Using Ontologies for Privacy-Awareness in Network Monitoring Workflows

Similar documents
The DEMONS Integrated Access Control Model for Collaborative Network Monitoring

A Privacy-Aware Access Control Model for Distributed Network Monitoring

A contextual privacy-aware access control model for network monitoring workflows: work in progress

UML TUTORIALS THE USE CASE MODEL

The Enterprise Service Bus: Making Service-Oriented Architecture Real

The Way to SOA Concept, Architectural Components and Organization

Service-Oriented Architectures

Monitoring within an Autonomic Network: A. Framework

Questions? Assignment. Techniques for Gathering Requirements. Gathering and Analysing Requirements

Introducing Basic MPLS Concepts

The Service Revolution software engineering without programming languages

Dagstuhl seminar on Service Oriented Computing. Service design and development. Group report by Barbara Pernici, Politecnico di Milano

Flow Analysis Versus Packet Analysis. What Should You Choose?

The case for service oriented architecture in realising trusted, interoperable, pan-european egovernment services.

Business-Driven Software Engineering Lecture 3 Foundations of Processes

The Need for a Choreography-aware Service Bus

Combining SAWSDL, OWL DL and UDDI for Semantically Enhanced Web Service Discovery

Queensland recordkeeping metadata standard and guideline

Security Challenges & Opportunities in Software Defined Networks (SDN)

ITU-T Kaleidoscope Conference Innovations in NGN. Managing NGN using the SOA Philosophy. Y. Fun Hu University of Bradford

Semantic EPC: Enhancing Process Modeling Using Ontologies

Semantic Variability Modeling for Multi-staged Service Composition

Online Network Traffic Security Inspection Using MMT Tool

draft-forwarding-label-ccn- 01.txt

Independent Insight for Service Oriented Practice. An SOA Roadmap. John C. Butler Chief Architect. A CBDI Partner Company.

Service Oriented Networks Security. David Brossard, M.Eng, SCEA Senior Security Researcher, BT Innovate Globecom 2008

Semantic Business Process Management

Automatic Composition of Web Services

Cloud Federations in Contrail

A CLOUD SERVICE BROKER WITH LEGAL-RULE COMPLIANCE CHECKING AND QUALITY ASSURANCE CAPABILITIES

Legal Aspects of the MonIKA-Project - Privacy meets Cybersecurity

Network Address Translation (NAT)

Prototype of a Platform for Business Collaboration

NetFlow/IPFIX Various Thoughts

Introduction to Service Oriented Architectures (SOA)

Enabling Integrated Care

Security Domain Separation as Prerequisite for Business Flexibility. Igor Furgel T-Systems

EU CUSTOMS BUSINESS PROCESS MODELLING POLICY

EXHIBIT A. Part IV Content Identification 1. the transmission of content, it is important to consider how content can be identified (e.g.

On the general structure of ontologies of instructional models

Service Modelling & Service Architecture:

TOWARDS ENVIRONMENTAL PROCESS SHARING FOR GEOSS

Using TechExcel s DevSuite to Achieve FDA Software Validation Compliance For Medical Software Device Development

Policy-based Service Management

Workshop on Collaborative Security and Privacy Technologies

Cisco CCNP Optimizing Converged Cisco Networks (ONT)

Business Rule Standards -- Interoperability and Portability

10 Years of Hype Cycles - Do We Forget Knowledge?

Ontologies for Enterprise Integration

Savera Tanwir. Internet Protocol

SPIKE 1 A Collaboration Platform for Short-Term Virtual Business Alliances

MODELING OF SERVICE ORIENTED ARCHITECTURE: FROM BUSINESS PROCESS TO SERVICE REALISATION

Overview of major concepts in the service oriented extended OeBTO

(BA122) Software Engineer s Workshop (SEW)

Service Broker for 3 Party Enabling

Business Object Document (BOD) Message Architecture for OAGIS Release 9.+

Lecture 03 ( ) Quality of the Software Development Process

COSC 3351 Software Design. Recap for the first quiz. Edgar Gabriel. Spring For the 1 st Quiz

A MORE FLEXIBLE MULTI-TENANT SOA FOR SAAS

Challenges and Opportunities for formal specifications in Service Oriented Architectures

