High Secured Inter-Cloud Connectivity via Public Networks

Slides:



Advertisements
Similar presentations
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Advertisements

Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Cloud Usability Framework
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.
Secure Implementation In Real Life
Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 
Module 6: Designing Security for Network Hosts
Module 9: Designing Security for Data. Overview Creating a Security Plan for Data Creating a Design for Security of Data.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Engineering Secure Software. Agenda  What is IoT?  Security implications of IoT  IoT Attack Surface Areas  IoT Testing Guidelines  Top IoT Vulnerabilities.
The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.
Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Chapter 1: Security Governance Through Principles and Policies
Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 6 - Essentials of Design an the Design Activities.
IS3220 Information Technology Infrastructure Security
Iveta Topalova, Microsoft/IJIS Institute John Daugherty, CIO Montana DOC.
March 2009 Sipera Overview. 2 © 2009 Sipera Systems, Inc. All Rights Reserved. About Sipera  Leader in real-time Unified Communications (UC) security.
Security and resilience for Smart Hospitals Key findings
Principles Identified - UK DfT -
CS457 Introduction to Information Security Systems
STRIDE to a secure Smart Grid in a hybrid cloud
OCP Hardware Management
Microsoft Windows NT 4.0 Authentication Protocols
Information Technology Sector
Secure Software Confidentiality Integrity Data Security Authentication
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.
SECURING NETWORK TRAFFIC WITH IPSEC
Evaluating Existing Systems
Threat modeling Aalto University, autumn 2013.
Hardware Cryptographic Coprocessor
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
World-Leading Research with Real-World Impact!
Evaluating Existing Systems
BY GAWARE S.R. DEPT.OF COMP.SCI
OLMEK Building a confidential and secure communication between a Bank and its customers March 2006.
National Mining University
Daily Update Cisco Questions Dumps4download.us
NERC CIP Implementation – Lessons Learned and Path Forward
Securing Information Systems
Internet of Things
HIS Smart Grid – Summary (1)
* Essential Network Security Book Slides.
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Sukumara T, Janne S, Kishan SG, Harish G, Eashwar / Presented to CIGRE Colloquium, Mysore, Cyber Security - Secure communication design for.
Contact Center Security Strategies
Cryptography and Network Security
The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.
How to Mitigate the Consequences What are the Countermeasures?
CS 465 Terminology Slides by Kent Seamons Last Updated: Sep 7, 2017.
IoT Security – fel vagyunk rá készülve?
Platform Architecture
Intel Active Management Technology
We secure the communication
Vulnerability Reporting Process
IoT: Privacy and Security
Cryptography and Network Security
Reliability information databases and feasibility within accelerator community Heinrich Humer (AIT Austrian Institute of Technology) Alexander Preinerstorfer.
Presentation transcript:

High Secured Inter-Cloud Connectivity via Public Networks Andreas Aldrian Christoph Schmittner AVL List GmbH Austrian Institute of Technology andreas.aldrian@avl.com Christoph.schmittner.fl@ait.ac.at

project network

storyline Pilot Use Case Consequences of insecure CPS Goal State of the Art Approach Results

use case in a nutshell no inbound initiation internet AVL product AVL no routing isolated network internet AVL product @customer AVL Typical use cases: remote interaction remote updates of software/firmware health and status tracking pre-emptive services (condition based) logistic purposes reporting of availability and utilization

Consequences of insecure CPS Modern ICS and CPS require connection, cooperation, automation These (often legacy) systems have diverse operational and communication requirements (interfaces, protocols) Not just devices but systems can collaborate Goal of the project: Work out the formal and technical details for collaboration http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks

Consequences of insecure CPS Modern ICS and CPS require connection, cooperation, automation These (often legacy) systems have diverse operational and communication requirements (interfaces, protocols) Not just devices but systems can collaborate Goal of the project: Work out the formal and technical details for collaboration http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks http://www.theregister.co.uk/2016/03/24/water_utility_hacked/

Consequences of insecure CPS Modern ICS and CPS require connection, cooperation, automation These (often legacy) systems have diverse operational and communication requirements (interfaces, protocols) https://www.sentryo.net/cyberattack-on-a-german-steel-mill/ Not just devices but systems can collaborate Goal of the project: Work out the formal and technical details for collaboration http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks http://www.theregister.co.uk/2016/03/24/water_utility_hacked/

Consequences of insecure CPS Modern ICS and CPS require connection, cooperation, automation These (often legacy) systems have diverse operational and communication requirements (interfaces, protocols) https://www.sentryo.net/cyberattack-on-a-german-steel-mill/ http://www.networkworld.com/article/2225104/microsoft-subnet/not-cyber-myths--hacking-oil-rigs--water-plants--industrial-infrastructure.html Not just devices but systems can collaborate Goal of the project: Work out the formal and technical details for collaboration http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks http://www.theregister.co.uk/2016/03/24/water_utility_hacked/

Goal Fulfill the security policies and enable smart services without risking Network, system or data of the product operator and of the service provider Safety or reliability of machinery

State of the Art First industrial security standard: IEC 62443: Industrial communication networks - Network and system security Considers IT-Security, security of machinery and also impacts on safety and reliability

State of the Art First industrial security standard: IEC 62443: Industrial communication networks - Network and system security Considers IT-Security, security of machinery and also impacts on safety and reliability Under Review Development Development Planned Under Review Planned Available Available Under Review Draft Available Draft Draft

Approach We needed something which works for safety & security We developed an approach for safety & security analysis and iterative design workflow

Safety & Security analysis approach System Model Based on ISO 27005 IEC 60812 Microsoft STRIDE Security objectives Failure catalogue Survey Threat catalogue Unified catalogue Impact assessment Risk assessment Likelihood assessment Risk Catalogue Based on: ETSI TS 102 165-1 IEC 60812 09.11.2018

Simplified system model To ease risk assessment some components have been combined Strongly related processes within a trust boundary Data flows between the same components 09.11.2018

Threat & Failure Catalogue Similar approach for safety and security, use system model and identify potential manipulations (STRIDE) or deviations (failure modes) from normal operation STRIDE: Spoofing of user identity, Tampering, Repudiation, Information disclosure, Denial of service (D.o.S), Elevation of privilege Failure modes for communication or processing units: Missing Data, Incorrect Data, Timing of Data, Extra Data, Halt/Abnormal, Omitted Event, Incorrect Logic, Timing/Order Spoofing of user identity Tampering Repudiation Information disclosure (privacy breach or data leak) Denial of service (D.o.S) Elevation of privilege

Risk Catalogue Investigate overlap between safety and security effects Estimate risk based on impact and likelihood Formulate safety and security goals Spoofing of user identity Tampering Repudiation Information disclosure (privacy breach or data leak) Denial of service (D.o.S) Elevation of privilege

Design workflow System concept / architecture Safety & Security analysis Safety & Security concept Review

results of the security & safety analysis no inbound initiation non-routable communication (serial interface) AVL product @customer internet AVL infra mediator unit

security controller Secure contactless (NFC) device configuration Anti-counterfeiting IP protection and feature activation Secure SW update Secured boot of industrial devices Secure contactless (NFC) device configuration Secure TLS client authentication Secure communi-cation

final topology & encryption levels we utilized ISO20922 (MQTT) as data exchange between both clouds

ArrowHead contribution ISO20922 + HW security as enabler for secure inter-cloud communication

Thank you!