MASSIF: A Promising Solution to Enhance Olympic Games IT Security



Similar documents
Management of Security Information and Events in Future Internet

Information Security Management at the Olympics: Finding the Needle in the Haystack

What is Security Intelligence?

Cloud security architecture

A Scalable SIEM Correlation Engine and its Application to the Olympic Games IT Infrastructure

Q1 Labs Corporate Overview

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110

Towards Smart and Intelligent SDN Controller

Information Technology Policy

CAS8489 Delivering Security as a Service (SIEMaaS) November 2014

Trust areas: a security paradigm for the Future Internet

Cybersecurity Delivering Confidence in the Cyber Domain

MASSIF: A Highly Scalable SIEM

Bellevue University Cybersecurity Programs & Courses

BIG DATA. Shaun McLagan General Manager, RSA Australia and New Zealand CHANGING THE REALM OF POSSIBILITY IN SECURITY

IBM Security IBM Corporation IBM Corporation

How Network Operators Do Prepare for the Rise of the Machines

eguide: Designing a Continuous Response Architecture 5 Steps For Windows Server 2003 End of Life Success

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Update On Smart Grid Cyber Security

CISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY

EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015

National Cyber Security Policy -2013

Boosting enterprise security with integrated log management

Eoin Thornton Senior Security Architect Zinopy Security Ltd.

Getting Real Real Time Data Integration Patterns and Architectures

Information & Asset Protection with SIEM and DLP

Assuria from ZeroDayLab

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst

Protecting Communication in SIEM systems

Cybersecurity: Mission integration to protect your assets

Clavister InSight TM. Protecting Values

Workprogramme 2013 objective 1.2. Sandro D Elia. Software & Service Architectures and Infrastructures

Become a hunter: fi nding the true value of SIEM.

Big Data-ready, Secure & Sovereign Cloud

G DATA TechPaper #0275. G DATA Network Monitoring

Chapter 1: Introduction

WORK PROGRAMME Topic ICT 9: Tools and Methods for Software Development

Analyzing HTTP/HTTPS Traffic Logs

How To Buy Nitro Security

The Sumo Logic Solution: Security and Compliance

LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

Sport expertise. reinventing. your digital experience. with smart solutions for sport

H2020 "Secure Societies" Work Programme Digital Security 2015

Safeguarding the cloud with IBM Dynamic Cloud Security

Software services competence in research and development activities at PSNC. Cezary Mazurek PSNC, Poland

IBM Security QRadar Vulnerability Manager

ASCETiC Whitepaper. Motivation. ASCETiC Toolbox Business Goals. Approach

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

ALERT LOGIC FOR HIPAA COMPLIANCE

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy.

IBM QRadar Security Intelligence Platform appliances

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

A COMPLETE APPROACH TO SECURITY

A Vision for Operational Analytics as the Enabler for Business Focused Hybrid Cloud Operations

Revitalising your Data Centre by Injecting Cloud Computing Attributes. Ricardo Lamas, Cloud Computing Consulting Architect IBM Australia

IBM Security QRadar Risk Manager

Data Center Infrastructure Management. optimize. your data center with our. DCIM weather station. Your business technologists.

Security strategies to stay off the Børsen front page

secure user IDs and business processes Identity and Access Management solutions Your business technologists. Powering progress

IBM QRadar Security Intelligence April 2013

RAVEN, Network Security and Health for the Enterprise

Cyber Security and Privacy - Program 183

Delivering Managed Services Using Next Generation Branch Architectures

Syslog Analyzer ABOUT US. Member of the TeleManagement Forum

Federal Aviation Administration. efast. Cloud Computing Services. 25 October Federal Aviation Administration

What s New in Security Analytics Be the Hunter.. Not the Hunted

Associate Prof. Dr. Victor Onomza Waziri

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Cesario Di Sarno. Security Information and Event Management in Critical Infrastructures

Workshop on Collaborative Security and Privacy Technologies

freedom business unleashed enterprise cloud computing Your business technologists. Powering progress

Nokia Networks. security you can rely on

RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA

IBM Security QRadar Risk Manager

IBM EXAM QUESTIONS & ANSWERS

Objective 1.2 Cloud Computing, Internet of Services and Advanced Software Engineering

Real-time distributed Complex Event Processing for Big Data scenarios

The Emergence of Security Business Intelligence: Risk

TRAVERSE: HIGH AVAILABILITY CONFIGURATIONS

CLOUD BASED SEMANTIC EVENT PROCESSING FOR

FIVE PRACTICAL STEPS

State of Security Monitoring of Public Cloud

Metrics that Matter Security Risk Analytics

Transcription:

