Role Based Access Controls Applied to Electronic Toll ...Role Based Access Controls Applied to...
Transcript of Role Based Access Controls Applied to Electronic Toll ...Role Based Access Controls Applied to...
01/ Presentation main goals
02/ Toll Collection Systems
03/ Transactions and data access
04/ External requests for information
05/ Next Steps
Index
A/ The Tolling Systems and its security
framework
B/ Management of accesses to the toll
information
C/ Assurance of the principle of the least
privilege in information access
Role Based Access Controls Applied to Electronic
Toll Collection in Ascendi
01/ Presentation Main Goals
Significant experience and know-how
in toll collection
AET (MLFF)
Toll collection systems enabling
traffic free flow
Traditional
Toll Collection
Open or closed systems,
manual and electronic
02/ Toll Collection Systems
6 contracts under operation
(130 tolling points)
Operation under independent contracts
between Ascendi O&M and Infraestruturas
de Portugal (Portuguese Road Agency)
Costa de Prata, Grande Porto, Beiras
Litoral e Alta, Interior Norte, Pinhal Interior,
Tunel do Marão
AET | All Electronic Tolling
02/ Toll Collection Systems
Norte and Grande Lisboa Concessions
21 Toll plazas (closed system)
3 Toll plazas (open system)
134 Manual lanes
83 Electronic single lanes free flow
Traditional Toll Collection
02/ Toll Collection Systems
02/ Toll Collection Systems
https://www.youtube.com/watch?v=6Kiwrdyy_ts
OPERATIONAL BACK-OFFICE (OBO)
COMMERCIAL BACK-OFFICE (CBO)
ROAD SIDE EQUIPMENT (RSE)
Integrates all tolling operations
• Account Management
• Contact and Walk-in centre
• CRM
• Billing and notice issuing
• Dunning management
• Payment processing
• External Interface (links)
Integrates all tolling operations
• Prepared for technologies from
different vendors (DSRC, RFID)
• Transaction validation
• Second level OCR
• Image review
• Trip aggregation engine
• Price calculation
• Mobile enforcement BO
02/ Toll Collection Systems
Systems - Architecture
•Detection of the passage of thevehicle
•Classification of vehicle usingits volumetry figures (height, width, lenght, trail)
•Read of OBU
•Capture of front, rear andcontext images
•Automatic License PlateRecognision
•Data correlation of the varioussubsystems
NATIONAL VEHICLESDirect Collection (without
surcharges):
• Fully electronic payment through
OBU issuer (debit card)
• Pre-payment with client
identification
• Anonymous pre-payment supported
Post Payment Collection (with
surcharges):
• Anonymous post-payment using
license plate - available for payment at
postal offices, Payshop network and
internet.
FOREIGNVEHICLES• Interoperability with Spain
(vehicles equipped with OBU)
• “Easy-Toll” system (automatic
registration at the borders,
using credit card account)
• TollService (pre-paid title for
light vehicles for 3 days or pre-
-determined trips)
• TollCard (“on the shelf” pre paid
card, activated by SMS)
• Temporary Via Verde tag
(rent-a-tag)
ENFORCED COLLECTION• Enforced Collection for non
payment
• Mobile enforcement
• Tax authority (with fines
treated as fiscal offense)
• Internet
AET | Payment Methods (Portugal)
02/ Toll Collection Systems
European
Standards
• EN 15509 – Electronic Free
Collection – Interoperability
Application profile for DSCR
• Security features and mechanisms
based on the general security
framework defined in 7.1.4 in EN
ISO 14906:2004.
• Image Security: attribute
adaptations according to CEN/TS
16439 (EFC - Security Framework).
