-the challenge of survivability

7/25/2019 -The Challenge of Survivability

1/27

The Challenge

OfSurvivability


2/27

Survivability Dened

The capability of a system to full its mission, in a timelymanner, in the presence of attacks, failures or accidents.


3/27

System

1) The term system is used in the broadest possible sense andincludes network and large-scalesystem of system.

) !ur"i"ability pro"ides a new technical andbusiness perspecti"e on security, which is essential

to our search for solutions.


4/27

ecurity vs. Survivability

!ur"i"ability is an emerging discipline that blends computersecurity with business risk management for the purpose ofprotecting highly distributed information ser"ices and assets. #fundamental assumption is that no system is totally immune toattacks, accidents, or failures.$mpro"ing sur"i"ability in the presence of cyber-attacks also

impro"es the capacity to sur"i"e accidents and systemfailures that are not malicious in nature.


5/27

curity as a component of sur"i"ability

Mission Security

Components

Other Key

Component

Timely%eli"ery ofmail

1. &ockedmailbo'es.. !egregatedcargo on (ights

amera*s inpost o+ces.. reuentinspections./. 0'tensi"esecurity

policies.. ederal lawsand strict0nforcementetc.

Automation2 3ar codes, optical scanners,web tracking, omputeri4edparsing, etc.

ault Tolerance2 #lternate (ights5hubs,substituteletter-carriers, interpose 6+cecommunicationManagement

2 &ocked mailbo'es2 !egregated cargo on(ights.Design2 7ip code system, le"els ofser"ice, hub

and spoke topology, etc.


6/27

!ayered Approach to Survivability

#pplying synergistic solutions in an attempt to accomplish the

mission and mitigate potential failures

The Driving Analogy"


7/27

#pplying multiple sur"i"ability measures increase the

likelihood of mission accomplishment while reducing thechance of failure.

These measures are applied as a holistic system, notnumerous, stand-alone pieces.

or e#ample8-

The airbags in a car work in con9unction with the seatbeltsystem. $f passengers are not wearing their seatbelts and arein a serious accident, it is unlikely that they will escape

unin9ured solely as a result of the airbags deploying.


8/27

Anticipate ailures and$ntrusions"%

:ou won*t necessarily ha"e warning


9/27

&lan for the 'orst"1. ;atural %isaster

. Terrorism.


10/27

$nformation Security Model


11/27

Characteri(es information

security in three dimensions").$nformation Security &roperties

$t*s generally accepted that $nformation !ecuritycontains three properties8 ondentiality, $ntegrity, and

#"ailability.*. $nformation States

$nformation is not a static entity. $t e'ists in processing>i.e. ?#@), storage >i.e. on disk), and transmission >i.e. onthe wire).

+. Security Measures6rgani4ations must apply security measures in order toeAecti"ely mitigate risk to their information assets.


12/27

formation Security &roperties

The goal of informationsecurity is to sustain anddefend three critical security

properties ofinformation: condentiality,integrity, and availability.


13/27

$nformation States

or the purposes of this model,information states refer to wherein the information systemsen"ironment the information to

be protected may be found.


14/27

&rocessing

#t any gi"en moment, information may be accessible in an

information system*s local memory.

Storage

?ecorded on some formofphysical media.

transmission

Transit as it is being deli"ered from one place to anotherwithin and between systems


15/27

rity of discarded media and output

$f media or other output >e.g., printouts, slides) on which condentialinformation was written is not completely erased or destroyed, anunauthori4ed reader may be able to sal"age the content from discardedmaterials >aka dumpster di"ing). 3ackup media such as tapes%5%B%, etc, need to be treated with the same amount of careCcriticalinformation is most likely stored on this media. Therefore, careful

planning should be conducted to facilitate proper disposal.


16/27

Security Measures

@easures to implement andsustain information securityin"ol"e policy and procedures,technology, and theknowledge and abilities of

system and networkadministrators and users.


17/27

$nformation Security Model

This model of information securityemphasi4es the need to sustainthe condentiality, integrity, anda"ailability of information assets

and resources in e"ery state thatthe information could be found ina networked information systemsen"ironment.


18/27

nformation Security Concepts

The properties ofondentiality, $ntegrity,and #"ailability are at thefoundation of what it

means for information tobe secure.


19/27

1. $dentication

?efers to the uniue properties of users that separate them fromothers and the means in which these users claim their identities on a

system. Dsernames are common means of identication. This istightly linked with authentication.

. Authentication

is the process of pro"ing that you are who you say you areestablishing proof of identity. This can be achie"ed through

passwords, smart cards, biometrics, etc.

. Accountability

is a system*s ability to determine the actions and beha"iour of asingle indi"idual within a system, and to identify that particularindi"idual.

/. ,onrepudiationis the mechanism that keeps an indi"idual from denying that theydid something.

. Authori(ation

is the rights and permissions granted to an indi"idual which

enable access to a computer resource.


20/27

tecting $nformation Assets

#"oidance

Ere"ention %etection ontainment and response ?eco"ery $mpro"ement

# comprehensi"e approach toimplementing and sustaininginformationsecurity can include the followingstrategies and practices


21/27

Avoidance# desirable strategy for impro"ing security is to a"oid congurationsthat present unnecessary opportunities for problems to occur.

&revention

Ere"ention refers to the implementation of measures and controls tominimi4e the possibility of security problems occurring

Detection

%espite all eAorts to pre"ent unauthori4ed access to informationassets and resources, security incidents are bound to occur

Containment and -esponse

Fhen information security incidents do occur, you will ha"e to workuickly to contain the damage and respond to pre"ent further

unauthori4ed acti"ity. -ecovery

Fhen system failures and security incidents occur, you will need toha"e resources and data backups a"ailable to restore your data,systems, networks, and security infrastructure to a known-good

state.


22/27

$mprovement

;ew threats to the security of information and information systems aredisco"ered e"ery day. $ntruders acti"ely seek ways to inltrate systems

in search of information and resources.dministrative -esponsibilities

#uthori4ation #uthentication #ccountability

@onitoring $ncident response %amage assessment and reco"ery #nalysis !ystem life-cycle management 3ackups, fault tolerance


23/27

$ntruders

Someone who attempts tobreach the security of aninformation asset.

a. $nternal "s. e'ternalb.


24/27

ac/ers

$ndi"iduals more interested in probing systems and networks fortheir own en9oyment and curiosity rather than actually causing

harm. Crac/ers

$ndi"iduals who attempt to maliciously altar systems for theirbenet.

or 0#ample

web site defacements or breaking license codes for games,applications, and web sites.

Cyber%Criminals

#ttempt to conduct large-scale crime online, i.e., credit cardtheft5scams, $nternet drug sales, corporate blackmail.


25/27

Mean Motive andOpportunityThey ask uestions such as,

"id the suspect have themeans to commit the crime!id they have something togain!

id they have the opportunityto carry out the crime


26/27

Means

$ntrusion tools has become high and is getting highermean for $ntruders.

These tools are well documented and are freelya"ailable on the $nternet.

Motives

@oney, prot

#ccess to additional resources ompetiti"e ad"antage1. 0conomic. Eolitical Eersonal grie"ance, "engeance1. uriosity. @ischief. #ttention/. Terrorism


27/27

Opportunities for $ntrusion

1. ?apid adoption of computer and network technology ingo"ernment, industry, and educational organi4ations.

. $nternet e'plosion and e-commerce.. Thousands of e'ploitable "ulnerabilities in technology./. &ack of awareness regarding information security.. !hortage of ualied system and network administratorsand information security staA.=. &ack of applicable laws and means of enforcement.'c"ba

-the challenge of survivability

Documents