Meeting Cyber Security Challenges

Similar documents
Active Learning with the CyberCIEGE Video Game

Update On Smart Grid Cyber Security

TUSKEGEE CYBER SECURITY PATH FORWARD

Weighted Total Mark. Weighted Exam Mark

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

An Approach for Cross-Domain Intrusion Detection

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

A DOCTORAL PROGRAM WITH SPECIALIZATION IN INFORMATION SECURITY A High Assurance Constructive Security Approach

Section 12 MUST BE COMPLETED BY: 4/22

Fundamentals of Network Security - Theory and Practice-

Bellevue University Cybersecurity Programs & Courses

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP

Protecting Organizations from Cyber Attack

Firewalls CSCI 454/554

CS 665: Computer System Security. Designing Trusted Operating Systems. Trusted? What Makes System Trusted. Information Assurance Module

Introduction to Cyber Security / Information Security

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Joint Interpretation Library

---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model---

IQware's Approach to Software and IT security Issues

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Chapter 1: Introduction

EECS 588: Computer and Network Security. Introduction January 14, 2014

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

Priority III: A National Cyberspace Security Awareness and Training Program

Cyber Security Risk Mitigation Checklist

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

External Supplier Control Requirements

Interdisciplinary Program in Information Security and Assurance. By Kossi Edoh NC A&T State University Greensboro

Naval Postgraduate School Department of Computer Science Graduation Checklist for MSCS Degree 6203P Subspecialty Code (Revised: Fall AY14)

MS Information Security (MSIS)

Protecting Your Organisation from Targeted Cyber Intrusion

Cyber Security at NSU

Security A Big Question for Big Data

Bypassing Firewalls: Tools and Techniques

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Cisco Advanced Services for Network Security

EECS 588: Computer and Network Security. Introduction


Security aspects of e-tailing. Chapter 7

Building Robust Security Solutions Using Layering And Independence

Actions and Recommendations (A/R) Summary

Cyber Security Training and Awareness Through Game Play

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

Software Application Control and SDLC

Principles of Information Assurance Syllabus

Mobile Devices and Malicious Code Attack Prevention

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

NIST Cyber Security Activities

INTRUSION DETECTION SYSTEMS and Network Security

Center of Academic Excellence Cyber Operations Program 2013 Application

The University of Alabama Cyber Research Initiatives. Cyber Forensics Research Cyber Security Research

Improvements Needed With Host-Based Intrusion Detection Systems

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

A Multilevel Secure MapReduce Framework for Cross-Domain Information Sharing in the Cloud

SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015

HANDBOOK 8 NETWORK SECURITY Version 1.0

Enterprise A Closer Look at Wireless Intrusion Detection:

UNCLASSIFIED. Trademark Information

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

PEER-TO-PEER NETWORK

CESG Certification of Cyber Security Training Courses

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Ovation Security Center Data Sheet

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY-274 Privacy, Ethics & Computer Forensics

Cybersecurity Definitions and Academic Landscape

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

GE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems

Cybersecurity for the C-Level

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model

OCR LEVEL 3 CAMBRIDGE TECHNICAL

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

Potential Thesis Topics in Networking

MS in Computer Science with specialization in Computer Security. Prof. Clifford Neuman

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

Transcription:

Meeting Cyber Security Challenges Presented to Naval Postgraduate School Cyber Summit 29 October 2009 Cynthia Irvine, PhD, Professor Naval Postgraduate School UNCLASSIFIED

Overview Challenges in Cyber Security Important NPS capabilities Selected research activities Irvine, 29 October 2009 NPS Cyber Security Summit 2

Cyberspace Internet is today s core many interdependencies Information, software, virtual communities Critical infrastructure dependent upon information technology Cyberspace physical infrastructure Irvine, 29 October 2009 NPS Cyber Security Summit 3

