Unifying the Conceptual levels of Network Security through use of Patterns. PhD Proposal Ajoy Kumar...

Unifying the Conceptual levels of Network Security

through use of Patterns.

PhD Proposal

Ajoy Kumar

Secure Systems Research Group – Florida Atlantic University

Overview

Firewall IDS VPN

Application

TLS

IPSec


Problem Statement

• In each of the layers such as the application layer, transport layer, and the IP layer, security is of utmost concern. At each of these layers we discuss the different security components such as Firewall, IDS and VPNs and analyze security criteria and identify the non existing patterns and develop them.


Network Architecture

FireWall IDS VPN Protocol

Application XML FW XML IDS XML VPN SAML

TCP Proxy FW TCP IDS TLS/SSL VPN

TLS

IP Packet FW Packet IDS IPSec VPN IPSec

AUTHENTICATION

SECRECY

AUTHORIZATION

IDENTIFICATION

Security Mechanisms


VPN

XML VPN

TLS VPN

IP VPN

SAML

TLS

IPSec

Supports

Supports

Supports


Pattern Diagram for VPN

VPN

TLS VPN IP VPN XML VPN

Authentication Secure Channel

TLS IPSec


SAMLRealize

RealizeRealize

• We can create similar diagrams for Firewalls and IDS.

• Previous Work - Survey


Class Diagram for a Packet FW[Fe06]

address addressPFFirewall

ExplicitRule DefaultRule

ExternalHost LocalHost

Rule

in/out

{ordered}*

1

1 1**requestService requestService

RuleBase

addRuledeleteRulemodifyRulereorderRules


Class Diagram for Proxy FireWall[Fe03]


Work Already Completed

• IDS Pattern (Signature Based)

• VPN Pattern (Abstract)


Class Diagram for Signature basedIDS.[Fer05]

Viking PLOP


Network

Network End Point

VPN

Authenticator Secure Channel

Identity Base

Identity

*

**

1 1

1

Class Diagram For VPN

*


Proposed Work

• Missing Patterns for the Functions and Protocols

• Study of Combinations– IDS + Firewalls– Firewalls + VPN


Expected Contributions

• Unification of Security Functions in the Network Layer.

• Consider a Case study like a SCADA system and see how these patterns apply to a SCADA system.

• Development of Specific Patterns


Case Study

• SCADA Architecture

• SCADA can be used as an example of a distributed system where we apply these patterns.


SCADA

• Supervisory Control and Data Acquisition (SCADA) systems consists of geographically scattered units (field devices) controlled using centralized data acquisition and control (control center) [Sto06]. They are usually highly distributed systems. Field devices could be controlling local operations such as valve operations, collecting sensor data, and monitoring for disaster conditions. The next figure shows the general architecture of a SCADA system. Examples for SCADA systems are electric power systems, oil and gas pipelines, water utilities, and any system that requires remote monitoring and control.


General SCADA architecture (from [Sto06]).


• The common attacks threatening a SCADA system are physical attacks to the field (remote) units and network attacks to the communication networks usually through the internet. The primary security concerns are availability and integrity. Confidentiality and non-repudiation are secondary concerns.


• Example– An important example of SCADA application

is electric power generation.

• Context– A SCADA system such as electric power

generation system with a Distributed Architecture and connected to the Internet.


Forces• Only Authorized personnel should be able to

access the system at the Remote units and the Main control unit. .

• Messages sent from the supervisory control unit to the Remote field units and back should be confidential and data integrity should be preserved.

• Messages should be sent only by authorized personnel at the remote location and the main location.

• Authorized personnel should be able to do their respective duties based on Company defined Policies. Secure Systems Research Group – Florida Atlantic University

Forces (Contd…)

• Any message from unknown or spurious remote locations should be discarded.

• We should be able to detect any intrusions into the system and create alert logs.

• Field Units and Communication Lines should be free from Physical Attacks.

• Service should be available 24 hrs 7 days a week.


Solution

• Authentication is done at the Remote and the Central Controller unit to make sure that only Authorized personnel have entry access to the system.

• We can create secure VPN channels at the Central Controller and the Remote units so that we can send confidential messages. This also makes sure that the integrity of data is maintained.

• Intrusion Detection Systems are able to detect any intrusions to the systems based on misuse based detection or anomaly based detection.

• Firewalls prevent messages from unknown and dangerous sites from reaching the system.


Solution (Contd…)

• By providing Reference monitor or RBAC, we can make sure that the authorized personnel can perform their respective roles.

• By adding Physical Access control zones we can prevent physical attacks caused by external elements.

• All these security measures added make sure that there is no Denial of Service (DOS).

• The use of these security models in SCADA communication can significantly reduce the vulnerability of these critical systems.


Class Diagram (w/o Security Components)

Central Controller

User Interface

Field Unit Controller

Comm. Network

Internet

Zone

*

1*

1

1


Class Diagram for Secure SCADA


Consequences

• Advantages– Users are authenticated by the system. This

helps to maintain a good logging system also. – The RBAC model helps authorization policies

to be implemented within the system based on roles of the personnel.

– Secure channels use strong encryption which helps confidentiality and data integrity.

– Firewall and IDS helps to make the system more secure.


Consequences(Contd…)

• Liabilities– High overhead with VPN connection, firewall

and IDS.

– If the protocol used is not a secure protocol, the risk increases. .


• Known Uses– Any Power Utility company such as FPL.

• Related Patterns– VPN Patterns. – Firewall Patterns– IDS Patterns


References• [Bar04] K. Barnes, B. Johnson and R Nickelson. “Review of Supervisory Control and

Data Acquisition (SCADA) Systems. “ Idaho National Engineering and Environmental Laboratory, Bechtel BWXT, Idaho.

• http://www.inl.gov/technicalpublications/Documents/3310858.pdf• [Cla04] Practical Modern SCADA Protocols: DNP3, 60870.5 and Related Systems

GR Clarke, D Reynders - 2004 - books.google.com• [Fer07] Eduardo B. Fernandez. Class Notes COT5930 – Fall 2007, Florida Atlantic

University.• [Fer05] Eduardo B. Fernandez, Jose Ballesteros, Ana C. Desouza-Doucet, and Maria

M.• Larrondo-Petrie. “Security Patterns for Physical Access Control Systems.” Class

Notes COT5930 – Fall 2007, Florida Atlantic University. • [Jeo07] Jeon Il Moon, Jung Sub Kim, Jong Bae Kim, Kye Young Lim and Byoung

Wook Choi, “A hardware implementation of distributed network protocol.” Computer Standards & Interfaces, Volume 27, Issue 3, Pages 221-232

• [Pat07] S C Patel and Y Yu, “Analysis of SCADA security Models.” International Management Review. Vol.3 No.2., 2007 Pages 68 – 76.

• [Sto06] K. Stouffer, J. Falco, and K. Kent, “Guide to supervisory control and data acquisition (SCADA) and industrial control systems security”, Spec. Pub. 800-82, National Institute of Standards and Technology (NIST),

• http://csrc.nist.gov/publications/drafts/800-82/Draft-SP800-82.pdf


http://books.google.com/books?hl=en&lr=&id=l99Gj7hcCkkC&oi=fnd&pg=PR9&dq=Advantages+DNP3&ots=A0WOfqQlev&sig=fN19zl95SPHSCy6CUygX8qlQTE8



• Suggestions

• Additions

• Concerns

• Modifications

• Improvement


Unifying the Conceptual levels of Network Security through use of Patterns. PhD Proposal Ajoy Kumar...

Documents

Transcript of Unifying the Conceptual levels of Network Security through use of Patterns. PhD Proposal Ajoy Kumar...