• Monitored datacenters
(heat, fire, power, air
conditioning, cctv)
• Restricted physical
Access
• Network segmentation
• Public Key
Infrastructure (PKI),
FTPS, HTTPS for
webmail, SSL VPN,
Ipsec Tunnel Private-to-
private Network
Network Security
Protocols
Systems - Security Features
Datacenters
02/ Toll Collection Systems
Business Continuity
Systems - Security Features
• Secure Infraestruture - Virtualization and
High Availability for Core Systems
• Centralized enterprise backup and
recovery, disaster recovery and endpoint
data protection
• Disaster Recovery Site for OBO
and CBO;
• Business Continuity Plan;
Organization
• Security policies and procedures
• Skilled Technical resources
• Non-disclosure agreement concerning
personal, proprietary information and
good practices using IT systems
02/ Toll Collection Systems
DIMENSION
• Largest Europeanprivate operator of amulti-vehicle categoryAET (MLFF);
• High speedmotorways - DSRC
Technology;
• More than 99,99%
system availability;
• 99,80% of vehicles
detection (no speed
restriction);
• more than 96% of
ALPR (multiple
libraries);
FEASIBILITY
• Electronic Tollingusing OBU
identification; or
• Video Tolling, using
ALPR in association
with 2º level OCR
engines;
OPERATIONALFLEXIBILITY
• Unitary transactions ofa journey aggregated
into a single
transaction, where:
o Customer able to
check travelled journey;
o Optimized transaction
costs;
TRANSACTIONAGGREGATION
AET | Main Features (Portugal)
02/ Toll Collection Systems
700K Transactions
processed daily
Transaction mode: 80%
ETC, 11% VTC, 9%
Manual
Facts and Figures
1.7M customer
accounts managed
5.2M km (aggregate
distance travelled by all
users) charged per day
Invoices/notices:
42.5k processed per
week
More than 160 users
of the systems
03/ Transactions and data access
> 500K images
per day
Customer Care Organization
Technical team
• 6 Supervision areas
• 10 Operational teams
Macro-areas
03/ Transactions and data access
Coordination &
Technical Support
Invoice-Manual
Validation
& QC
Document
Management
& Receivables
Customer
Care (walk-in
+ call center)
Customer
Care (written +
online)
Litigation &
Corporate
• Invoicing
• Clients and Operations
Manual photo
validationDocument
Management
Call-Center
OperatorWalk-in Center
Operator
CRM
Operator
Quality
Control
Receivables Litigation Corporate
Clients
Operator
Applications accesses per type of functional user
ERP
Call-M
CRM
ECM
OBO
03/ Transactions and data access
Access Profiles are defined per application module
Permission Matrix
• By system
• Read Only / Read & Write
03/ Transactions and data access
Segregation by function
• Overall containment of information access
• Rigid boundaries
• Team defined access
• Different degrees of access inside the boundaries
• Almost atomic granularity of permissions
Segregated by Area of responsibility
Access Profiles are defined per application module
03/ Transactions and data access
All requests for change refer to
this matrix AND ALL PREVIOUS
VERSIONS ARE AUDITABLE
Versioning
03/ Transactions and data access
Internet Access
• Access controlled
through the use of white-
lists
• Internet access only
allowed via proxy
• Active Directory user
groups determine the
Internet access
• Email is only allowed
internally for Manual
Toll-Operator team
• All Client interaction
teams use an unified
account (mono account
per channel)
• All email sent to Clients
by the unified accounts
is duplicated to a read-
only mailbox
(traceability)
Workstations \ Mobile Devices
• Predefined software image for
workstations
• Standard GPO enforced restrictions
on USB drives and other media
• Locked down baseline according to
Center for Internet Security
benchmarks
(https://www.cisecurity.org/)
• Firewall rules restrict access to local
addresses only (http proxy is local)
• Software update via SCCM (security,
critical, antivirus and malware )
Workstation | Restrictions and controls
Data Loss Prevention
03/ Transactions and data access
Available information
• Client must show personal identification andvehicles documentation
• Data is verified with historic ownership data
Client requests
By Clients
• Non paid transactions
• Travel information
• Photographic evidence – license plate ONLY
Requests for Information
04/ External requests for Information
By Public Authorities
Request for Information
• Requires criminal proceeding (not civil)
• Requires an associated court order
• Non paid transactions
• Travel information
• Photographic evidence – license plate ONLY
04/ External requests for Information
Request by legal enforcement Entities
Available information
05/ Next Steps
Next Steps and Challenges
Security Audits
New data protection rules
Perimeter reinforcement
Revise polices, procedures
and rules
Evaluate CERT Team