Networks upon Networks Cyberspace: hierarchies of virtual and cyber-physical networks Range from tiny to large Many smart, small devices Highly interconnected Hybrid systems pervasive Sensor and control Enormous Complexity Irvine, 29 October 2009 NPS Cyber Security Summit 4

Cyber Security Grand Challenges Extensible Trustworthy Systems Cyber Identity Resilient Survivable Systems Information Provenance Measurement of Security Countering Insiders Ergonomic Security Usability Balance security and privacy Better Methods to Construct & Assess Secure Systems Economic Security reuse and composition Human Capacity Irvine, 29 October 2009 NPS Cyber Security Summit 5

Cyber Security Grand Challenges Extensible Trustworthy Systems Single flaw can topple entire system. Building blocks for which we have high confidence are needed Irvine, 29 October 2009 NPS Cyber Security Summit 6

Cyber Security Grand Challenges Cyber Identity: Who and what am I talking to? Irvine, 29 October 2009 NPS Cyber Security Summit 7

Cyber Security Grand Challenges Resilient Survivable Systems Systems must Degrade gracefully Maintain security under attack Recover securely from fall-back mode In worst case: fail secure Irvine, 29 October 2009 NPS Cyber Security Summit 8

Cyber Security Grand Challenges Information Provenance Real Fake Irvine, 29 October 2009 NPS Cyber Security Summit 9

Cyber Security Grand Challenges Measurement of Security We need to be able to quantify security Technically, to enable system construction So that decision makers can weigh risks Irvine, 29 October 2009 NPS Cyber Security Summit 10

Cyber Security Grand Challenges Countering Insiders Irvine, 29 October 2009 NPS Cyber Security Summit 11

Cyber Security Grand Challenges Ergonomic Security Usability Cyber security hygiene must be understandable and easy to use. Irvine, 29 October 2009 NPS Cyber Security Summit 12

Cyber Security Grand Challenges Balance security and privacy These are sometimes conflicting objectives Can information be authentic yet anonymous? Irvine, 29 October 2009 NPS Cyber Security Summit 13

Cyber Security Grand Challenges Better Methods to Construct & Assess Secure Systems Current tools for constructing secure systems are often inadequate and difficult to use. Irvine, 29 October 2009 NPS Cyber Security Summit 14

Cyber Security Grand Challenges Economic Security Reuse and composition of components Do we have to boil the ocean yet again each time we build a secure system? Irvine, 29 October 2009 NPS Cyber Security Summit 15

Cyber Security Grand Challenges Human Capacity The need for talent at all levels is critical Education must be a high priority Our competiveness in a globalized economy depends on it. Irvine, 29 October 2009 NPS Cyber Security Summit 16

Huge Benefits / Huge Risks Cyber security is enabling technology. Allows activities otherwise unthinkable Risks include Physical failures Technological failures Misuse Crime: extortion, theft Disruption, usurpation Propaganda, disinformation Many risks today adversaries have the upper hand Need to change the balance Irvine, 29 October 2009 NPS Cyber Security Summit 17

Overview Challenges in Cyber Security Important NPS capabilities CISR Educational Programs Selected research activities Irvine, 29 October 2009 NPS Cyber Security Summit 18

Cyber Security In the NPS Computer Science Department, we do it. and we have been doing it well for a long time (1978) Irvine, 29 October 2009 NPS Cyber Security Summit 19

Things we ve been doing well Security Science Theoretical formalisms Models Protocol analysis Constructive Security Highly trustworthy systems Multilevel security Hardware security Security Engineering Tools and application Security Analytics Forensics Data mining Vulnerability analysis Security Applications Intrusion detection Identity management Security Education Courses & Curricula Certificates Games & Outreach Irvine, 29 October 2009 NPS Cyber Security Summit 20

