Earl Crane Hap Huynh Jeongwoo Ko Koichi Tominaga 11/14/2000 Physician Reminder System SNA Step 3.

Slides:

Advertisements

Similar presentations

© Ravi Sandhu Introduction to Information Security Ravi Sandhu.

Advertisements

Distance Education Team 1 Adrian Sia Xavier Appé Anoop Georges Salvador Gonzales Augustine Ani Zijian Cao Joe Ondercin SNA Step 3 November 14, 2001.

FIREWALLS Chapter 11.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Student Application System SNA Step 3 Attacker Profiles and Scenarios

A Common Language for Computer Security Incidents John D. Howard, Thomas A. Longstaff Presented by: Jason Milletary 9 November 2000.

Taxonomy of Computer Security Incidents Yashodhan Fadnavis.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.

Security Issues and Challenges in Cloud Computing

Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.

Security+ Guide to Network Security Fundamentals

Extranet for Security Professionals Intrusion Scenarios Heather T. Kowalski Tong Xu Ying Hao Hui Huang Bill Halpin Nov. 14, 2000.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

FIT3105 Security and Identity Management Lecture 1.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Distance Education Team 2 Security Architectures and Analysis.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

11/14 SNA Presentation 3 Survivable Network Analysis Oracle Financial System SNA step 3 Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian.

Physician Reminder System The Western Pennsylvania Hospital 10/3/ Earl Crane Hap Huynh Jeongwoo Ko Koichi Tominaga.

Lecture 11 Reliability and Security in IT infrastructure.

Oracle Financial System Project Team: Xuegong Wang Jun Lu ZhengChun Mo Patrick Zhu Thomas Verghese Weicheng Wong Date : 14 th November, 2001 Step 3.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Web server security Dr Jim Briggs WEBP security1.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Earl Crane Hap Huynh Jeongwoo Ko Koichi Tominaga 12/12/2000 Physician Reminder System: Survivability Network Analysis Step 4.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.

APA of Isfahan University of Technology In the name of God.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

BUSINESS B1 Information Security.

Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?

Risk Assessment Farrokh Alemi, Ph.D. Monday, July 07, 2003.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

Software Security Testing Vinay Srinivasan cell:

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Lesson 2 Computer Security Incidents Taxonomy. Need an accepted taxonomy because... Provides a common frame of reference If no taxonomy, then we: Can’t.

CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.

Topic 5: Basic Security.

Module 11: Designing Security for Network Perimeters.

Chapter 13 Understanding E-Security. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES Security in Cyberspace Conceptualizing Security.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Chap1: Is there a Security Problem in Computing?.

Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.

Computer Security By Duncan Hall.

Web Security Introduction to Ethical Hacking, Ethics, and Legality.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.

Sources of Network Intrusion Security threats from network intruders can come from both internal and external sources.  External Threats - External threats.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Securing Information Systems

Threat Modeling for Cloud Computing

Instructor Materials Chapter 7 Network Security

Secure Software Confidentiality Integrity Data Security Authentication

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Security Engineering.

Understand Core Security Principles

Securing Information Systems

Chapter # 3 COMPUTER AND INTERNET CRIME

Presentation transcript:

Earl Crane Hap Huynh Jeongwoo Ko Koichi Tominaga 11/14/2000 Physician Reminder System SNA Step 3

Overview Attacker Profiling Vulnerabilities Existing Mediation Strategies Attack Scenarios which attackers will mount Attack Traces Compromiseable components Soft spots(*) Next Steps

Attacker Profiling Type of Attacker Attack Objective MotivationAttack Methods “Hacker” Hospital network and PRS Server General curiosity; need to cause mischief Social engineering, malicious code, or IP sniffing to capture client passwords Competitor Hospital network and PRS server; denial of service Likely to be highly motivated to demonstrate provider’s weak security Social engineering, malicious code, or IP sniffing to capture client passwords Insider (current or former employees) Access to patient information; corruption; denial of service Motivation from curiosity to financial gain Range from unauthorized commands to sophisticated attacks involving spoof attack and data integrity attack

