Potential Targets - Field Devices

Similar documents
The Trivial Cisco IP Phones Compromise

Thick Client Application Security

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

Basics of Internet Security

CS5008: Internet Computing

Protection profile of an industrial firewall

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement... 2

Chapter 6: Fundamental Cloud Security

Sync Security and Privacy Brief

Security Issues with Integrated Smart Buildings

Redhawk Network Security, LLC Layton Ave., Suite One, Bend, OR

TELE 301 Network Management. Lecture 18: Network Security

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Topics in Network Security

Network Security Policy

Wireless Security with Cyberoam

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

Improving SCADA Control Systems Security with Software Vulnerability Analysis

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014

Client Server Registration Protocol

FISMA / NIST REVISION 3 COMPLIANCE

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Where every interaction matters.

What is Firewall? A system designed to prevent unauthorized access to or from a private network.

Taxonomic Modeling of Security Threats in Software Defined Networking

Firewalls, Tunnels, and Network Intrusion Detection

Chapter 4 Firewall Protection and Content Filtering

Security vulnerabilities in the Internet and possible solutions

Internet Security and Acceleration Server 2000 with Service Pack 1 Audit. An analysis by Foundstone, Inc.

Taxonomic Modeling of Security Threats in Software Defined Networking. Jennia Hizver PhD in Computer Science

Introduction. -- some basic concepts and terminology -- examples for attacks on protocols -- main network security services

How To Protect The Time System From Being Hacked

Sitefinity Security and Best Practices

DMZ Gateways: Secret Weapons for Data Security

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

Customized Data Exchange Gateway (DEG) for Automated File Exchange across Networks

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

Project 25 Security Services Overview

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

HIPAA Privacy & Security White Paper

INSTANT MESSAGING SECURITY

My FreeScan Vulnerabilities Report

Consensus Policy Resource Community. Lab Security Policy

SECURE AND FUTURE-READY SCADA CONTROL SYSTEMS PREPARE YOUR CRITICAL INFRASTRUCTURE FOR WHAT HAPPENS NEXT

SECURITY ADVISORY FROM PATTON ELECTRONICS

Did you know your security solution can help with PCI compliance too?

Windows Remote Access

How To Secure An Rsa Authentication Agent

A S B

Plain English Guide To Common Criteria Requirements In The. Field Device Protection Profile Version 0.75

Chap. 1: Introduction

Management, Logging and Troubleshooting

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

S E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M. Bomgar. Product Penetration Test. September 2010

CRYPTUS DIPLOMA IN IT SECURITY

Remote Access Security

Achieving PCI-Compliance through Cyberoam

Intro to Firewalls. Summary

CSCI 4250/6250 Fall 2015 Computer and Networks Security

Enumerating and Breaking VoIP

PCI DSS Requirements - Security Controls and Processes

Common Cyber Threats. Common cyber threats include:

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Database Security Guideline. Version 2.0 February 1, 2009 Database Security Consortium Security Guideline WG

Passing PCI Compliance How to Address the Application Security Mandates

IBX Business Network Platform Information Security Controls Document Classification [Public]

TELE 301 Network Management. Lecture 16: Remote Terminal Services

How To Control Vcloud Air From A Microsoft Vcloud (Vcloud)

Supplier Information Security Addendum for GE Restricted Data

VOICE OVER IP SECURITY

SNI Vulnerability Assessment Report

The Self-Hack Audit Stephen James Payoff

The Benefits of SSL Content Inspection ABSTRACT

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

Linux Network Security

Network Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media

Skoot Secure File Transfer

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Wireless Network Security

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Network Security Audit. Vulnerability Assessment (VA)

Protection profile of an industrial switch

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Payment Card Industry (PCI) Executive Report. Pukka Software

White Paper. BD Assurity Linc Software Security. Overview

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE

External Vulnerability Assessment. -Technical Summary- ABC ORGANIZATION

Transcription:

Potential Targets - Field Devices Motorola Field Devices: Remote Terminal Units ACE 3600 Front End Devices ACE IP Gateway ACE Field Interface Unit (ACE FIU) 2

Credential Cracking Repeated attempts to guess authentication credentials in order to gain unauthorized access to the device. 4

Data Alteration & Session Hijacking Interception and modification of communication sent to or from the target in an attempt to force an unauthorized action or affect the integrity of the target. An attempt to hijack an existing authorized session to gain the privileges of the user or device in the existing session. Open #2 Open #1 40 C 20 C 5

