Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

FRAMEWORK for NATIONAL NETWORK & CYBER SECURITY

advertisement 
FRAMEWORK
for
NATIONAL NETWORK &
CYBER SECURITY
23 September 2009
1
Ram Narain
DDG (Security), DOT
Email: ramnarain@hotmail.com
06-02-200906.02.2009
23.09.2009
7 Tier Approach to Network & Cyber Security
5 levels of Security
4 Facets of Security
Issues in Facets
Actions on Issues
Scaling & Measuring
Recovery Mechanism
Learning/Feedback
2
Tier 1
Tier 2
Tier 3
Tier 4
Tier 5
Tier 6
Tier 7
23.09.2009
DDG (Security), DOT
Five Levels of Security
International Level
National Level
Enterprise Level
Local Network Level
Device Level
3
23.09.2009
DDG (Security), DOT
4 Facets of Security
Cyber Security
Communication
Assistance for Security
Information Security
Telecom Network
Security
4
23.09.2009
DDG (Security), DOT
Overlapping in Facets of Security
Information
Security
Network Security
Cyber Security
Communication
Assistance for
Security
Security Issues Matrix
Information Security
z
z
z
z
z
z
Standardization
Confidentiality
Integrity
Availability
Non-repudiation
Access Control
and
Authentication
Cyber Security
z
z
z
z
z
z
z
z
6
De capacitating
(DoS, DDoS)
Website
Compromise
Network Scanning
Probing
Phishing
Span
Virus
Steeling of info
(Trojan etc.)
23.09.2009
Telecom Network
Security
z
z
z
z
z
Communication
Monitoring
Data Access -RA
Network Decapacitating
Maintenance
capability
Trapdoors,
Trojans etc
Communication
Assistance for
Security
z
z
z
z
z
z
Interception
Monitoring
Analysis
Speech
Recognition
Social
Network
analysis
Trace ability
of users
DDG (Security), DOT
Action Table for Information Security
Issues
Standardization
Action
z
z
z
z
z
Confidential
z
z
z
Integrity
z
z
z
z
Availability
z
z
z
Access Control and
Authentication
7
z
z
Standard Formulation
Awareness of Standard
Use of standards
Enactment of Regulations
Organization & Structure
Security of Media
Encryption policy
Protocol Standardization
Digital Signature
Distortionless Communication
Intrusion detection
Addressing
Reliability of Media
Media capacity
Protection
Physical Access
Password Management
23.09.2009
DDG (Security), DOT
Action Table for Cyber Security
Issues
z
z
z
z
z
z
z
z
Action
Decapacitating (DoS,
DDoS, Botnets)
Website Hacking
Network Scanning
Probing
Phishing
Spams
Virus
Steeling of info (Trojan
etc.)
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
8
Installing Honeypots
Intrusion Detections System (IDS)
Firewall
Antivirus
Hardening of Operating System
software
Port Management
Use of Proxy servers
Use of Safe Software
Vulnerability Scan
Identity Tracing
National Regulations
International Co-operation
Monitoring & Tracking
Organization and Structure
Incident Reporting System
Addressing BGP, DNS vulnerabilities
23.09.2009
DDG (Security), DOT
Action Table for Network Security
Issues
z
z
z
z
z
Action
Communication Monitoring
Data Access -RA
Network De-capacitating
Maintenance capability
Trapdoors, Trojans etc
z
z
z
z
z
z
z
z
z
z
z
9
23.09.2009
Equipment Testing
Equipment Purchase Procedure &
Conditions
RA Access Precautions
Installing Sensors
Maintenance Skills Development
Enacting Laws
Solution implementation
Algorithm designs
Regulation Operations
Involvement of SPs
Organization & Structure
DDG (Security), DOT
Action Table for Communication Assistance
for Security
Issues
z
z
z
z
Action
Interception & Monitoring
Speech Recognition
Analysis
Trace ability of users
z
z
z
z
z
z
z
z
z
z
10
23.09.2009
Legal framework
Technical capability
Structure
Availability of Tools & Technology
Development of Analytical Tools
Users Verification Process
CLI Restriction
Identity Management
Encryption Policy
Decryption Capability
DDG (Security), DOT
Scaling & Measuring
• What can’t be quantified, can’t be measured
• What can’t be measured, can’t be monitored