Attacker Profiling Most Likely Attacker 1.Insider: High probability due to current policies and PRS configuration Mode of attack will be within the Hospital network 2.Hacker: Medium probability if attack is outside of the Hospital network because the network is closed PRS will not be its primary target since it does not perform critical functions. 3.Competitor: Low probability because repercussions will be more damaging than potential gain

Vulnerabilities Hospital network works under a trusted group model PRS clinic policy allows for all users to view patient information PRS system does not have real-time notification of unauthorized access by users PRS system does not have an intelligent way of auditing user activity Back-door installed from the inside network Modem dial-in pool

Existing Mediation Strategies Tracking by “Audit trail” Security policy education to the staffs Password policy Virus checks Firewall implementation In the process of eliminating modem pool

Types of Attacks & Related Intrusion Usage Scenarios (IUS) 1. Internal Network Access: IUS(1) Unauthorized use of PRS IUS(2) Spoofing/man-in-middle 2. External Network Access: IUS(3) Malicious code IUS(4) Intrusion via modem pool

Intrusion Usage Scenarios for Type 1: Internal Network Attack IUS(1) Unauthorized use of PRS via access to confidential patient information Who is the attacker  Insider (Disgruntled employee, former employee, or corporate spy) What are at stake  View or modify private patient information  Disclosure of patient information to embarrass and harm the hospital How does it happen  Abuse of legitimate access rights

Hospital Information System Tracing of IUS 1 PRS System PRS Server PRS Client Database Browser PRS Client Program Other Client Affinity System (Registration) LABEclypsis Interface Engine Firewall Server Web Server Modem pool Intruder’s Machine

Intrusion Usage Scenarios for Type 1: Internal Network Attack IUS(2): Access to the PRS server/client via sniffing, man-in-middle, and spoof-the-server. Who is the attacker  Insider (Curious employee, Disgruntled employee, former employee, or corporate spy) What are at stake  Compromise the availability of the system  Denial of service  View or modify patient information  Disclosure of patient information to embarrass and harm the hospital How does it happen Illegitimately obtain passwords  Abuse of legitimate access rights

Hospital Information System Tracing of IUS 2 PRS System PRS Server PRS Client Database Browser PRS Client Program Intruder’s Machine X X Other Client Affinity System (Registration) LABEclypsis Interface Engine Firewall Server Web Server Modem pool Intruder’s Machine

Intrusion Usage Scenarios for Type 2: External Network Attack IUS(3): Malicious Code Who is the attacker  Hacker  Competitor What are at stake  Data integrity, privacy, and availability.  Limit or deny access to the PRS How does it happen  Client machines intentionally/unintentionally download malicious code from outside the network.

Tracing of IUS 3 PRS System PRS Server PRS Client Database Browser PRS Client Program Public network Hospital Information System Other Client Affinity System (Registration) LABEclypsis Interface Engine Firewall Server Web Server Modem pool

Intrusion Usage Scenarios for Type 2: External Network Attack IUS(4): Intrusion via modem pool Who is the attacker  Hacker  Competitor What are at stake  Data integrity, privacy, and availability How does it happen  Attacker locates modem pool to bypass hospital security system.

Tracing of IUS 4 PRS System PRS Server PRS Client Database Browser PRS Client Program Public network Hospital Information System Other Client Affinity System (Registration) LABEclypsis Interface Engine Firewall Server Web Server Modem pool

All Compromisable Components Hospital Information System Other Client PRS System Affinity System (Registration) LABEclypsis Interface Engine PRS Server PRS Client Database Browser PRS Client Program Firewall Server Web Server Public network

Soft Spots Hospital Information System Other Client PRS System Affinity System (Registration) LABEclypsis Interface Engine PRS Server PRS Client Database Browser PRS Client Program Firewall Server Web Server Public network Soft Spots

Next Step Identification of Soft Spots (with WPH staffs) Confirmation of existing strategies for resistance, recognition, and recovery More detailed Analysis of intrusion scenarios Presentation of Survivable map for the architecture, suggested policy changes, cost estimate, and recommended timeline for implementation