Session 5: Securing Home Networks Conclusions & Recommendations

Slides:

Advertisements

Similar presentations

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

The Islamic University of Gaza

DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.

Security Controls – What Works

Information Security Policies and Standards

Security+ Guide to Network Security Fundamentals

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Applied Cryptography for Network Security

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Cloud Usability Framework

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Fraud Prevention and Risk Management

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

HIPAA COMPLIANCE WITH DELL

Cryptography and Network Security

Computer & Network Security

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Csci5233 Computer Security & Integrity 1 Overview of Security & Java (based on GS: Ch. 1)

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

International Telecommunication Union ITU-T Workshop on Home Networking and Home Services Tokyo, Japan, June 2004 Securing Home Networks Tsutomu.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.

HHS Security and Improvement Recommendations Insert Name CSIA 412 Final Project Final Project.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.

Information Security KRISHNAKUMAR RAGHAVAN (KK) NASWA's Information Technology Support Center 1.

Security Management in Practice

CS457 Introduction to Information Security Systems

Auditing Concepts.

Working at a Small-to-Medium Business or ISP – Chapter 8

VIRTUALIZATION & CLOUD COMPUTING

Lecture 09 Network Security Management through the ISMS

Comments on 18 mitigations proposed by OICA(TFCS-06-11)

Network Security Analysis Name : Waleed Al-Rumaih ID :

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.

COMPUTER SECURITY CONCEPTS

Secure Software Confidentiality Integrity Data Security Authentication

Module 8: Securing Network Traffic by Using IPSec and Certificates

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Information Security based on International Standard ISO 27001

Security in Networking

IS4550 Security Policies and Implementation

ISO/IEC 27001:2005 A brief introduction Kaushik Majumder

ISMS Information Security Management System

INFORMATION SYSTEMS SECURITY and CONTROL

Cryptography and Network Security

Module 8: Securing Network Traffic by Using IPSec and Certificates

Appropriate Access InCommon Identity Assurance Profiles

Operating System Concepts

Protection Mechanisms in Security Management

Cryptography and Network Security

Global One Communications

Presentation transcript:

Session 5: Securing Home Networks Conclusions & Recommendations Koji NAKAO KDDI General Manager, Information Security Department ko-nakao@kddi.com 2019/2/28

Presentations in Session Securing Home Networks Tsutomu Matsumoto Standardized Firewall Management : An IPCable2Home Perspective Amol Bhagwat Home Network Device Authentication Ralph Brown Standardized Precabling, the Efficient Road to secure and reliable Home Networks Walter P. von Pattay 2019/2/28

Highlights from Presentation 1 “Securing Home Networks” The allowed computational complexity or the cost for mechanisms to enhance security may be highly limited Often the appliances DO NOT have their Identifiers in digital form Key Management including Key Establishment, Key Revocation, and Key Renewal needs Innovative Technologies How to achieve acceptable Quality of Security in such a tough environment 2019/2/28

Highlights from Presentation 2 “Standardized Firewall Management : An IPCable2Home Perspective” IPCable2Home requires the firewall to have SPF or ASP filtering capabilities. Is session aware, keeps track of initiated vs. response packets. Supports remote configuration by service provider as well as consumer configuration Uses standardized configuration language Need of the Management of Firewall IPCable2Home standardizes configuration and management of firewalls including in the home gateway 2019/2/28

Highlights from Presentation 3 “Home Network Device Authentication” Device authentication is more than just the protocols and cryptography used in devices For device authentication to have value it must be backed by: Detailed specifications License agreements Certification processes Certification authority Certification issuance For exchanging high value content, these elements become even more important 2019/2/28

Highlights from Presentation 4 “Standardized Precabling, the Efficient Road to secure and reliable Home Networks” Reasons for cabling (secure, safe, reliable…) Standardization in SC25: ISO/IEC 11801 is world-widely used. 11801: Generic cabling for customer premises ISO/IEC 15018 (Cabling Infrastructure) This decreases the cost for protection against sabotage, masquerade and malfunctions. 2019/2/28

Overview of issues in the session(1) Threads in Home Network External Network: The Internet Home GW Devices Users Remote Users AP Servers Sabotage Information Leakage, Masquerade, Malfunctions (worms..) DoS, DDoS 2019/2/28

Overview of issues in the session(2) Security Requirements a) confidentiality: the property that information is not made available or disclosed to unauthorized individuals, entities, or processes (ISO 7498-2:1988). b) integrity: the property of safeguarding the accuracy and completeness of assets. c) availability: the property of being accessible and usable upon demand by an authorized entity (ISO 7498-2:1988). d) accountability: the property that ensures that the actions of an entity may be traced uniquely to the entity (ISO 7498-2:1988). e) authenticity: the property that ensures that the identity of a subject or resource is the one claimed. Authenticity applies to entities such as users, processes, systems and information. f) Reliability: the property of consistent intended behavior and results. 2019/2/28

External Network: The Internet Recommendations Devices Users (a)Confidentiality (b)Integrity (c)Availability (d)Authenticity (e)Reliability Remote Users External Network: The Internet Home GW (a)(c)(d) (a)(c)(d) (a)(b)(c)(d) (d) (d) 2019/2/28

Follow-up actions : Security Management Identify and classify home assets; Risk analysis and assessment are required; Select suitable controls for the assets in order to reduce the risks; Implement the controls; Review and Check the controls implemented in a constant time period; If additional risks are recognized, then action against the risks should be carried out. Security Management Process : Plan-Do-Check-Act 2019/2/28

Conclusion: Good quality of security Vulnerability and threads should be identified for HN Risk assessment should be carried out for HN; Study and standardize Specific Controls, such as Firewall, Intrusion Detections System (IDS), Device authentication,… Collaboration with External standardization bodies such as ISO, IETF should be strongly promoted; Good and acceptable standard should be promptly carried out; Security Management is necessary. Continuous improvement Refine & Actions Action Policy Review & Audit Plan Plan Implement & Operation Check Do 2019/2/28