vendors Idea: Augment commodity hardware after fabrication with a separate layer of security circuitry Silicon Layer 2 Silicon Layer 1 Cross Section Anticipated Benefits: Configurable, protected, low-cost hardware security controls that can override activity in the commodity hardware Privacy Applications: Detect and intercept the execution of malicious code Prevent the microprocessor internals from being exploited to leak crypto keys Tag and Track private information as it flows through a processor

44 Summary Challenges in Cyber Security Important NPS capabilities Selected research activities NPS resources in CISR and the Department of Computer Science are among best in the world for the study and advancement of Cyber Security. Irvine, 29 October 2009 NPS Cyber Security Summit 44

45 Cynthia E. Irvine, PhD Director, Center for Information Systems Security Studies and Research Department of Computer Science Naval Postgraduate School Monterey, California Irvine, 29 October 2009 NPS Cyber Security Summit 45

Similar documents

Active Learning with the CyberCIEGE Video Game

Active Learning with the CyberCIEGE Video Game Active Learning with the CyberCIEGE Video Game 2011 Michael F. Thompson and Dr. Cynthia E. Irvine Department of Computer Science Naval Postgraduate School Monterey, CA USA The CyberCIEGE Educational Video

More information

Simulation of PKI-Enabled Communication for Identity Management Using CyberCIEGE

Simulation of PKI-Enabled Communication for Identity Management Using CyberCIEGE The 2010 Military Communications Conference - Unclassified Program - Cyber Security and Network Management Simulation of PKI-Enabled Communication for Identity Management Using CyberCIEGE C.E. Irvine and

More information

Methodology for Assessment of Security Properties

Methodology for Assessment of Security Properties Methodology for Assessment of Security Properties Cyber Security Division 2012 Principal Investigators Meeting October 9-11, 2012 Cynthia E. Irvine Professor of Computer Science Naval Postgraduate School

More information

A DOCTORAL PROGRAM WITH SPECIALIZATION IN INFORMATION SECURITY A High Assurance Constructive Security Approach

A DOCTORAL PROGRAM WITH SPECIALIZATION IN INFORMATION SECURITY A High Assurance Constructive Security Approach A DOCTORAL PROGRAM WITH SPECIALIZATION IN INFORMATION SECURITY A High Assurance Constructive Security Approach Cynthia E. Irvine and Timothy E. Levin Department of Computer Science, Naval Postgraduate

More information

Update On Smart Grid Cyber Security

Update On Smart Grid Cyber Security Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats

More information

TUSKEGEE CYBER SECURITY PATH FORWARD

TUSKEGEE CYBER SECURITY PATH FORWARD TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,

More information

Weighted Total Mark. Weighted Exam Mark

Weighted Total Mark. Weighted Exam Mark CMP4103 Computer Systems and Network Security Period per Week Contact Hour per Semester Weighted Total Mark Weighted Exam Mark Weighted Continuous Assessment Mark Credit Units LH PH TH CH WTM WEM WCM CU

More information

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

An Approach for Cross-Domain Intrusion Detection

An Approach for Cross-Domain Intrusion Detection An Approach for Cross-Domain Intrusion Detection Thuy Nguyen, Mark Gondree, Jean Khosalim, David Shifflett, Timothy Levin and Cynthia Irvine Naval Postgraduate School, Monterey, California, USA tdnguyen@nps.edu

More information

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace Triangle InfoSeCon Alternative Approaches for Secure Operations in Cyberspace Lt General Bob Elder, USAF (Retired) Research Professor, George Mason University Strategic Advisor, Georgia Tech Research Institute

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

TRUST Background. National Science Foundation Office of Integrative Activities (OIA) Core Funding (FY2005-2015)

TRUST Background. National Science Foundation Office of Integrative Activities (OIA) Core Funding (FY2005-2015) TRUST TRUST: : Team for Research in Ubiquitous Secure Technology A Collaborative Approach to Advancing Cyber Security Research and Development Larry Rohrbough Executive Director, TRUST University of California,

