I T S E C U R I T Y AND C E R T CASE STUDY OLYMPIC GAMES

Transcription

1 I T S E C U R I T Y AND C E R T CASE STUDY OLYMPIC GAMES References : International Patent by Peter Stavroulakis PCT GR2006/000038<<Secure Communications using Chaotic and Interference reduction techniques Other Applicable Publications of Stavroulakis, P (1) Chaos Applications in Telecommunications, Taylor and Francis,2006 (2) Interference Analysis of Communication Systems, IEEE Press, 1980 (3)Iterference Analysis and Reduction for Wireless Systems, Artech House, (4) Guest Editor, Special Issue of International Journal of Satellite Communications and Networking, John Wiley, January-February (5) Wireless Local Loops, Theory and Application, New York, John Wiley, () Reliability, Survivability and Quality of Large Scale Telecom Systems. Case Study: Olympic Games. (7) TETRA- A Global Security Tool To be published by SPRINGER in March 2007 (8) Special Issue of CHINA COMMUNICATIONS JOURNAL on Communications and Information Security.

2 Modern Global Revolutions Industrial( ) Electronic (Transistor)( ) Information(1990- Hence the Lubricant (information) which drives the modern global machine must be protected.

3 WHAT IS SECURITY Security is the protection of information, systems and services against disasters, mistakes and manipulation so that the likelihood and impact of security incidents is minimized or eliminated. It is comprised of 1) Confidentiality 2) Integrity 3) Availability 4) Legal Compliance

4 SECURITY MECHANISMS Physical Security 1) Buildings 2) Data Transport 3) Backups 4) Laptops 5) Peripherals e.t.c Cryptography/Encryption (Key Management) Authentication 1) Passwords 2) Firewalls (Packed filters) mainly OSI model Access Control 1) Confidentiality 2) Integrity

5 DATABASE + TRANSACTION MONITORS Distributed Transaction Processing (DTP) open standard for Online Transaction Processing (OLTP) AP Application RM Resource Manager Front end of Database TM Transaction Manager

6 OPERATING SYSTEMS (OS) Trusted Computer System Evaluation Criteria (TCSEC) Information Technology Security Evaluation Criteria (ITSEC) Trust Technology Assessment Program(TTAP)

7 IT - Definition Information Technology is the use of hardware, software, services, and supporting infrastructure to manage and deliver information.

8 Types of Computer Networks Categorizing networks according to size: DAN / PAN (Desk or Personal Area Networks) LAN (Local Area Network) MAN (Metropolitan Area Network) WAN (Wide Area Network) Internet Categorizing computer networks according to transmission medium: Wired:L1: twisted pair, coaxial, fiber L2: IEEE 802.3,4,5, SLIP, PPP Wireless: L1 : Infrared, RF, Microwave L2: IEEE , bluetooth, mobile

9 The OSI model

10 Typical network devices Hub Switch Router A device that repeats or broadcasts the network stream of information to individual nodes A device that receives packets from its input link, and then sorts them and transmits them over the proper link that connects to the node addressed. A node that sends network packets in one of many possible directions to get them to their destination. Layer Network Components Application Presentation Session Transport Network Data Link Physical Gateway Gateway Gateway Gateway Router Bridge, Switch, intelligent Hub Hubs (active. passive)

11 Basic Security Services Identification Enables a node to identify the peer node with which it communicates Authentication Enables a node to ensure the identity of the peer node with which it communicates Authorization Controls permission to access certain information Confidentiality Ensures that certain information is not disclosed to unauthorized entities Integrity Guarantees that a message being transferred is never corrupted Availability Ensures the survivability of information system / network services Non-repudiation Ensures that the origin of an action cannot deny having conducted the action

12 Security Attacks in the OSI model max min min max

13 Dollar Amount of Losses by Type

14 CERT CERT: A team to provide response to computer security incidents on the Internet. 1988: First Computer Emergency Response Team (CERT/CC) 1990 s: AUSCERT and European national CERTs 1990: FIRST - Forum of Incident Response and Security Teams 1995: TF-CSIRT: Task Force for the collaboration of teams in Europe 2005: Hundreds of CERTs around the world