Eavesdropping (sniffing) Attack Sniffing communication to or from the target, thereby compromising the confidentiality of the information outside of the target. 6

Escalation of Privilege An attempt to increase authorization rights by attacking the access control configuration. 7

Replay Recording of valid communication sent to the target and replaying all or a portion of the communication to attempt to fool the target into performing an unauthorized action or response. Open Close #1 8

Malformed Data An attempt to compromise the availability or integrity of a target by sending malformed data to the target. Malformed data is data that does not comply with the expected protocol. %$(%_@$@*@^#$ 9

Exploration An attacker may attempt to gather information about the target, the target configuration, or information in the target for use in a future attack or to compromise the target information. 10

Spoofing Impersonating a valid user or device by spoofing the address or some other identifying parameter to attempt to compromise the integrity or availability or the confidentiality of information in the target. 11

Stored Data Attack An attempt to delete or modify information stored in the target to prevent proper operation or to destroy evidence of the attack. 12

Compromising System Integrity An attempt to replace or destroy application code, configuration parameters or system data in the target. 13

Unauthenticated Access Bypassing the authentication mechanism to attempt to compromise the integrity or availability of the target or the confidentiality of information in the target. 14

Unauthorized Action An attempt to perform an unauthorized action by bypassing security in the access control mechanisms. 15

ACE 3600 Advanced Security - Highlights ACE 3600 Advanced Secured System includes: Secured ACE 3600 RTUs Secured ACE IP Gateway and FIU Front-end ACE 3600 Authentication Server Secured configuration & management tools (STS) ACE 3600 RTU CPU ACE IP Gateway STS 17

ACE 3600 System Security Policy ACE 3600 Advanced Security provides a system-wide security policy enforcement solution. ACE 3600 Security Policy is a set of configurable system-wide security parameters for enforcing the organization s security policy in the ACE 3600 system management tools (STS), front-end units and field units. 18

User Accounts To ensure system integrity, a User Account is required to access any part of the ACE 3600 secured system, including management tools (STS), front-end units and field units. User Access is gained by a unique User Name and User Password. User Accounts are managed only by system administrators. 19

User Authentication The users credentials are authenticated by the ACE 3600 Authentication Server. Per security policy definition, users credentials can also be authenticated locally by the field units. The system administrators can enable/disable user access indefinitely or for specific time periods, and for specific field units. 20

Role Based Permissions ACE 3600 Advanced Security uses Roles to restrict access of authorized users. Roles are created by the administrators per various organizational job functions. Permissions to perform certain operations in the system are assigned to specific roles. 21

Field Unit Authentication To ensure system integrity, a field unit receiving a message from another unit, authenticates the M2M (Machine-to-Machine) credentials of the sending unit. 22

Communications Encryption ACE 3600 MDLC protocol enables data communications over a wide range of communications media, such as telephone lines, radio, IP networks, cellular networks, etc. MDLC encryption seamlessly secures the communications over any communication media. The MDLC data encryption uses a FIPS-140-2 approved AES 256 encryption algorithm. 23

Encryption Key Management ACE 3600 management tools provide an efficient Key Management facility to the system administrators. The Key Management facility enables generation, distribution, storage, safeguarding, and tracking of the encryption keys in the system. A group of keys can be downloaded to the units. Key replacement in the units is automatic upon the key expiration date. The new key and the previous key are both valid for a pre-defined time period after key replacement. 24

Data File Encryption A unique data encryption key is created randomly in each field unit. The data encryption key is stored safely in the unit and is not visible to anyone (including the administrators.) Sensitive data files are encrypted on the field units and in the management tools using a FIPS-140-2 approved AES 256 encryption. 25

Security Log The ACE 3600 field units and management tools keep an encrypted local Security Log that contains records of access activity and other security-related events. Events are logged with essential data such as user name, time & date, description and event severity. Alerts can be sent from the ACE 3600 units to the control center upon logging of high severity events. 26

IP Firewall Protects the field units from unauthorized TCP and UDP packet access while permitting legitimate packets to pass. The administrators can specify the list of IP addresses to accept, i.e. the list of IP addresses allowed to pass through this firewall. 27

Secured Programming and Port Scanning Secured coding methodologies are employed in the development process to prevent defects, bugs and logic flaws which might cause commonly exploited software vulnerabilities. Auxiliary data related to debugging and testing which might be exploited is eliminated or encrypted. IP ports are scanned to detect, assess and correct any security vulnerabilities that are found. 28

From vision to reality

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information