More information

A DOCTORAL PROGRAM WITH SPECIALIZATION IN INFORMATION SECURITY A High Assurance Constructive Security Approach

A DOCTORAL PROGRAM WITH SPECIALIZATION IN INFORMATION SECURITY A High Assurance Constructive Security Approach A DOCTORAL PROGRAM WITH SPECIALIZATION IN INFORMATION SECURITY A High Assurance Constructive Security Approach Cynthia E. Irvine and Timothy E. Levin Department of Computer Science, Naval Postgraduate

More information

Section 12 MUST BE COMPLETED BY: 4/22

Section 12 MUST BE COMPLETED BY: 4/22 Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege

More information

Fundamentals of Network Security - Theory and Practice-

Fundamentals of Network Security - Theory and Practice- Fundamentals of Network Security - Theory and Practice- Program: Day 1... 1 1. General Security Concepts... 1 2. Identifying Potential Risks... 1 Day 2... 2 3. Infrastructure and Connectivity... 2 4. Monitoring

More information

Bellevue University Cybersecurity Programs & Courses

Bellevue University Cybersecurity Programs & Courses Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320

More information

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those

More information

Protecting Organizations from Cyber Attack

Protecting Organizations from Cyber Attack Protecting Organizations from Cyber Attack Cliff Glantz and Guy Landine Pacific Northwest National Laboratory (PNNL) PO Box 999 Richland, WA 99352 cliff.glantz@pnnl.gov guy.landine@pnnl.gov 1 Key Topics

More information

Firewalls CSCI 454/554

Firewalls CSCI 454/554 Firewalls CSCI 454/554 Why Firewall? 1 Why Firewall (cont d) w now everyone want to be on the Internet w and to interconnect networks w has persistent security concerns n can t easily secure every system

More information

CS 665: Computer System Security. Designing Trusted Operating Systems. Trusted? What Makes System Trusted. Information Assurance Module

CS 665: Computer System Security. Designing Trusted Operating Systems. Trusted? What Makes System Trusted. Information Assurance Module CS 665: Computer System Security Designing Trusted Operating Systems Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Trusted? An operating system is

More information

.NAVAL POSTGRADUATE SCHOOL Monterey, California

.NAVAL POSTGRADUATE SCHOOL Monterey, California A NPS-CS-02-004.NAVAL POSTGRADUATE SCHOOL Monterey, California Diamond HASP Trusted Computing Exemplar Cynthia E. Irvine Timothy E. Levin George W. Dinolt September 2002 Approved for public release; distribution

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved. Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control

More information

Joint Interpretation Library

Joint Interpretation Library for smart cards and similar devices Document purpose: provide requirements to developers and guidance to evaluators to fulfill the Security Architecture requirements of CC V3 ADV_ARC family. Version 2.0

More information

---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model---

---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model--- ---Information Technology (IT) Specialist (GS-2210) IT Security Model--- TECHNICAL COMPETENCIES Computer Forensics Knowledge of tools and techniques pertaining to legal evidence used in the analysis of

More information

IQware's Approach to Software and IT security Issues

IQware's Approach to Software and IT security Issues IQware's Approach to Software and IT security Issues The Need for Security Security is essential in business intelligence (BI) systems since they have access to critical and proprietary enterprise information.

