A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.
-
Upload
bartholomew-evans -
Category
Documents
-
view
214 -
download
0
Transcript of A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.
![Page 1: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/1.jpg)
A Virtual Network Topology Security Assessment Process
Presented by Rich Goyette
23-04-21 1
![Page 2: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/2.jpg)
Overview
• Motivation• Virtual Network Concept• Security Model Development• Assessment Process Summary• An Example• Conclusions and Future Work
23-04-21 2
![Page 3: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/3.jpg)
Motivation
• Network Virtualization: Trust and Security challenges.
• Security is hard to quantify. – Expert judgement is an alternative but:
• Time and labour intensive;• Inconsistent;
• Our approach – model expert judgement:– Repeatable;– Uses available VNet attributes.
23-04-21 3
![Page 4: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/4.jpg)
Concept of Virtual Networks
Logical Plane
Physical Plane
Service Provider(SP)
Requirements
Virtual Network Provider (VNP)
InfrastructureProvider 1 (InP 1)
InfrastructureProvider 2 (InP 2)
InfrastructureProvider 3 (InP 3)Attribute Search
and Comparison
23-04-21 4
![Page 5: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/5.jpg)
VNet Attributes are Key!
Each physical network element (node and link) has attributes.
Attributes are stored in resource discovery framework.
RDFRDF
We use the attribute values to characterize VNet security.
23-04-21 5
![Page 6: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/6.jpg)
How We Model Expert Judgement
• For each network element (nodes, links), expert judgement of security is modeled using the additive form of multi-attribute value function:
xi: A security relevant attribute (operating system, media type, etc.). v(xi): A value function for a single attribute xi.
x: A vector of attributes {x1, x2, … xj} for an element.δi: A scaling constant for attribute xi.V(x): An expert value function for attribute vector x.
(V(x) is the security value of a node or link with attributes x).23-04-21 6
![Page 7: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/7.jpg)
Some Conditions
• The additive form is only valid when attributes are mutually preference independent;
• A line of questioning is needed for attribute independence testing following attribute selection.
Example Alternatives Independent?
Computer selection [1TB, 2GHz, 1GB][1TB, 4GHz, 1GB]
Yes
Dinner selection [Potato, Fish, White][Potato, Beef, White]
No
23-04-21 7
![Page 8: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/8.jpg)
Decision Support Tools
• We use MACBETH (Measuring Attractiveness by a Categorical Based Evaluation Technique) to illustrate the development of value functions and scaling constants.
• Other methods can be used by the must result in measurable value functions on an ordinal scale.
23-04-21 8
![Page 9: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/9.jpg)
Single Attribute Value Functions
• Assume we are considering a Link network element with respect to confidentiality.
• Link confidentiality can be characterized by:– Channel Mode (CM)– Encryption (ENC)– Media Type (MT)
23-04-21 9
![Page 10: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/10.jpg)
Single Attribute Value Functions
• “In your professional judgement, with respect to confidentiality, what is your strength of preference for fiber over wireless media?”
• “Twisted pair?”• “Coax?”
23-04-21 10
![Page 11: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/11.jpg)
Single Attribute Value Functions
• Based on pairs comparison, a value function is proposed;
• Values are normalized between the best and worst cases on MACBETH proposed scale (pre-cardinal);
• Judges can adjust positions to some extent (cardinal).
23-04-21 11
![Page 12: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/12.jpg)
Single Attribute Value Functions
• Encryption and Channel Mode value functions developed similarly;
23-04-21 12
![Page 13: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/13.jpg)
Scaling Constant Development• Scaling constants in
MACBETH are developed using the same process.
• “Consider the worst case combination of these attributes with respect to confidentiality”
• “Characterize your strength of preference with respect to this case in going from {wireless, no encryption, no channels} to {fiber, no encryption, no channels}”
23-04-21 13
![Page 14: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/14.jpg)
Scaling Constant Development
• MACBETH fills in remainder of weights and suggests scaling constants.
Security Value of Link i:
23-04-21 14
![Page 15: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/15.jpg)
Security Value Aggregation
• We combine network element security values using the following simple aggregation model:
• The low value is included to manage “weakest link” concerns.
• We end up with a 3X2 matrix representing C, I, and A for VNet Nodes and Links.
23-04-21 15
![Page 16: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/16.jpg)
Assessment Process Summary
Gather Security Experts
Gather Security Experts
Compute Attribute Value
Function
Compute Attribute Value
Function
Develop Attribute Value
Functions
Develop Attribute Value
Functions
Compute Security Value
for Element
Compute Security Value
for Element
Develop Element Value
Function
Develop Element Value
Function
Obtain Attribute Values
Obtain Attribute Values
Identify Relevant
Attributes
Identify Relevant
Attributes
For Each Element:For Each Element:
For Each Element in Topology:
For Each Element in Topology:
Identify all Types of VNet ElementIdentify all Types of VNet Element
Aggregate Security Values
Aggregate Security Values
Nodes and LinksMAVT
Model Generation
Model Application23-04-21 16
![Page 17: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/17.jpg)
Example:Identify Relevant Attributes
23-04-21 17
![Page 18: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/18.jpg)
Example: Develop Attribute Value Functions
23-04-21 18
![Page 19: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/19.jpg)
Example: Develop Scaling Constants
23-04-21 19
![Page 20: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/20.jpg)
Example:Evaluate Topology
23-04-21 20
![Page 21: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/21.jpg)
Conclusions
• Our process is passive;• Our process compares current VNet security
to expert “best effort”;• Once our model is generated, security
assessment is relatively straightforward;• Model can be generated as a separate
business enterprise.
23-04-21 21
![Page 22: A Virtual Network Topology Security Assessment Process Presented by Rich Goyette 12/12/20151.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bf921a28abf838c8f2cb/html5/thumbnails/22.jpg)
Future Work
• Gathering experts for model generation is problematic:– Time, schedule, frequency.– Dynamics of group decision making.
• Physical network components will change, migrate, and/or evolve.
• Providers will lie.
23-04-21 22