15 C E R T R E S E A R C H CONCENTRATES ON THE TECHNICAL BASIS FOR IDENTIFYING AND PREVENTING COMPROMISE OF SECURITY OF SYSTEMS/SERVICES VIA THE APPLICATIONS OF PRECISE ENGINEERING SOLUTION, IF POSSIBLE, AUTOMATED. Difficulties 1)Heterogeneous Networks combined to achieve end to end capabilities 2) No practical means of effective verification of software with respect to intended behavior 3)Security attributes can change 4)Increasingly sophisticated intrusion strategies of malicious codes 5) Legacy systems

16

17 S U R V I V A B I L I T Y SURVIVABILITY IS DEFINED AS THE CAPABILITY OF A SYSTEM TO FULFILL ITS PRIMARY MISSION, IN A TIMELY MANNER, IN THE PRESENCE OF ATTACKS, FAILURES AND ACCIDENTS

18 S U R V I V A B I L I T Y An effective substitute of classical security measures that require central control. Intended for unbounded network environments and covers robustness and continuity of operation after intrusion building on 1) Security 2) Fault Tolerance 3) Safety 4) Reliability 5) Reuse 6) Performance 7) Verification 8) Testing

19 Types of CERTs Internal CSIRTs provide incident handling services to their parent organization. Coordination centers coordinate and facilitate the handling of incidents across various CSIRTs. Analysis centers focus on synthesizing data from various sources to determine trends and patterns in incident activity. Vendor teams located in software or hardware companies and handle reports concerning vulnerabilities in their products. Incident response providers provide incident handling services as a product to other organizations. Handbook for Computer Security Incident Response Teams

20 Mission Mission Statement Services Quality Policies Operations and procedures

21 Service Attributes Handbook for Computer Security Incident Response Teams

22 Policies Policies define the governing principles that control the operation of the CERT. Basic Policies: Code of Conduct Information Categorization Policy Information Disclosure Policy Media Policy Security Policy Human Error Policy Policies control the services framework Policies should be: Endorsed by management Clear Concise Necessary and sufficient Usable Implementable Enforceable

23 Quality Assurance A Quality System should control the operation of the CERT. A Quality System indicatively includes: a number of sets of quality parameters per service, always in relation to the mission statement. Parameters measurement system Quality enforcement system Self-validation system Quality Reporting system Example parameters: Incident response time Confidentiality level Level of information provided Event life cycle

24 CERT in the Olympic Games Handbook for Computer Security Incident Response Teams

25 Incident Analysis Two general classes of incident analysis adopted for the Olympic Games: Intra-Incident Analysis Analysis of the issues concerning a specific incident. The most common types are as follows: analysis of any artifacts left by intruder activities (log files, exploits, viruses, Trojan horse programs, toolkits, etc.) analysis of the software environment in which the incident took place analysis of the web-of-trust within an incident Inter-Incident Analysis Analysis of issues concerning relationships across and between incidents, that is, the analysis of the texture of ongoing incidents. This analysis is aimed at finding symmetries between separate incidents that might indicate equivalent or related sources of intruder activity.

26 Security Technology - Biometrics Bios = life Biometric Metrikos = metric (measure) Automatic personal recognition based on the statistical measurement of physiological or behavioral characteristics Fingerprint Face Voice Iris Hand Signature Lips movement Speech Mouse dynamics Keystroke analysis Properties of Characteristics Universal Collectable Permanent Distinctive

27 Olympic Games Security System

28 Biometrics intelligent access control system Since most of the technologies have been tested in the past, focus was given on the biometric component for strong access control. Smart Card Card Biometric Reader Controller Secured channel Network Encrypted biometric template Gate Controller Secured channel Secured channel DB

29 D R A G O N PROPOSAL Design of Radio based Anti-terrorist Globally Optimal Network (D.R.A.G.O.N) CASE STUDY HONG KONG AND SHANGHAI HARBOR SECURITY SHANGHAI WORLD S FAIR 2010 Summary This system presents an innovative design for an anti-terrorist system for Harbor security in an environment of World Class events such as Olympic Games. It is designed to be applicable for the Harbors of Hong Kong and Shanghai for the Olympics of 2008 in Beijing. This system has been coded DRAGON for obvious reasons.

30 H A R B O R S E C U R I T Y D.R.A.G.O.N D R A G O N Satellite esign adiobased anti-terrorist lobally ptimal etwork DVB CDSS IOP CCTV Routing using chaotic encryption techniques 3D-Surveillance CBRNE GSM/UMTS Biometrics Telemedicine Chemical Biological Radiological Nuclear,Explosives

31 HONG KONG SHANGHAI HARBORS