More information

NAVAL POSTGRADUATE SCHOOL THESIS

NAVAL POSTGRADUATE SCHOOL THESIS NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS SINGLE SIGN-ON SOLUTION FOR MYSEA SERVICES by Sonia Bui September 2005 Thesis Advisor: Co-Advisor: Cynthia E. Irvine Thuy D. Nguyen Approved for public

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

Chapter 1: Introduction

Chapter 1: Introduction Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure

More information

EECS 588: Computer and Network Security. Introduction January 14, 2014

EECS 588: Computer and Network Security. Introduction January 14, 2014 EECS 588: Computer and Network Security Introduction January 14, 2014 Today s Class Welcome! Goals for the course Topics, what interests you? Introduction to security research Components of your grade

More information

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs Mandatory Knowledge Units 1.0 Core2Y 1.1 Basic Data Analysis The intent of this Knowledge Unit is to provide students with basic abilities to manipulate data into meaningful information. 1.1.1 Topics Summary

More information

Priority III: A National Cyberspace Security Awareness and Training Program

Priority III: A National Cyberspace Security Awareness and Training Program Priority III: A National Cyberspace Security Awareness and Training Program Everyone who relies on part of cyberspace is encouraged to help secure the part of cyberspace that they can influence or control.

More information

Cyber Security Risk Mitigation Checklist

Cyber Security Risk Mitigation Checklist Cyber Security Risk Mitigation Checklist Contents Building a Risk Management AMI Program MDM Cyber Security Policy Communication Systems Personnel and Training Scada Operational Risks In Home Displays

More information

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np Meaning Why is Security Audit Important Framework Audit Process Auditing Application Security

More information

External Supplier Control Requirements

External Supplier Control Requirements External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must

More information

Interdisciplinary Program in Information Security and Assurance. By Kossi Edoh NC A&T State University Greensboro

Interdisciplinary Program in Information Security and Assurance. By Kossi Edoh NC A&T State University Greensboro Interdisciplinary Program in Information Security and Assurance By Kossi Edoh NC A&T State University Greensboro Information Assurance The protection of electronic information and infrastructures that

More information

Naval Postgraduate School Department of Computer Science Graduation Checklist for MSCS Degree 6203P Subspecialty Code (Revised: Fall AY14)

Naval Postgraduate School Department of Computer Science Graduation Checklist for MSCS Degree 6203P Subspecialty Code (Revised: Fall AY14) Naval Postgraduate School Department of Computer Science Graduation Checklist for MSCS Degree 6203P Subspecialty Code () Name/Rank/Service: Month/Year Enrolled: Projected Graduation Date: CS Track: 1.

More information

MS Information Security (MSIS)

MS Information Security (MSIS) MS Information Security (MSIS) Riphah Institute of Systems Engineering (RISE) Riphah International University, Islamabad, Pakistan 1. Program Overview: The program aims to develop core competencies in

More information

Protecting Your Organisation from Targeted Cyber Intrusion

Protecting Your Organisation from Targeted Cyber Intrusion Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology

More information

Cyber Security at NSU

Cyber Security at NSU Cyber Security at NSU Aurelia T. Williams, Ph.D. Chair, Department of Computer Science Associate Professor of Computer Science June 9, 2015 Background Undergraduate computer science degree program began

More information

Security A Big Question for Big Data

Security A Big Question for Big Data Security A Big Question for Big Data Prof Roger R. Schell University of Southern California Keynote Lecture IEEE BIgData 2013 Santa Clara, CA October 9, 2013 Implications of Current State of IT Security

More information

Bypassing Firewalls: Tools and Techniques

Bypassing Firewalls: Tools and Techniques Bypassing Firewalls: Tools and Techniques Jake Hill jah@alien.bt.co.uk March 23, 2000 Abstract This paper highlights a very important problem with network perimeter firewalls. The threat discussed is not

More information

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

EECS 588: Computer and Network Security. Introduction

EECS 588: Computer and Network Security. Introduction EECS 588: Computer and Network Security Introduction January 13, 2014 Today s Cass Class Welcome! Goals for the course Topics, what interests you? Introduction to security research Components of your grade

More information

Information Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore E-mail:bhu261@gmail.com Outline of Information Security Introduction Impact of information Need

More information

Security aspects of e-tailing. Chapter 7

Security aspects of e-tailing. Chapter 7 Security aspects of e-tailing Chapter 7 1 Learning Objectives Understand the general concerns of customers concerning security Understand what e-tailers can do to address these concerns 2 Players in e-tailing