MAnagementof Security information and events in Service InFrastructures MASSIF: A Promising Solution to Enhance Olympic Games IT Security 7th ICGS3 / 4th e-democracy Joint Conferences 2011 August 25 th 2011. Thessaloniki (Greece) Elsa Prieto (Atos), R.Díaz (Atos), L.Romano (CINI), R. Rieke (Fraunhofer), M.Achemlal (F. Telecom). www.massif-project.eu Project funded by the European Commission ICT workprogramme 2009 (FP7-ICT-2009-5)

Outlook Olympic Games scenario MASSIF overview and proposal MASSIF progress and next steps 2

The Olympic Game Scenario 3

The Olympic Games in Numbers Vancouver 2010 Olympic Winter Games Coverage on 300 TV stations 3.5 billion worldwide television viewers 17 daysof competition 50,000 workforce members 50,000 hours of total broadcast 9 venues 275 million visitors in total to official website 96,409 people accredited 15 sport disciplines 10,800 media representatives more than 100 websites worldwide Source: Vancouver Organizing Committee (http://www.newswire.ca/en/releases/archive/february2010/28/c5535.html) 4

Olympic Games IT Infrastructure Objective: protect the IT infrastructure from any undesired and/or uncontrolled phenomena which can impact any parts of the result chain and associated services. 5

The Olympic Security Infrastructure (AHPS) Atos High Performance Security (AHPS): Millions of raw events reduced to a few considered critical with no impact on the Olympic Games. Challenges and limitations: Need for real-time solutions to Security Events. The number of security event types. The amount of generated events to be handled. Security is focused on Logical (IT) security. Limited service level (business process) events correlation: technology focused. Misuse cases (e.g: low & slow attacks) 443.000 correlate d events 1.500 alarms 201 million filtered events 90 critical events 6

MASSIF Overview & Proposal 7

Why MASSIF? Management of incidents and events (SIEM) Near-real time notification; Proactive management of incidents and events. Limitations of current SIEM solutions: Restriction to infrastructure Inability to interpret events and incidents from other layers Inability to provide high degree if trustworthiness or resilience in the event collection environment No scalability to provide posture of the environments when considering global deployment of ICT infrastructure. 8

MASSIF Objectives Development of a new generation SIEM framework for service infrastructures. Security event processing: multi-domain multi-level scalable elastic and distributed intelligent Predictive security monitoring. Trustworthiness & resilience of event collection framework 9

MASSIF results will be demonstrated in: Four field scenarios: MASSIF scenarios Olympic Games IT infrastructure Mobile phone based money transfer service Managed Enterprise Service Infrastructures Critical infrastructure process control Existing OS SIEM solutions: 10

MASSIF Architecture Overview 11

MASSIF Challenges Minimum impact on the monitored system. Collection (Generic Event Translator) High interoperability: heterogeneity of input sources (adaptable parsers) High scalability: handle and propagation of load peaks (no loss). Smart probes (complex event patterns) Processing (engine). High scalability: 100s of thousands of events per second. Parallelization in distributed collectors in a computing cloud. Elasticity: coupling the flow of events. Correlation: Cross-layer: logical security, physical security and service layer. 12

MASSIF Challenges (II) Predictive security monitoring: Attack/Process models to derive near-future security problems. Countermeasures selection (ontology-driven). Resilience: Resilient Event Bus (suite of protocols) to secure the information flow. MASSIF Information Switches (MIS) - MASSIF Information Agents (MIA). Overlay network able to deliver messages in a securely and timely way. Incremental resilience strategies. Trusted timestamp. Sensitive Information (forensic support) Least persistence principle. Privacy. Authenticity, confidentiality and unforgeability. 13

MASSIF Progress & Next Steps 14

2011: 2012: 2013: MASSIF Progress & Next Steps Scenarios characterization. Design & initial developments. Developments Tool adaptation & Integration. First MASSIF workshop. Final developments & integration. Adaptation to scenarios & Evaluation of results Final MASSIF Workshop. Our ambition is to leverage MASSIF results for future Olympic Games events. 15

Project Coordinator Contacts Pedro SORIA pedro.soria@atos.net Scientific Coordinator Technical Coordinator Roland RIEKE Roland.Rieke@sit.fraunhofer.de Hervé DEBAR herve.debar@telecom-sudparis.eu Project Website: http://massif-project.eu 16

Thank you for your attention! Elsa PRIETO. elsa.prieto@atosresearch.eu http://www.atos.net 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information