Service-Oriented Architecture and Software Engineering

TECHNICAL SPECIFICATION: LEGISLATION EXECUTING CLOUD SERVICES

WOICE: a Decentralized System for Ubiquitous VoIP Services

The SPES Methodology Modeling- and Analysis Techniques

Use Case Diagrams. Tutorial

SOFTWARE DEFINED NETWORKS REALITY CHECK. DENOG5, Darmstadt, 14/11/2013 Carsten Michel

Software Active Online Monitoring Under. Anticipatory Semantics

Defining Generic Architecture for Cloud Infrastructure as a Service Model

McAfee Next Generation Firewall (NGFW) Administration Course

S o l u t i o n O v e r v i e w. Optimising Service Assurance with Vitria Operational Intelligence

Agenda. Distributed System Structures. Why Distributed Systems? Motivation

IPv6 SECURITY. May The Government of the Hong Kong Special Administrative Region

Cordys Business Operations Platform

Lecture Notes course Software Development of Web Services

Enterprise Architecture at Work

Engineering Process Software Qualities Software Architectural Design

Processes, services and business agility

Computer Network Foundation. Chun-Jen (James) Chung. Arizona State University

IEEE International Conference on Computing, Analytics and Security Trends CAST-2016 (19 21 December, 2016) Call for Paper

Implementing VoIP monitoring solutions. Deployment note

Compliance ow - managing the compliance of dynamic and complex processes

Software + Services Using WCF and WF

Business Process Modeling Information Systems in Industry ( )

Oracle Service Bus: - When to use, where to use and when not to use

Software Defined Networking & Openflow

41. How Should Services Be Identified or Specified to Maximize Reuse?

Reusable Knowledge-based Components for Building Software. Applications: A Knowledge Modelling Approach

Specification and Analysis of Contracts Lecture 1 Introduction

Data-Aware Service Choreographies through Transparent Data Exchange

How To Develop Software

Open S-BPM: Goals and Architecture

SEMANTIC-BASED AUTHORING OF TECHNICAL DOCUMENTATION

Cloud Monitoring and Auditing with CADF (Cloud Auditing and Data Federation)

Intelligent Agents The New perspective Enhancing Network Security

TECHNICAL SPECIFICATION: SECURE LEGISLATION-AWARE STORAGE SOLUTION

Distributed Data Management

An Oracle White Paper October Maximize the Benefits of Oracle SOA Suite 11g with Oracle Service Bus

Fujitsu Service-Oriented Architecture (SOA) A Web Services Framework

Oracle Service Bus vs. Oracle Enterprise Service Bus vs. BPEL wann soll welche Komponente eingesetzt werden?

Huawei Technologies ERC Position Statement: Towards a Future Internet Public Private Partnership

Transcription:

Using Ontologies for Privacy-Awareness in Network Monitoring Workflows Georgios V. Lioudakis Institute of Communication and Computer Systems National Technical University of Athens Workshop on Collaborative Security and Privacy Technologies Cyber Security & Privacy EU Forum 2012

Motivating/Supporting Initiatives FP6 IST DISCREET Discreet Service Provision in Smart Environments 2005 2008 FP7 ICT PRISM PRIvacy-aware Secure Monitoring 2008 2010 FP7 ICT DEMONS DEcentralized, cooperative, and privacy-preserving MONitoring for trustworthiness 2010 2012 ETSI ISG MOI Measurement Ontology for IP Traffic 2009

Passive Network Monitoring Inspection of the actual network traffic using special software and/or hardware equipment Range of applications: Operation and management of communication networks Identification of performance bottlenecks Network security (IDS, ADS, ) Network planning Accounting and billing of network services Validation of SLAs Observation and fine-tuning of QoS parameters Internet research based on collected traffic traces Law enforcement (data retention, lawful interception, )

Passive Network Monitoring Serious drawback: privacy implications! Relies natively on personal data collection and processing Various documented privacy violation mishaps Passive Network Monitoring special characteristics: Privacy-sensitive information exceeds payload and spans across various protocol headers and other communication metadata Too much personal information can be inferred and extracted using advanced processing techniques (statistical analysis, fingerprinting, ) Specific regulations govern the underlying services and data Very high data rates and consequent performance requirements Distributed and cooperative nature of operations and infrastructures Intra-domain Inter-domain

