Cyber Security: Past, Present and Future



Similar documents
Cyber Security: What You Need to Know

The Future of Cyber Security

Security Models: Past, Present and Future

How To Secure Cloud Computing

The Science, Engineering, and Business of Cyber Security

The Science, Engineering, and Business of Cyber Security

The Challenge of Data and Application Security and Privacy (DASPY): Are We Up to It?

Cyber Security Research: A Personal Perspective

Cyber Innovation and Research Consortium

The Future of Access Control: Attributes, Automation and Adaptation

Building the Lync Security Eco System in the Cloud Fact Sheet.

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Foundations Applications Technologies

Cisco Intercloud Fabric Security Features: Technical Overview

Load Balancing SIP Quick Reference Guide v1.3.1

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Understanding and Defending Against the Modern DDoS Threat

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

BM482E Introduction to Computer Security

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Network System Design Lesson Objectives

1 Purpose Scope Roles and Responsibilities Physical & Environmental Security Access Control to the Network...

The Protection Mission a constant endeavor

TeamViewer Security Information

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

DNP Serial SCADA to SCADA Over IP: Standards, Regulations Security and Best Practices

Security Engineering Part III Network Security. Security Protocols (II): IPsec

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

ISG50 Application Note Version 1.0 June, 2011

Network Technology CMP-354-TE. TECEP Test Description

Preparing VoIP and Unified Communications Systems for IPv6 Technical Summary September 2014

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

The need for bandwidth management and QoS control when using public or shared networks for disaster relief work

Networking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the

NETWORK SECURITY (W/LAB) Course Syllabus

Application Note. Onsight TeamLink And Firewall Detect v6.3

Privacy & Security of Mobile Cloud Computing (MCC)

BlackRidge Technology Transport Access Control: Overview

Solutions Guide. Secure Remote Access. Allied Telesis provides comprehensive solutions for secure remote access.

CompTIA Network+ (Exam N10-005)

Attribute-Based Access Control Solutions: Federating Authoritative User Data to Support Relying Party Authorization Decisions and Requirements

TLS/SSL in distributed systems. Eugen Babinciuc

Application Note. Onsight Connect Network Requirements v6.3

Guidance Regarding Skype and Other P2P VoIP Solutions

Why SSL is better than IPsec for Fully Transparent Mobile Network Access

Internet of things (IOT) applications covering industrial domain. Dev Bhattacharya

Fundamentals of a Windows Server Infrastructure MOC 10967

ADMINISTRATIVE POLICY # (2014) Remote Access. Policy Number: ADMINISTRATIVE POLICY # (2014) Remote Access

Chapter 9. IP Secure

How To Understand The Internet Of S (Netware)

FERPA: Data & Transport Security Best Practices

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Bit Chat: A Peer-to-Peer Instant Messenger

Introduction to Cyber Security / Information Security

Virtual Privacy vs. Real Security

Driving Success in 2013: Enabling a Smart Protection Strategy in the age of Consumerization, Cloud and new Cyber Threats. Eva Chen CEO and Co-Founder

How To Protect Your Network From A Hacker Attack On Zcoo Ip Phx From A Pbx From An Ip Phone From A Cell Phone From An Uniden Ip Pho From A Sim Sims (For A Sims) From A

Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)

FIGHTING FRAUD ON 4G. Neutralising threats in the LTE ecosystem

Building the Lync Security Eco System in the Cloud Fact Sheet.

(U)SimMonitor: A New Malware that Compromises the Security of Cellular Technology and Allows Security Evaluation

Network Security Administrator

Lab VI Capturing and monitoring the network traffic

Internet Security Firewalls

Computer Networks. Secure Systems

Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Institute for Cyber Security. A Multi-Tenant RBAC Model for Collaborative Cloud Services

Securing EtherNet/IP Using DPI Firewall Technology

Príprava štúdia matematiky a informatiky na FMFI UK v anglickom jazyku

Telephony Denial of Service (TDoS) Attacks. Dan York, CISSP Chair, VoIP Security Alliance

7.1. Remote Access Connection

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Introduction. What is a Remote Console? What is the Server Service? A Remote Control Enabled (RCE) Console

IT Networking and Security

A P2P SIP Architecture - Two Layer Approach - draft-sipping-shim-p2p-arch-00.txt

DG Forwarding Algorithm

How To Build An Internet Of Things (Iot)

Potential Targets - Field Devices

Best Practices for Securing IP Telephony

Immotec Systems, Inc. SQL Server 2005 Installation Document

How To Create A Large Enterprise Cloud Storage System From A Large Server (Cisco Mds 9000) Family 2 (Cio) 2 (Mds) 2) (Cisa) 2-Year-Old (Cica) 2.5

How To Pass The Information And Network Security Certificate

Cloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive

Secure VoIP for optimal business communication

How To Connect Xbox 360 Game Consoles to the Router by Ethernet cable (RJ45)?