Center for Information Systems Security Studies and Research CISR established in 1996 Began national security education outreach in 1997 Center of Academic Excellence NSA and DHS joint award Information Assurance Education Information Assurance Research Scholarship Programs IASP in cyber security for military officers Inaugural participant NSF Scholarship for Service 60 graduates to date civilian members of Federal workforce Monarch to encourage women and underrepresented groups Synergistic research and education Large research group with critical mass for hard problems Irvine, 29 October 2009 NPS Cyber Security Summit 21

Educational Programs MS and PhD degrees All MS students take introduction to computer security Security track in CS Department 4 required courses 4 electives Thesis research Certificate Programs Identity Management Certificate 4 courses Hybrid format Participants work at their regular jobs while taking classes Information Systems Security Engineering Certificate Currently teaching to students at NSA Irvine, 29 October 2009 NPS Cyber Security Summit 22

Courses: Elementary to Advanced Introduction to Computer Security Secure Management of Systems* Network Security* Secure Systems Principles* Security Policies Models and Formal Methods* Cyber Ethics and Policies Network Vulnerability Analysis and Risk Mitigation Biometrics CS Core * Security Track Required Information Systems Security Engineering Certificate Identity Management Certificate (joint with two IS courses) Identity Management Infrastructure Protocol Analysis Introduction to Information System Security Engineering Applied Information System Security Engineering Secure Systems Lifecycle Wireless Security Advanced Vulnerability Analysis Forensics Data Fusion Certification and Accreditation Advanced topics Irvine, 29 October 2009 NPS Cyber Security Summit 23

Security Applications Security Science Security Engineering Security Analytics Security Education Constructive Security Irvine, 29 October 2009 NPS Cyber Security Summit 24

Security Applications Security Science Security Engineering Security Analytics Security Education Constructive Security Irvine, 29 October 2009 NPS Cyber Security Summit 25

Overview Challenges in Cyber Security Important NPS capabilities Selected research activities Trusted Computing Exemplar Trustworthy Architectures Multilevel Security Cyber Security Game Hardware Security Irvine, 29 October 2009 NPS Cyber Security Summit 26

Trusted Computing Exemplar Project

Address Subversion - Limit Opportunity Need lifecycle assurance High assurance Protection via rigorous security engineering No unspecified functionality Use of formal verification techniques When Applied in MLS Context: Bound information flow Prevents Trojan Horse damage Uses formal models Supports implementation assessment Irvine, 29 October 2009 NPS Cyber Security Summit 28

TCX Integrated Activities Rapid High Assurance Development Framework Configuration Management, Engineering Process, Semantic programming-based documentation system Develop High Assurance Security Concepts Separation Kernel - EAL7 Many student research projects High Assurance Application Authentication Device for MLS Trusted Path Evaluate Components for High Assurance Developing EAL6+ Separation Kernel Protection Profile ST will be EAL7 Disseminate Results via Open Methodology Irvine, 29 October 2009 NPS Cyber Security Summit 29

TCX Benefits Evaluatable Reference Implementation Components with a priori Assurance Against System Subversion Public Availability of High Assurance Development Framework Transfer to Next Generation New Experts in Security Development High Assurance Knowledge and Capabilities Irvine, 29 October 2009 NPS Cyber Security Summit 30

Trustworthy Architectures emergency access to critical data

Emergency Access to Critical Data Most of the time Joe is an ordinary guy During emergencies, he is allowed to access critical information Extraordinary information cannot be leaked to the internet When emergency ends, collected information sent to emergency management Device is purged of emergency information, reset for next emergency Irvine, 29 October 2009 NPS Cyber Security Summit 32

Key Concepts Based on Least Privilege Separation Kernel Ensures separation of normal and emergency information Permits emergency activities to access selected normal data Extraordinary access mediated by high assurance enforcement mechanism Gives cooperating organizations confidence that shared information is protected Trusted path mechanism Receives initial emergency signal Insures that only authorized first responders have access to emergency information Provides ergonomic security Irvine, 29 October 2009 NPS Cyber Security Summit 33