• What can’t be monitored, can’t be controlled
& improved
11
23.09.2009
DDG (Security), DOT
Scaling & Measuring – Information Security
Issues
Standardization
z
z
z
z
z
Confidential
z
z
z
Integrity
z
z
z
z
Availability
z
z
z
Access Control
and Authentication
z
z
Action
Scale
Score
Standard Formulation
Awareness Standard
Use of standard equipment
Enactment of Regulations
Organization & Structure
4
4
4
4
4
3
3
2
2
1
Security of Media
Encryption policy
Protocol Standardization
5
8
7
4
6
4
Digital Signature
Distortion less
Communication
Intrusion detection
Addressing
4
4
3
2
6
6
4
3
Reliability of Media
Media capacity
Protection of data
7
7
6
5
4
3
Physical Access
Password management
8
12
6
7
Total
12
23.09.2009
100
62
DDG (Security), DOT
Scaling & Measuring – Cyber Security
Action
13
Issues
z
Installing Honeypots
z
Intrusion Detections System
(IDS)
z
z
z
Firewall
z
Antivirus
z
z
Hardening of Operating System
software
z
z
z
Port Management
z
Proxy servers
z
z
Use of Safe Software
z
z
National Regulations
z
International Co-operation
z
Monitoring & Trading
z
Organization and Structure
z
23.09.2009
Decapacitating
(DOS, DOSS,
Botnets)
Website
Compromise
Network
Scanning
Probing
Phishing
Spams
Virus
Steeling of info
(Trojan etc.)
Total
Scale
Score
20
8
10
5
15
6
10
10
10
10
15
5
4
7
8
5
100
48
DDG (Security), DOT
Scaling & Measuring – Network Security
Action
z
z
z
z
z
z
z
z
z
z
z
14
Equipment Testing
Equipment Purchase
Procedure & Conditions
RA Access Precautions
Installing Sensors
Maintenance Skills
Development
Enacting Laws
Solution implementation
Algorithm designs
Blocking of sites
International Regulation
& Co-Operations
Organization & Structure
Issues
z
z
z
z
z
Scale
Communication
Monitoring
Data Access -RA
Network De-capacitating
Maintenance capability
Trapdoors, Trojans etc
Total
23.09.2009
Score
20
10
20
40
20
20
12
15
5
12
100
54
DDG (Security), DOT
Scaling & Measuring – CAFS
Action
z
z
z
z
z
z
z
z
15
Legal framework
Technical capability
Structure
Availability of Tools &
Technology
Development
of
Analytical Tools
Subscriber Verification
CLI Restriction
Identity Management
Issues
z
z
z
z
Interception & Monitoring
Speech Recognition
Analysis
Trace ability of users
Total
23.09.2009
Scale
Score
30
20
25
25
20
4
12
20
100
56
DDG (Security), DOT
Grading
Score
Grade
>80
70-80
60-70
50-60
<50
Excellent
Very Good
Good
Average
Poor
Composite Score
&
Grade
z
z
z
Composite Maximum Score: Total Max Score/4
=400/4= 100
Total Score: 220/4= 54
Grade: Average
Recovery Mechanism
• Don’t loose heart
• Activate Command & Control System
• Determine the Level of Problem
• Assess Damage
• Check for any Skill Gap
• Equipment and tool Availability and their working
Condition
• Network Awareness
• Documentation of Network – A short pencil is better than
long memory
• Accessibility of Documentation
18
23.09.2009
DDG (Security), DOT
Feedback/Learning
• From every Success and Failure there
are lessons
• Failure is not when you fall; failure is
when you don’t get up
• Feedback is the food of Champions
19
23.09.2009
DDG (Security), DOT
National Security Environment
Capability
Structure
Laws and
Regulation
Security Environment
20
23.09.2009
DDG (Security), DOT
Enhancing Security Environment
Capability
High Level
Laws and
Regulation
Structure
al
n
n
tio tio
a
rn era
e
t
p
In o-o
C
Capability
Low Level
Laws &
Regulation
21
Structure
23.09.2009
DDG (Security), DOT
Cyber Security
S – Structure
E – Experience
C – Capability
U – Undertaking
R – Regulation
I - International
T – Technology
Y - Youth
Cyber City
Cyber Security
THANKS
24
06-02-200906.02.2009
23.09.2009
DDG (Security), DOT
Related documents
Understanding the period Do a Google image search on such terms
Understanding the period Do a Google image search on such terms
Salem-Witchcraft-Dot-Game
Salem-Witchcraft-Dot-Game
Download
advertisement