More information

Building Robust Security Solutions Using Layering And Independence

Building Robust Security Solutions Using Layering And Independence Building Robust Security Solutions Using Layering And Independence Fred Roeper Neal Ziring Information Assurance Directorate National Security Agency Session ID: STAR-401 Session Classification: Intermediate

More information

Actions and Recommendations (A/R) Summary

Actions and Recommendations (A/R) Summary Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry

More information

Cyber Security Training and Awareness Through Game Play

Cyber Security Training and Awareness Through Game Play Cyber Security Training and Awareness Through Game Play Benjamin D. Cone, Michael F. Thompson, Cynthia E. Irvine, and Thuy D. Nguyen Naval Postgraduate School, Monterey, CA 93943, USA {bdcone,mfthomps,irvine,tdnguyen}@nps.edu

More information

The Cyber Security Crisis

The Cyber Security Crisis The Cyber Security Crisis Eugene H. Spafford Professor & Executive Director CERIAS http://www.cerias.purdue.edu/ The State of Cybersecurity Overwhelming vulnerabilities About 4000 in each of 2003, 2004

More information

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

More information

Software Application Control and SDLC

Software Application Control and SDLC Software Application Control and SDLC Albert J. Marcella, Jr., Ph.D., CISA, CISM 1 The most effective way to achieve secure software is for its development life cycle processes to rigorously conform to

More information

Principles of Information Assurance Syllabus

Principles of Information Assurance Syllabus Course Number: Pre-requisite: Career Cluster/Pathway: Career Major: Locations: Length: 8130 (OHLAP Approved) Fundamentals of Technology or equivalent industry certifications and/or work experience. Information

More information

Mobile Devices and Malicious Code Attack Prevention

Mobile Devices and Malicious Code Attack Prevention Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER Malicious Code and Mobile Devices: Best Practices for Securing Mobile Environments Sponsored

More information

Thales Communications Perspectives to the Future Internet 2 nd June 2010 - Luxembourg

Thales Communications Perspectives to the Future Internet 2 nd June 2010 - Luxembourg Thales Communications Perspectives to the Future Internet 2 nd June 2010 - Luxembourg Challenges of Future Internet Internet as a starting point Was defined for asynchronous services (web pages, file transfer

More information

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY PRINCIPLES AND PRACTICE OF INFORMATION SECURITY Protecting Computers from Hackers and Lawyers Linda Volonino, Ph.D. Canisius College Stephen R. Robinson Verity Partners, LLC with contributions by Charles

More information

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding

More information

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.

More information

NIST Cyber Security Activities

NIST Cyber Security Activities NIST Cyber Security Activities Dr. Alicia Clay Deputy Chief, Computer Security Division NIST Information Technology Laboratory U.S. Department of Commerce September 29, 2004 1 Computer Security Division

More information

INTRUSION DETECTION SYSTEMS and Network Security

INTRUSION DETECTION SYSTEMS and Network Security INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS

More information

Center of Academic Excellence Cyber Operations Program 2013 Application

Center of Academic Excellence Cyber Operations Program 2013 Application Center of Academic Excellence Cyber Operations Program 2013 Application Name of Institution: Mailing Address of Institution: Date: Institution s President s Name and Official Email Address: Department

More information

The University of Alabama Cyber Research Initiatives. Cyber Forensics Research Cyber Security Research

The University of Alabama Cyber Research Initiatives. Cyber Forensics Research Cyber Security Research The University of Alabama Cyber Research Initiatives Cyber Forensics Research Cyber Security Research Cyber Forensics Research Department of Criminal Justice College of Arts and Sciences Cyber Crime Research

More information

Improvements Needed With Host-Based Intrusion Detection Systems

Improvements Needed With Host-Based Intrusion Detection Systems Report No. DODIG-2012-050 February 3, 2012 Improvements Needed With Host-Based Intrusion Detection Systems Warning This report is a product of the Inspector General of the Department of Defense. Its contents