Multilevel Security

Networks that cannot share National policies information protection must be enforced Separate networks for each classification level Internet / NIPRNET / SIPRNET / JWICS Some communities require mandatory separation of compartments Coalitions result in additional networks Problem: No coherent view of classified information Requirements Secure - enforce national policies Usable - support applications that make users productive Scalable - extensible beyond small laboratory experiments Irvine, 29 October 2009 NPS Cyber Security Summit 35

Our Solution: MYSEA The Monterey Security Architecture (MYSEA) A high assurance client-server system that allows authenticated users executing popular commercial applications to securely access data and services at different classification levels simultaneously High assurance multilevel LAN/WAN architecture Many commodity components Commercial off-the shelf workstations, OS and applications Legacy single-level networks Reduce system footprint one PC, many classification levels Strategic high assurance components Policy decision and enforcement Prototype implementation and integrated MLS testbed Irvine, 29 October 2009 NPS Cyber Security Summit 36

MYSEA System View MULTILEVEL ENCLAVE Internet Stateless Client Trusted Path Extension Encrypted Channel Authentication Server MLS Store Single Level COTS Services Firewall FOUO User Dynamic Security Services Manager MLS Store Application Server MLS Store Trusted Channel Module Single Level COTS Services Encryptor Encryptor SECRET User Stateless Client Trusted Path Extension Application Server MLS Store MYSEA High Assurance Component GOTS Component FEDERATION OF MYSEA MLS SERVERS Trusted Channel Module Single Level COTS Services Encryptor Encryptor TOP SECRET Irvine, 29 October 2009 NPS Cyber Security Summit 37

MYSEA Security Features Technical elements Familiar user work environment Integration of MLS LAN with classified networks Centralized security management Dynamic security policies and services True multilevel access to data Single sign-on within the MLS LAN Server replication supports scalability High assurance trusted path SUMMARY MYSEA gives users coherent view of information at different classifications levels Irvine, 29 October 2009 NPS Cyber Security Summit 38

CyberCIEGE a cyber security game

ATTACKERS Player = Information Security Decision Maker User Countermeasures VPNs User Firewalls Antivirus Link encryptors PKI Authentication servers Trojan horse Trap door Insiders Virus / worms / Bots Wiretaps Denial of service Goal Goal Access control lists Cross domain solutions Card readers Biometric scanners Procedural security Goal Goal Asset $$ Network Asset $ Asset $$$$ Vandals Computer Computer Irvine, 29 October 2009 NPS Cyber Security Summit 40

Who Uses CyberCIEGE? Requests by the numbers Navy 60 Army 103 Air Force 104 Marines 20 US Government 139 University 245 Community College 45 High School 18 Other 85 Irvine, 29 October 2009 NPS Cyber Security Summit 41

3Dsec Security in Hardware

Processor Layer Security Layer Post 3DSec: Trustworthy System Security through 3D Integrated Hardware Goal: Build trustworthy systems using commercial hardware components Problem: Integrating specialized security mechanisms is too costly for hardware vendors Idea: Augment commodity hardware after fabrication with a separate layer of security circuitry Silicon Layer 2 Silicon Layer 1 Cross Section Anticipated Benefits: Configurable, protected, low-cost hardware security controls that can override activity in the commodity hardware Privacy Applications: Detect and intercept the execution of malicious code Prevent the microprocessor internals from being exploited to leak crypto keys Tag and Track private information as it flows through a processor

Summary Challenges in Cyber Security Important NPS capabilities Selected research activities NPS resources in CISR and the Department of Computer Science are among best in the world for the study and advancement of Cyber Security. Irvine, 29 October 2009 NPS Cyber Security Summit 44

Cynthia E. Irvine, PhD Director, Center for Information Systems Security Studies and Research Department of Computer Science Naval Postgraduate School Monterey, California irvine@nps.edu Irvine, 29 October 2009 NPS Cyber Security Summit 45

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information