Fundamentals of the Approach Realisation of Privacy by Design Privacy-aware information flows and operations Enforcement of privacy-aware access control across the flows Contextual behaviour of the system Automatic integration of protection means Anonymisation, pseudonymisation, aggregation modules Complementary actions Consideration of the semantics of various concepts, such as: Data types, roles, operational processes, purposes for data collection and processing Use of ontologies for: Information modelling Workflow modelling Access and usage control rules specification

Execution Phase Planning Phase DEMONS Workflow Management Architecture Workflow Model Checker Reasoner <?xml version="1.0"?> <rdf:rdf xmlns:xsp=http://www.owl- Policies WF Planning Environment Capabilities Matching Orchestration Layer Orchestration Interface Capabilities Bus Orchestrator Orchestrator Orchestrator Components Layer Components Interface Agent Agent Agent Agent Agent Control Message Bus Context Bus

DEMONS Workflows A workflow consists of tasks and their interactions w = T, F C, F D, where T = t 1, t 2,..., t n, t i = a i, op i, res i w F C : control flow associations F D : data flow associations + a declared purpose pu, e.g., NetworkSecurity + User role(s) r, e.g., NetworkAdministrator Overall WF = w, r k, pu or WF = w, r k, pu m for a stored workflow template GetUser Feeback [ MPF > 0.7 ] { uf } Start CaptureTraffic DetectBotnet [ MPF > 0.7 ] { MPF, uf } ReportToAUI [ Always ]

Workflow Verification Mechanism Ensures that the user-specified workflow is rendered privacy compliant before entering the execution phase A three steps procedure: 1. Purpose Verification: Checks regarding purpose compliance (relevance, consistency, etc.) 2. Skin Task Verification: User-specified tasks checked individually and in relation to each other 3. Decomposition: Composite skin tasks refinement and evaluation, until the level of atomic tasks Relies on a policy-based access control model Core components: Model Checker and Reasoner

Planning Phase Outcome GetUser Feeback [ MPF > 0.7 ] { uf } Start CaptureTraffic DetectBotnet [ MPF > 0.7 ] { MPF, uf } ReportToAUI [ Always ] GetUser Feeback [ 0.8 > MPF > 0.7 ] ProxyMode Anonymise [ MPF > 0.7 ] BlockingMode DetectBotnet CorrelateAlerts ReportToAUI [ MPF > 0.7 ] { uf } [ 1.0 > MPF > 0.9 ] [ 0.9 > MPF > 0.8 && uf == Int-m ] InteractionMode CaptureTraffic Start InformSecurityOfficer [ 0.9 > MPF > 0.8 && uf == Dis-m ] [ Always ] DisinfectionMode

Execution Phase Planning Phase Workflow Splitting and Dispatching Anonymise CaptureTraffic Start GetUser Feeback [ MPF > 0.7 ] DetectBotnet CorrelateAlerts ReportToAUI Orchestration Layer [ MPF > 0.7 ] InformSecurityOfficer { uf } WF Planning Environment [ 0.8 > MPF > 0.7 ] [ 1.0 > MPF > 0.9 ] [ 0.9 > MPF > 0.8 Reasoner Workflow && <?xml version="1.0"?> <rdf:rdf Model uf == Int-m ] xmlns:xsp=http://www.owl- InteractionMode Checker Policies [ 0.9 > MPF > 0.8 && uf == Dis-m ] DisinfectionMode Capabilities Matching [ Always ] Orchestration Interface ProxyMode BlockingMode Capabilities Bus Orchestrator Orchestrator Orchestrator Components Layer Components Interface Agent Agent Agent Agent Agent Control Message Bus Context Bus

