Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Cyber Incident Information Sharing UTSA Team Leads Dr. Ram Krishnan, Assistant Professor, ECE Dr. Ravi Sandhu, Executive Director, ICS April 30,

Published byBruno Jordan Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure Cyber Incident Information Sharing UTSA Team Leads Dr. Ram Krishnan, Assistant Professor, ECE Dr. Ravi Sandhu, Executive Director, ICS April 30,"— Presentation transcript:

1 Secure Cyber Incident Information Sharing UTSA Team Leads Dr. Ram Krishnan, Assistant Professor, ECE Dr. Ravi Sandhu, Executive Director, ICS April 30, 2014

2 LMI Research Institute (LRI): Academic Partnership Program Through formal working relationships with universities across the country, LMI bridges the gap between academia and industry to create innovative solutions and explore new research topics The partnership program exposes students to real-world challenges faced by the federal government through structured, funded research projects

3 Cyber Incident Response Secure information sharing amongst a set of entities/organizations – Often ad hoc What are the effective ways to facilitate information sharing in such circumstances? – Information sharing models – Infrastructure, technologies, platforms

4 Org A Org B Org C Org D Team 1 Team 2 County Threat Emergency Response Local Police Personnel+ Resources Long-Term Members Personnel Join/Leave Resources Add/Remove Personnel+ Resources Within a team:  Controlled access  Flexible and fine-grained access control  Team should function unaffected by membership dynamics Agile Incident Response

5 Cyber Incident Information Sharing Scenarios Community – Cyber incidents across critical infrastructure providers in a community Emergency response, healthcare, banks, utility Electric grid – Cyber incidents in electric power provider orgs Local utilities, ISOs, ERCOT, NERC

6 Key Requirements Cyber infrastructure sharing to support data and compute – Need a community information sharing platform Controlled access Light-weight and agile Rapid deployment and configuration Secure environment

7 Cloud Infrastructure as a Service Virtualized IT infrastructure (servers, storage, networks, OS, etc.) – Delivered as a service over a network, on demand, dynamic scaling, etc. Prominent examples – Amazon AWS – OpenStack

8 Enforcement in Cloud IaaS Participant B Secure Isolated Domain (SID) Community Cloud Add/Remove Data Join/Leave Users Add/Remove Data Join/Leave Users Add/Remove Data Join/Leave Users View #1: Participant C View #2: SID View #1: Participant B View #2: SID View #1: Participant A View #2: SID Participant C Participant A

9 Next Steps UTSA to incorporate INL input Develop prototype in OpenStack Share research results with INL – August/September

10 Thanks Comments, Q&A

11 Backup

12 OpenStack – Dominant open source cloud IaaS platform  > 200 companies  ~14000 developers  >130 countries

13 Project Goal Storage Servers Network CSP Personnel Tasks: 1.Manage Virtual Infrastructure 2.Create and Manage Tenants (e.g. create tenant super-user) Tenant #1 IT Super-Users (Architects) Tasks: 1.Architect Attributes of Org’s Users + Cloud Resources 2.Create and Manage Admin Users 3.Manage Attributes of Admin Users Tenant #1 Administrative IT Users Tasks: 1.Create and Manage Org’s Regular Users 2.Manage Attributes of Regular Users 3.Manage Attributes of Org’s Resources CSP’s OpenStack Tenant #1 Regular IT Users Tasks: 1.Day-to-Day Operations 2.Add/Remove Capacity 3.Manage N/W 4.Backup, Snapshot, etc. Tenant #2 Tenant #3 ABAC Administrative ModelsABAC Operational Models Utilize Inter-Tenant Sharing

14 Closed Network Scenario Unusual activity in Air Force, Navy & Army networks A physically secure and air-gapped meeting room with members from AFCYBER, ARCYBER and FLTCYBER Members bring data for analysis and collaboration – Maps, a VM configured with software tools, a VM image with a virus/worm, log files, etc. Strict control on data import/export

15 Data Exfiltration Scenario Unusual file transfers from IP addresses within an org to an external IP address Similar activities observed in partner orgs Need to find if these events are connected – Any correlation between those files? Members bring data for analysis+collaboration

Download ppt "Secure Cyber Incident Information Sharing UTSA Team Leads Dr. Ram Krishnan, Assistant Professor, ECE Dr. Ravi Sandhu, Executive Director, ICS April 30,"

Similar presentations

Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University.

Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University.
1 Towards a Discipline of Mission-Aware Cloud Computing (A Position Paper) Ravi Sandhu Executive Director and Endowed Professor October 2010

1 Towards a Discipline of Mission-Aware Cloud Computing (A Position Paper) Ravi Sandhu Executive Director and Endowed Professor October 2010
1 New Trends and Challenges in Computer Network Security Ravi Sandhu Executive Director and Endowed Professor September 2010

1 New Trends and Challenges in Computer Network Security Ravi Sandhu Executive Director and Endowed Professor September 2010
1 Cloud Computing Prof. Ravi Sandhu Executive Director and Endowed Chair April 12, 2013 © Ravi Sandhu World-Leading.

1 Cloud Computing Prof. Ravi Sandhu Executive Director and Endowed Chair April 12, © Ravi Sandhu World-Leading.
Canada-EU Future Internet Workshop Waterloo, Canada March 24th, 2011 Ignacio M. Llorente DSA-Research.org Distributed Systems Architecture Research Group.

Canada-EU Future Internet Workshop Waterloo, Canada March 24th, 2011 Ignacio M. Llorente DSA-Research.org Distributed Systems Architecture Research Group.
System Center 2012 R2 Overview

System Center 2012 R2 Overview
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
Institute for Cyber Security Extending OpenStack Access Control with Domain Trust World-Leading Research with Real-World Impact! 1 Bo Tang and Ravi Sandhu.

Institute for Cyber Security Extending OpenStack Access Control with Domain Trust World-Leading Research with Real-World Impact! 1 Bo Tang and Ravi Sandhu.
What is Cloud Computing? o Cloud computing:- is a style of computing in which dynamically scalable and often virtualized resources are provided as a service.

What is Cloud Computing? o Cloud computing:- is a style of computing in which dynamically scalable and often virtualized resources are provided as a service.
11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.

11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.
Secure Information and Resource Sharing in CloudSecure Information and Resource Sharing in Cloud References OSAC-SID Model [1]K. Harrison and G. White.

Secure Information and Resource Sharing in CloudSecure Information and Resource Sharing in Cloud References OSAC-SID Model [1]K. Harrison and G. White.
Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.

Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.
11 World-Leading Research with Real-World Impact! A Formal Model for Isolation Management in Cloud Infrastructure-as-a-Service Khalid Zaman Bijon, Ram.

11 World-Leading Research with Real-World Impact! A Formal Model for Isolation Management in Cloud Infrastructure-as-a-Service Khalid Zaman Bijon, Ram.
“Grandpa’s up there somewhere.”. Making your IT skills virtual What it takes to move your services to the cloud Erik Mitchell | Kevin Gilbertson | Jean-Paul.

“Grandpa’s up there somewhere.”. Making your IT skills virtual What it takes to move your services to the cloud Erik Mitchell | Kevin Gilbertson | Jean-Paul.
Https://portal.futuregrid.org Virtual Clusters Supporting MapReduce in the Cloud Jonathan Klinginsmith School of Informatics and Computing.

Virtual Clusters Supporting MapReduce in the Cloud Jonathan Klinginsmith School of Informatics and Computing.
+ System Center 2012 SP1 – What’s The Cloud Got To Do With it?

+ System Center 2012 SP1 – What’s The Cloud Got To Do With it?
Sanbolic Enabling the Always-On Enterprise Company Overview.

Sanbolic Enabling the Always-On Enterprise Company Overview.
Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.

Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.
Metadata in the Cloud Computing 07th June 2012 Baba Piprani Ewelina Szczekocka.

Metadata in the Cloud Computing 07th June 2012 Baba Piprani Ewelina Szczekocka.
UTSA Amy(Yun) Zhang, Ram Krishnan, Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio San Antonio, TX 78249 Nov 03, 2014 Presented.

UTSA Amy(Yun) Zhang, Ram Krishnan, Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio San Antonio, TX Nov 03, 2014 Presented.

Similar presentations

Ads by Google