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

JOURNAL OF OBJECT TECHNOLOGY

JOURNAL OF OBJECT TECHNOLOGY JOURNAL OF OBJECT TECHNOLOGY Online at www.jot.fm. Published by ETH Zurich, Chair of Software Engineering JOT, 2003 Vol. 2, No. 1, January-February 2003 Engineering Security Requirements Donald G. Firesmith,

More information

A Multilevel Secure MapReduce Framework for Cross-Domain Information Sharing in the Cloud

A Multilevel Secure MapReduce Framework for Cross-Domain Information Sharing in the Cloud A Multilevel Secure MapReduce Framework for Cross-Domain Information Sharing in the Cloud Thuy D. Nguyen, Cynthia E. Irvine, Jean Khosalim Department of Computer Science Ground System Architectures Workshop

More information

SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015

SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 SDN Security Challenges Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 Cybersecurity Enhancement Act 2014 Public-Private Collaboration on Security (NIST

More information

HANDBOOK 8 NETWORK SECURITY Version 1.0

HANDBOOK 8 NETWORK SECURITY Version 1.0 Australian Communications-Electronic Security Instruction 33 (ACSI 33) Point of Contact: Customer Services Team Phone: 02 6265 0197 Email: assist@dsd.gov.au HANDBOOK 8 NETWORK SECURITY Version 1.0 Objectives

More information

Intelligent. Data Sheet

Intelligent. Data Sheet Cisco IPS Software Product Overview Cisco IPS Software is the industry s leading network-based intrusion prevention software. It provides intelligent, precise, and flexible protection for your business

More information

Enterprise A Closer Look at Wireless Intrusion Detection:

Enterprise A Closer Look at Wireless Intrusion Detection: White Paper Enterprise A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model Josh Wright Senior Security Researcher Introduction As wireless enterprise networks become

More information

UNCLASSIFIED. Trademark Information

UNCLASSIFIED. Trademark Information SAMSUNG KNOX ANDROID 1.0 SECURITY TECHNICAL IMPLEMENTATION GUIDE (STIG) OVERVIEW Version 1, Release 1 3 May 2013 Developed by Samsung Electronics Co., Ltd.; Fixmo, Inc.; and General Dynamics C4 Systems,

More information

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems U.S. Office of Personnel Management Actions to Strengthen Cybersecurity and Protect Critical IT Systems June 2015 1 I. Introduction The recent intrusions into U.S. Office of Personnel Management (OPM)

More information

Assumption Busters Workshop - Cloud Computing

Assumption Busters Workshop - Cloud Computing Assumption Busters Workshop - Cloud Computing Background: In 2011, the U.S. Federal Cyber Research Community conducted a series of four workshops designed to examine key assumptions that underlie current

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

PEER-TO-PEER NETWORK

PEER-TO-PEER NETWORK PEER-TO-PEER NETWORK February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

CESG Certification of Cyber Security Training Courses

CESG Certification of Cyber Security Training Courses CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security

More information

PANEL SESSION: INFORMATION SECURITY RESEARCH AND DEVELOPMENT IN ACADEMIA

PANEL SESSION: INFORMATION SECURITY RESEARCH AND DEVELOPMENT IN ACADEMIA PANEL SESSION: INFORMATION SECURITY RESEARCH AND DEVELOPMENT IN ACADEMIA Panel Chair: Dr. Susan M. Bridges, Mississippi State University Panelists: Dr. Blaine W. Burnham, Georgia Tech Dr. Dipankar Dasgupta,

More information

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)

More information

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification 1. Module Title Information Security 2. Module Code: CS403INS 3. Module Level - Forth Stage 4. Module Leader Safwan M. 5. Teaching Semester 7 and 8 Soran University Faculty of Science and Engineering Computer