Workflows as Ontologies GetUser Feeback [ 0.8 > MPF > 0.7 ] ProxyMode Anonymise [ MPF > 0.7 ] { uf } [ 1.0 > MPF > 0.9 ] BlockingMode DetectBotnet CorrelateAlerts ReportToAUI [ MPF > 0.7 ] [ 0.9 > MPF > 0.8 && uf == Int-m ] InteractionMode CaptureTraffic Start InformSecurityOfficer [ 0.9 > MPF > 0.8 && uf == Dis-m ] [ Always ] DisinfectionMode DEMONS introduces an innovative approach for workflows description Motivation: the integration of typically disjoint BPM and scientific workflows Instead of legacy methods (e.g., BPMN), use of ontologies

Workflows as Ontologies GetUser Feeback [ 0.8 > MPF > 0.7 ] ProxyMode Anonymise [ MPF > 0.7 ] { uf } [ 1.0 > MPF > 0.9 ] BlockingMode DetectBotnet CorrelateAlerts ReportToAUI [ MPF > 0.7 ] [ 0.9 > MPF > 0.8 && uf == Int-m ] InteractionMode CaptureTraffic Start InformSecurityOfficer [ 0.9 > MPF > 0.8 && uf == Dis-m ] [ Always ] DisinfectionMode Class: TaskNode Annotation properties: actor, operation, resource, security policies, attributes, Object properties: describing connections with flow arrows

Workflows as Ontologies GetUser Feeback [ 0.8 > MPF > 0.7 ] ProxyMode Anonymise [ MPF > 0.7 ] DetectBotnet CorrelateAlerts ReportToAUI [ MPF > 0.7 ] { uf } [ 1.0 > MPF > 0.9 ] [ 0.9 > MPF > 0.8 && uf == Int-m ] BlockingMode InteractionMode CaptureTraffic Start InformSecurityOfficer [ 0.9 > MPF > 0.8 && uf == Dis-m ] [ Always ] DisinfectionMode Class: DataEdge Annotation properties: data type, condition, Object properties: source, destination

Workflows as Ontologies GetUser Feeback [ 0.8 > MPF > 0.7 ] ProxyMode Anonymise [ MPF > 0.7 ] DetectBotnet CorrelateAlerts ReportToAUI [ MPF > 0.7 ] { uf } [ 1.0 > MPF > 0.9 ] [ 0.9 > MPF > 0.8 && uf == Int-m ] BlockingMode InteractionMode CaptureTraffic Start InformSecurityOfficer [ 0.9 > MPF > 0.8 && uf == Dis-m ] [ Always ] DisinfectionMode Class: ControlEdge Annotation properties: parameter, condition, Object properties: source, destination

Workflows as Ontologies: Example GetUser Feeback [ MPF > 0.7 ] { uf } Start CaptureTraffic DetectBotnet [ MPF > 0.7 ] { MPF, uf } ReportToAUI [ Always ] Reference workflow, assuming: Purpose: BotnetMitigation Initiator: NetworkAdministrator

Workflows as Ontologies: Example GetUserFeedback1 ControlEdge hasdestination I I hasdestination I DataEdge hassource hassource Capture Traffic hasresource hasoperation CaptureTraffic1 hasactor I hassource MPF > 0.7 DetectBotnet1 hascondition I hassource 1 I hasdestination I DataEdge1 TaskNode hasdestination I hasdestination DataEdge2 hassource DataEdge4 I hassource I DataEdge3 hasdestination hascondition Always ReportToAUI1 I Purpose I BotnetMitigation Initiator I NetworkAdministrator

DEMONS Policy model The basis upon which Workflow Verification Procedure is grounded Provides the necessary knowledge for the operation of the system Two fundamental parts: Information Model, capturing all the concepts identified by the elaboration of the legal requirements and the network monitoring domain Rules, implementing the principles of necessity, proportionality, adequacy, minimisation, access limitation Fully implemented as an ontology