How To Configure Apple ipad for Cyberoam L2TP

Computer and Network Security Exercise no. 4

!! "# $%!& $!$ +) * ', -./01.//1233/ "4, -./01.//12223 *, 565

On the features and challenges of security and privacy in distributed internet of things. C. Anurag Varma CpE /24/2016

Institute for Cyber Security

Transcription:

Cyber Security: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio August 2009 ravi.sandhu@utsa.edu www.profsandhu.com 1

Institute for Cyber Security Founded June 2007: still in start-up mode World leading security modeling and analysis research Role-Based Access Control (RBAC) Model: Commercially dominant model today Usage Control (UCO) Model: Attribute-Based Access Control on Steroids PEI Framework: Policy (what), Enforcement (how), Implementation (how exactly) Group-Centric Information Sharing: Sharing metaphor of meeting room Security for Social etworks Botnet Analysis, Detection and Mitigation Multilevel Secure Architectures Secure Cloud Computing World-leading research infrastructure FlexCloud FlexFarm 2

Cyber Security Objectives ITEGRITY authenticity AVAILABILITY access COFIDETIALITY disclosure 3

Cyber Security Objectives USAGE purpose ITEGRITY authenticity AVAILABILITY access COFIDETIALITY disclosure 4

Cyber Security Objectives USAGE purpose ITEGRITY authenticity USAGE AVAILABILITY access COFIDETIALITY disclosure 5

Cyber Security: Major Trends Major driver is the Internet which itself is in continuous transition Attackers: Morphed from A nuisance to Highly organized criminal ecosystem motivated by money Stealthy infiltrators, spies and saboteurs driven by nation states and terrorists Defenders: Morphed from Closed Enterprise-Centric era to Open Application-Centric/Technology-Centric era Dinosaurs: Mired in old-think Industry: mired in FUD (fear, uncertainty, doubt) Academia: mired in fairy tales 6

Internet Architecture Layer 5+ IM email web social nw VOIP collaboration twitter Layer 4 Layer 3 Transport: TCP, UDP Routing: IP Layer 2 Layer 1 Ethernet WiFi Cable-modem Wide-area network 7

Internet Architecture Layer 5+ I O IM email web social nw VOIP collaboration twitter Layer 4 Layer 3 Layer 2 Layer 1 V A T I O Ethernet WiFi Transport: TCP, UDP Routing: IP Cable-modem Wide-area network 8

Internet Architecture Layer 4 Layer 3 Layer 2 Layer 1 I O V A T I O Layer 5+ IM email web social nw VOIP collaboration twitter Transport: TCP, UDP Routing: IP Ethernet WiFi Security Infrastructure Centric Firewalls, Encryption Cable-modem Wide-area network 9

Internet Architecture Layer 4 Layer 3 Layer 2 Layer 1 I O V A T I O Layer 5+ IM email web social nw VOIP collaboration twitter Transport: TCP, UDP Routing: IP Ethernet WiFi Security Application Centric Security Infrastructure Centric Firewalls, Encryption Cable-modem Wide-area network 10

Policy (What) Group-Centric Information Sharing join Users leave Metaphor: Secure Meeting Room Operational aspects What is authorized by join, add, etc.? Administrative aspects Who authorizes join, add, etc.? Group Can user u read object o? Multiple groups Inter-group relationship add Objects remove 11

g-sis Enforcement (How?) Practical reality 1. Trusted servers 2. Approximation 1. Read Objects 5.1 Request Refresh TRM TRM TRM Group Subjects 3.2 Set Leave-TS (s) 5.2 Update Attributes CC 4.2 Add o to ORL 3.1 Subject Leave (s) 4.1 Object Remove (o) CC: Control Center GA: Group Administrator GA Subject Attributes: {id, Join-TS, Leave- TS, ORL, gkey} ORL: Object Revocation List gkey: Group Key Object Attributes: {id, Add- TS} Refresh Time (RT): TRM contacts CC to update attributes 12

Implementation (How Exactly?) Detailed protocol and algorithm specifications 13

Conclusion PAST, PRESET Cyber security is a young and immature field The attackers are more innovative than defenders Defenders are mired in FUD and fairy tales FUTURE Cyber security will become a scientific discpline Cyber security will be application and technology centric Cyber security will never be solved 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information