Security “Deep Dive”* Open Discussion * Into shark-infested waters.

Slides:

Advertisements

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Advertisements

Professional Services Overview

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

The State of Security Management By Jim Reavis January 2003.

Computer Security: Principles and Practice

Information Assurance and Security: Overview. Information Assurance “Measures that protect and defend information and information systems by ensuring.

Privacy By Design Sample Use Case Privacy Controls Insurance Application- Vehicle Data.

Stanford’s Patch Management Project   Ced Bennett May 17, 2004 Copyright Cedric Bennett This work is the intellectual property of the author. Permission.

Cloud Computing Cloud Security– an overview Keke Chen.

SEC835 Database and Web application security Information Security Architecture.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.

Improving Intrusion Detection System Taminee Shinasharkey CS689 11/2/00.

Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.

FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.

Federal Cyber Policy and Assurance Issues Dwayne Ramsey Computer Protection Program Manager Berkeley Lab Cyber Security Summit September 27, 2004.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion.

Other Quality Attributes Other Important Quality attributes Variability: a special form of modifiability. The ability of a system and its supporting artifacts.

Thoughts on Firewalls: Topologies, Application Impact, Network Management, Tech Support and more Deke Kassabian, April 2007.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.

Information Security What is Information Security?

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

HIPAA Security Final Rule Overview

The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.

CHAPTER 2 Laws of Security. Introduction Laws of security enable user make the judgment about the security of a system. Some of the “laws” are not really.

TLP:Green FIRST/TF-CSIRT Technical Colloquium January 25 th – 27 th, 2016 Prague, CZ TLP:Green.

Lecture 15 Page 1 CS 236 Online Evaluating Running Systems Evaluating system security requires knowing what’s going on Many steps are necessary for a full.

Federated Security Services Ken Klingenstein Day Job: Middleware Night Job: Network Security.

Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.

Best Cyber Security Practices for Counties An introduction to cybersecurity framework.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

Despite of spending high on digital information security, organizations still remain exposed to external threats. However, data center providers are helping.

By: Surapheal Belay ITEC 6322 / Spring ABSTRACT NIST , guide to intrusion detection and prevention systems (IDPS), discusses four types of.

BUT DON’T BE AFRAID TO LEAD! Follow the user! Erik Huizer and Erwin Bleumink.

SELF-DEFENDING NETWORK. CONTENTS Introduction What is Self Defending Network? Types of Network Attacks Structure of Self Defending Network Conclusion.

HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,

Dr. Ir. Yeffry Handoko Putra

Case studies on Authentication, Authorization and Audit in SOA Environments Dr. Srini Kankanahalli.

Add video notes to lecture

ISSeG Integrated Site Security for Grids WP2 - Methodology

The Policy Puzzle Many groups and (proposed) policies, but leaving many open issues AARC “NA3” is tackling a sub-set of these “Levels of Assurance” –

Team 1 – Incident Response

Design for Security Pepper.

Educause/Internet 2 Computer and Network Security Task Force

Center of Excellence in Cyber Security

Cloud Security– an overview Keke Chen

Join the Lean Wave Asanka Abeysinghe

Michael Spiegel, Esq Timothy Shimeall, Ph.D.

Computer Data Security & Privacy

Respond to Advanced Threats with Risk Based Policies and Monitoring

Security in Networking

Cyber defense management

Company Overview & Strategy

Securing Your Digital Transformation

Big Data Inside the Museum

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

AKAMAI INTELLIGENT PLATFORM™

8 Reasons You Need a Security Penetration Test

Securing the Internet of Things: Key Insights and Best Practices Across the Industry Theresa Bui Revon IoT Cloud Strategy.

Registrars are a Barrier to Collaboration: Truth or CIO Pretext?

Data Warehousing Data Mining Privacy

Autonomous Network Alerting Systems and Programmable Networks

Mohammad Alauthman Computer Security Mohammad Alauthman

Preventing Privilege Escalation

Introduction to SOA Part II: SOA in the enterprise

What is the optimal future architecture for spectrum monitoring?

Presentation transcript:

Security “Deep Dive”* Open Discussion * Into shark-infested waters

Q1: Envision a National Research Platform -- are there any “sweeping” statements that we should make about security? (to each their own seems to be punting the issue) Which of the enterprise mechanisms for security are still applicable What is the border? Is there a border anymore? Federated system – What are people’s reasonable expectations of security, e.g. Verify that an AS does source address validation (software exists) Different communities should be reasonably shielded from each other. Compartmentalization (compromise at one point does not compromise others) Allow a centralized system for monitoring SIRTFI (Security incident response …. Federated Identity) Different profiles for “security”? Privacy issues. Keep the physicists out. (Federated Authorization) What can be leveraged that exists already (InCommon, eduroam, ..) Liabilities: Is any of the data regulated? (can we handle data with specific use agreements) Need auditable events. Punt on medical data Security means that there must be a governance structure for an NRP/GRP Identity vs. capability.

Big organizations might have deep benches for intrusion detection (and other more specialized tasks), what can be done improve the situation for those without "deep benches of expertise or people resources"? What’s new? Centers of excellence are possible ways to scale.

How 'open' to the network do research platforms really need to be How 'open' to the network do research platforms really need to be? Could they be mostly "unreachable" as a first line of defense against random probes? Should it be international, too? How to integrate identity management (like eduroam) into gaining accessibility. How does on constrain – Comments from Cees What are we “afraid” of? Put effort in managing connectivity/reachability or energy in blocking “bad actors”? Granting access to something already closed, makes risk managers unhappy. Define set of permitted use models Observe/determine “attack patterns” – Normal PRP/NRP usage might look like DDOS.