Information Model: Abstract Entities Purposes hasinputdata DataTypes mayactforpurposes mayservepurposes hasoutputdata hasinputalerts AlertTypes Roles Operations hasoutputalerts OrganisationTypes providesoperations Context MachineTypes hostscontainers OperationContainerTypes Various internal associations resulting in hierarchies

assignedwithroles isoforganisationtype isofmachinetype implementsoperation isofcontainertype isofdatatype isofalerttype Information Model: from Abstract to Concrete Entities Abstract Level mayactforpurposes Roles Purposes mayservepurposes DataTypes hasinputdata hasoutputdata AlertTypes hasinputalerts Operations hasoutputalerts Context Organisation Types MachineTypes hostscontainers providesoperations OperationContainer Types Data Users Operation Instances Alerts Organisations Machines hostscontainers providesoperationinstances OperationContainers Concrete Level

israw israw Information Model as an Ontology Example: Data Types hierarchies DataType YES YES isa IPv4Address lessdetailedthan contains IPv4Address NetworkID SourceIPv4 Address 6

israw israw Information Model as an Ontology Example: Data Types hierarchies DataType YES Ontological Class YES isa IPv4Address lessdetailedthan contains IPv4Address NetworkID SourceIPv4 Address 6

israw israw Information Model as an Ontology Example: Data Types hierarchies DataType YES YES isa IPv4Address lessdetailedthan contains IPv4Address NetworkID SourceIPv4 Address Individuals of the DataType class 6

israw israw Information Model as an Ontology Example: Data Types hierarchies DataType YES YES isa IPv4Address lessdetailedthan contains IPv4Address NetworkID SourceIPv4 Address Object properties 6

israw israw Information Model as an Ontology Example: Data Types hierarchies DataType YES YES isa IPv4Address lessdetailedthan contains IPv4Address NetworkID SourceIPv4 Address 6 Annotation Properties

Actions Whatever takes place in the context of DEMONS operation is seen as an operation of an actor on a resource Action Actor Operation Resource

Actions and Tasks By adding the organisation Org or the organisation type OrgT within which the action takes place: act i = a i, op i, res i, org An action act i being a part of a workflow w constitutes a task t i : t i = a i, op i, res i, org w or act i, w Not all the fields in the tuple need to be populated For instance, act i = *, op i, *, org, implies the execution of op i in org regardless the actor and resource Actions and tasks are atomic or composite following the hierarchical relations of operations

Three Levels of Abstraction R Op OpI hasactor Action hasoperation OpCT OpC U Op OpI R OpCT Op OpC U OpI AlT DT D Al MT M hasresource OrgT hasorganisation Org Abstract Concrete

Rules Permission Prohibition pu act preact cont postact Obligation DEMONS rules are defined over actions At every possible level of abstraction

Rules Permission Prohibition pu act preact cont postact Obligation act Act is the action that the rule applies to

Rules Permission Prohibition pu act preact cont postact Obligation pu Pu is the purpose for which act is permitted/ prohibitted/ obliged to be executed

Rules Permission Prohibition pu act preact cont postact Obligation preact Act is a structure of actions that should have be preceded in order for the rule to be enforced (e.g., another action, paths, etc.)

Rules Permission Prohibition pu act preact cont postact Obligation cont Con is a structure of contextual parameters (real time parameters + attributes evaluation)

Rules Permission Prohibition pu act preact cont postact Obligation postact Act refers to the action(s) that must be executed following the enforcement of the rule

Rules Permission Prohibition pu act preact cont postact Obligation Authorisations inherited across the Information Model s hierarchies Organisation concept not involved in the rule s body but included within each action The rule structure anticipates inter-domain scenarios, as act, preact and postact may take place within different organisations

Rules Permission Prohibition pu act preact cont postact Obligation Pre- and Post- Actions: single actions or Actions connected with logic operators AND, OR, NOT not implying sequence constraints Complex structures of actions named Skeletons Critical or non-critical Pre- and Post- Actions can be either tight or loose

Rules: Separation and Binding of Duty SoD / BoD Definition Permission Prohibition pu act preact cont postact Obligation Contextual constraints Static and dynamic SoD and BoD Defined by means of access and usage control rules Described as constraints between act and preact SoD and BoD apply to any combination of a, op, res, org act & a, op, res, org preact elements Contextual constraints apply (e.g., withinsameworkflow)

Rules: Ontological Representation Permission Prohibition pu act preact cont postact Obligation referstopurpose Purposes Rule appliesunder Context requirespreaction appliesforaction prescribespostaction Actions

For more information: gelioud@icbnet.ntua.gr http://www.fp7-demons.eu/ Thank you for your attention! Any questions?

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information