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations

More information

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY-274 Privacy, Ethics & Computer Forensics

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY-274 Privacy, Ethics & Computer Forensics RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE CISY-274 Privacy, Ethics & Computer Forensics I. Basic Course Information A. Course Number & Title: CISY-274 - Privacy, Ethics, & Computer Forensics B. New

More information

Cybersecurity Definitions and Academic Landscape

Cybersecurity Definitions and Academic Landscape Cybersecurity Definitions and Academic Landscape Balkrishnan Dasarathy, PhD Program Director, Information Assurance Graduate School University of Maryland University College (UMUC) Email: Balakrishnan.Dasarathy@umuc.edu

More information

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? SaaS vs. COTS Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? Unlike COTS solutions, SIMCO s CERDAAC is software that is offered as a service (SaaS). This offers several

More information

GE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems

GE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems GE Measurement & Control Top 10 Cyber Vulnerabilities for Control Systems GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used

More information

Cybersecurity for the C-Level

Cybersecurity for the C-Level Cybersecurity for the C-Level Director Glossary of Defined Cybersecurity Terms A Active Attack An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources,

More information

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced

More information

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model Table of Contents Introduction 3 Deployment approaches 3 Overlay monitoring 3 Integrated monitoring 4 Hybrid

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT NETWORKED SYSTEMS SECURITY J/601/7332 LEVEL 3 UNIT 28 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 NETWORKED SYSTEMS SECURITY

More information

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.

More information

PANEL TITLE: UNIVERSITY APPROACHES TO INFORMATION SECURITY EDUCATION - CHALLENGES, ISSUES, SUCCESSES, AND OPPORTUNITIES

PANEL TITLE: UNIVERSITY APPROACHES TO INFORMATION SECURITY EDUCATION - CHALLENGES, ISSUES, SUCCESSES, AND OPPORTUNITIES PANEL TITLE: UNIVERSITY APPROACHES TO INFORMATION SECURITY EDUCATION - CHALLENGES, ISSUES, SUCCESSES, AND OPPORTUNITIES PANEL CHAIR: Dr. Rayford Vaughn ( Mississippi State University): Dr. Vaughn teaches

More information

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013 CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

Potential Thesis Topics in Networking

Potential Thesis Topics in Networking Geoff Xie 1 Potential Thesis Topics in Networking Prof. Geoffrey Xie xie@cs.nps.navy.mil, SP 544C April 2002 http://www.saamnet.org 1 What my Research Projects Offer Total learning experience for you You

More information

A Resilient Protection Device for SIEM Systems

A Resilient Protection Device for SIEM Systems A Resilient Protection Device for SIEM Systems Nuno Neves University of Lisboa, Portugal http://www.di.fc.ul.pt/~nuno Work with: Alysson Bessani, Miguel Garcia, Eric Vial, Ricardo Fonseca, Paulo Veríssimo

More information

Integrating Security into the Curriculum

Integrating Security into the Curriculum Cynthia E. Irvine Shiu-Kai Chin Deborah Frincke Naval Postgraduate School Syracuse University University of Idaho Cybersquare Integrating Security into the Curriculum Computer security can be used as a

More information

MS in Computer Science with specialization in Computer Security. Prof. Clifford Neuman bcn@isi.edu

MS in Computer Science with specialization in Computer Security. Prof. Clifford Neuman bcn@isi.edu MS in Computer Science with specialization in Computer Security Prof. Clifford Neuman bcn@isi.edu Computer Security Specialization Computer Security is a hot area of study with a critical need Needed by

More information

HP Security Framework. Jakub Andrle

HP Security Framework. Jakub Andrle HP Security Framework Jakub Andrle Hewlett-Packard 11.place in Fortune Magazine chart In fiscal year 2007 we achieved $7bilions growth CEO HP - Mark Hurd, company residence - Palo Alto, California, USA

More information

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human

More information

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial

More information
2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information