Presentation is loading. Please wait.

Presentation is loading. Please wait.

Using security assessment methods to enhance the feedback from security training Jonas Hallberg Division of Information Systems Swedish Defence Research.

Published byBeverly Hood Modified over 9 years ago

Similar presentations

Presentation on theme: "Using security assessment methods to enhance the feedback from security training Jonas Hallberg Division of Information Systems Swedish Defence Research."— Presentation transcript:

1 Using security assessment methods to enhance the feedback from security training Jonas Hallberg Division of Information Systems Swedish Defence Research Agency (FOI) www.foi.se/securityassessment jonas.hallberg@foi.se Jonas Hallberg Division of Information Systems Swedish Defence Research Agency (FOI) www.foi.se/securityassessment jonas.hallberg@foi.se

2 Training environment

3 jonas.hallberg@foi.se Security assessment focus

4 jonas.hallberg@foi.se Security assessment context

5 jonas.hallberg@foi.se Security assessment method XMASS - eXtended Method for Assessment of System Security

6 jonas.hallberg@foi.se XMASS – systems modeling Systems are modeled as interconnected components Two main classes of components: 1.Traffic generators, e.g. PCs and PDAs 2.Traffic mediators, e.g. firewalls and hubs Two types of relations: 1.Physical, e.g. network connections 2.Logical, e.g. node dependencies The abstraction level is not fixed Systems are modeled as interconnected components Two main classes of components: 1.Traffic generators, e.g. PCs and PDAs 2.Traffic mediators, e.g. firewalls and hubs Two types of relations: 1.Physical, e.g. network connections 2.Logical, e.g. node dependencies The abstraction level is not fixed

7 jonas.hallberg@foi.se XMASS – security values Entity profiles Security profiles consist of security features with corresponding elementary security values Filtering profiles describes the ability of traffic mediators to block malicious traffic Entity relations Inter-component relations are modeled with a set of functions System-dependent security profiles Computed for each component based on component security profiles and relations System security values Based on the system-dependent security profiles Entity profiles Security profiles consist of security features with corresponding elementary security values Filtering profiles describes the ability of traffic mediators to block malicious traffic Entity relations Inter-component relations are modeled with a set of functions System-dependent security profiles Computed for each component based on component security profiles and relations System security values Based on the system-dependent security profiles

8 jonas.hallberg@foi.se XMASS – tasks

9 jonas.hallberg@foi.se Requirement collections Security feature# requirements Access Control19 Security Logging12 Intrusion Prevention 17 Intrusion Detection 12 Protection against Malware 16

10 jonas.hallberg@foi.se Security profile template

11 jonas.hallberg@foi.se Security profiles

12

13

14 jonas.hallberg@foi.se Workflow Preparation Model network Export network model In action Accept tokens Update model After-action review Documentation Preparation Model network Export network model In action Accept tokens Update model After-action review Documentation

15 jonas.hallberg@foi.se Preparation

16 jonas.hallberg@foi.se In action

17 jonas.hallberg@foi.se After-action review

18 jonas.hallberg@foi.se Enhanced training Support the specification of the network Provides in-training security status overview Supports the after-action review Support the specification of the network Provides in-training security status overview Supports the after-action review

Download ppt "Using security assessment methods to enhance the feedback from security training Jonas Hallberg Division of Information Systems Swedish Defence Research."

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
 The Citrix Application Firewall prevents security breaches, data loss, and possible unauthorized modifications to Web sites that access sensitive business.

 The Citrix Application Firewall prevents security breaches, data loss, and possible unauthorized modifications to Web sites that access sensitive business.
Assignment 3 LTEC 4550 Cason Parker. Network Hub A Network Hub is a device that connects other devices together using Ethernet cables. Hubs are unintelligent.

Assignment 3 LTEC 4550 Cason Parker. Network Hub A Network Hub is a device that connects other devices together using Ethernet cables. Hubs are unintelligent.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
1 www.vita.virginia.gov Evolving the Cyber Security Program Michael Watson Chief Information Security Officer ISACA 3/12/2015 www.vita.virginia.gov 1.

1 Evolving the Cyber Security Program Michael Watson Chief Information Security Officer ISACA 3/12/
AVG Internet Security 7.5 Product presentation.

AVG Internet Security 7.5 Product presentation.
Separate Domains of IT Infrastructure

Separate Domains of IT Infrastructure
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
Access Controls Supervised by: Dr.Lo’ai Tawalbeh Prepared by: Abeer Saif.

Access Controls Supervised by: Dr.Lo’ai Tawalbeh Prepared by: Abeer Saif.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Action Automated Security Breach Reporting and Corrections.

1 Action Automated Security Breach Reporting and Corrections.
A Brief Taxonomy of Firewalls

A Brief Taxonomy of Firewalls

Similar presentations

Ads by Google