Simon Foley

Academic Perspective

Some Security Activities at University College Cork

Simon FoleyDepartment of Computer Science,University College Cork, Irelandwww.cs.ucc.ie/~s.foley

Overview of Computer Security Activities

User CenteredSecurity

Business CenteredSecurity

Federated Security

2 / 15

Advance foundational results in security by

considering the application of security in practice.

Research

➣ Security policy models and mechanisms

➣ Federated and distributed systems security

➣ Security risk management and governance

Teaching

➣ Computer security (undergraduate)

➣ Network security & Mobile systems security (postgraduate)

➣ Final year BSc and taught MSc projects in Security.

User Centered Security



Federated Security

3 / 15

Security Policy Requirements Elicitation



Federated Security

4 / 15

Policy elicitation often driven by technical concerns.

➣ Technical policies designed by technical people.

➣ Based on the system artifacts with which users interact:groups, roles, transactions, etc.

Should consider needs of individuals and their relationships.

➣ Balance individuals’ requirements [eg, Multilateral Security].

➣ Include human issues.

How can we address this?

Trust Management Policy Elicitation



Federated Security

6 / 15

Use qualitative analysis methods from social sciences to elicit trustmanagement policy for photograph sharing.

➣ Explore user-experience through semi-structured interviews.

➣ Qualitative analysis elicits policy requirements.

➣ Model the result in a Bayesian Network.

User requirements more complexthan basic access controls.

[S.N. Foley, V.M. Rooney. Qualitative Analysis for Trust Management. International Security Protocols Workshop,Cambridge, 2009. Springer LNCS.]

Business Centered Security



Federated Security

7 / 15

Managing Security



Federated Security

8 / 15

Siloed security driven by technical concerns.

➣ Technical mechanisms designed by technical people.

➣ Based on the system artifacts: groups, roles, transactions, etc.

Should align security with business strategy.

➣ Secure critical business processes, not just technologies

➣ Security threats are inevitable, need to manage the risk.

Security Risk Management



Federated Security

10 / 15

Use Enterprise Risk Management (ERM) to manage (operational)risks related to security:

➣ security mechanisms as controls that mitigate known risks inmeeting objectives of business process,

➣ tests that audit efficacy of risk mitigation.

Security as an ongoing process:

➣ measure, prioritize, mitigate,

➣ security risk metrics and aggregation.

[S.N. Foley. Security Risk Management using Internal Controls, Proceedings of ACM Workshop on InformationSecurity Governance (held at ACM-CCS), 2009;S.N. Foley, H.B. Moss. A Risk-Metric Framework for Enterprise Risk Management, IBM Journal of Research andDevelopment, to appear 2010.]

Risk Management of Network Access Controls



Federated Security

11 / 15

Security controls should be compliant with best practice.

➣ 1.2.1.a Verify that inbound and outbound traffic is limited to

that which is necessary for the cardholder data. [PCI-DSS]

Semantic configuration models facilitate automated reasoning:

➣ Analysis of n-tier network for shadowing, redundancy, etc.

➣ Encode catalogues of best practice [PCI-DSS, NIST-800-41,NIST-800-44, RFC-3330, RFC-1918].

➣ Autonomic configuration based on catalogue search.

[W.M. Fitzgerald, S.N. Foley, M O’Foghlu. Network Access Control Interoperation using Semantic Web Techniques, InProceedings of 6th International Workshop on Security in Information Systems, (WOSIS 2008), June 2008;S.N. Foley and W.M. Fitzgerald. An Approach to Autonomic Security Policy Configuration using Semantic Threat

Graphs. IFIP WG 11.3 Working Conference on Data and Applications Security 2009. Springer LNCS 5645.]

Federated Security



Federated Security

12 / 15

Security Policy



Federated Security

13 / 15

Centralized policy, closed system.

➣ Centralized authority, controlled by administrator.

➣ Principle of no privilege.

➣ Opportunity to subvert administrator usually small.

Decentralized policy, open system.

➣ Decentralized authority across multiple stakeholders.

➣ Principle of flexible privilege

➣ Opportunity to subvert stakeholder intentions?

Secure Coalitions



Federated Security

15 / 15

Federation as coalition of principals/federations.

➣ coalition policy govern actions,

➣ coalition formation governed by participants,

➣ policy decentralized/distributed across PKI,

➣ principal of governed flexible privilege.

In the absence of a centralized authority,the actions of a malicious principal/coalitionshould not be able to circumvent policy.

[ S.N. Foley and H. Zhou, Authorisation Subterfuge by Delegation in Decentralised Networks In Proceedings ofInternational Security Protocols Workshop, Cambridge UK 2005. Springer Verlag LNCS;H. Zhou and S.N. Foley, A Framework for Establishing Decentralized Secure Coalitions. IEEE Computer SecurityFoundations, 2006.]

Simon Foley

Technology

Transcript of Simon Foley