PhD Proposal - FAU College of Engineering

advertisement
Unifying the Conceptual
levels of Network Security
through use of Patterns.
PhD Proposal
Ajoy Kumar
Secure Systems Research Group – Florida Atlantic University
Overview
Application
TLS
Firewall
IDS
VPN
IPSec
Secure Systems Research Group – Florida Atlantic University
Problem Statement
• In each of the layers such as the
application layer, transport layer, and the
IP layer, security is of utmost concern. At
each of these layers we discuss the
different security components such as
Firewall, IDS and VPNs and analyze
security criteria and identify the non
existing patterns and develop them.
Secure Systems Research Group – Florida Atlantic University
Network Architecture
Security Mechanisms
FireWall
IDS
VPN
Protocol
Application
XML FW
XML IDS
XML VPN
SAML
TCP
Proxy FW
TCP IDS
TLS/SSL
VPN
TLS
IP
Packet FW
Packet IDS
IPSec VPN
IPSec
A
U
T
H
E
N
T
I
C
A
T
I
O
N
Secure Systems Research Group – Florida Atlantic University
S
E
C
R
E
C
Y
A
U
T
H
O
R
I
Z
A
T
I
O
N
I
D
E
N
T
I
F
I
C
A
T
I
O
N
SAML
TLS
IPSec
Supports
XML VPN
Supports
Supports
TLS VPN
VPN
IP VPN
Secure Systems Research Group – Florida Atlantic University
Pattern Diagram for VPN
VPN
Realize
SAML
Realize
Realize
TLS VPN
TLS
IP VPN
XML VPN
IPSec
Authentication
Secure Channel
Secure Systems Research Group – Florida Atlantic University
• We can create similar diagrams for
Firewalls and IDS.
• Previous Work - Survey
Secure Systems Research Group – Florida Atlantic University
Class Diagram for a Packet
FW[Fe06]
ExternalHost
1 requestService *
PFFirewall
* requestService1
address
LocalHost
address
1
RuleBase
addRule
deleteRule
modifyRule
reorderRules
* {ordered}
Rule
in/out
ExplicitRule
DefaultRule
Secure Systems Research Group – Florida Atlantic University
Class Diagram for Proxy
FireWall[Fe03]
Secure Systems Research Group – Florida Atlantic University
Work Already Completed
• IDS Pattern (Signature Based)
• VPN Pattern (Abstract)
Secure Systems Research Group – Florida Atlantic University
Class Diagram for Signature
basedIDS.[Fer05]
Viking PLOP
Secure Systems Research Group – Florida Atlantic University
Class Diagram For VPN
Network
VPN
*
*
Network
End Point
1
1
*
Authenticator
Secure Channel
1
Identity Base
*
Identity
Secure Systems Research Group – Florida Atlantic University
Proposed Work
• Missing Patterns for the Functions and
Protocols
• Study of Combinations
– IDS + Firewalls
– Firewalls + VPN
Secure Systems Research Group – Florida Atlantic University
Expected Contributions
• Unification of Security Functions in the
Network Layer.
• Consider a Case study like a SCADA
system and see how these patterns apply
to a SCADA system.
• Development of Specific Patterns
Secure Systems Research Group – Florida Atlantic University
Case Study
• SCADA Architecture
• SCADA can be used as an example of a
distributed system where we apply these
patterns.
Secure Systems Research Group – Florida Atlantic University
SCADA
• Supervisory Control and Data Acquisition (SCADA)
systems consists of geographically scattered units (field
devices) controlled using centralized data acquisition
and control (control center) [Sto06]. They are usually
highly distributed systems. Field devices could be
controlling local operations such as valve operations,
collecting sensor data, and monitoring for disaster
conditions. The next figure shows the general
architecture of a SCADA system. Examples for SCADA
systems are electric power systems, oil and gas
pipelines, water utilities, and any system that requires
remote monitoring and control.
Secure Systems Research Group – Florida Atlantic University
General SCADA architecture
(from [Sto06]).
Secure Systems Research Group – Florida Atlantic University
• The common attacks threatening a
SCADA system are physical attacks to the
field (remote) units and network attacks to
the communication networks usually
through the internet. The primary security
concerns are availability and integrity.
Confidentiality and non-repudiation are
secondary concerns.
Secure Systems Research Group – Florida Atlantic University
• Example
– An important example of SCADA application
is electric power generation.
• Context
– A SCADA system such as electric power
generation system with a Distributed
Architecture and connected to the Internet.
Secure Systems Research Group – Florida Atlantic University
Forces
• Only Authorized personnel should be able to
access the system at the Remote units and the
Main control unit. .
• Messages sent from the supervisory control unit
to the Remote field units and back should be
confidential and data integrity should be
preserved.
• Messages should be sent only by authorized
personnel at the remote location and the main
location.
• Authorized personnel should be able to do their
respective duties based on Company defined
Policies.
Secure Systems Research Group – Florida Atlantic University
Forces (Contd…)
• Any message from unknown or spurious
remote locations should be discarded.
• We should be able to detect any intrusions
into the system and create alert logs.
• Field Units and Communication Lines
should be free from Physical Attacks.
• Service should be available 24 hrs 7 days
a week.
Secure Systems Research Group – Florida Atlantic University
Solution
• Authentication is done at the Remote and the Central
Controller unit to make sure that only Authorized
personnel have entry access to the system.
• We can create secure VPN channels at the Central
Controller and the Remote units so that we can send
confidential messages. This also makes sure that the
integrity of data is maintained.
• Intrusion Detection Systems are able to detect any
intrusions to the systems based on misuse based
detection or anomaly based detection.
• Firewalls prevent messages from unknown and
dangerous sites from reaching the system.
Secure Systems Research Group – Florida Atlantic University
Solution (Contd…)
• By providing Reference monitor or RBAC, we
can make sure that the authorized personnel
can perform their respective roles.
• By adding Physical Access control zones we can
prevent physical attacks caused by external
elements.
• All these security measures added make sure
that there is no Denial of Service (DOS).
• The use of these security models in SCADA
communication can significantly reduce the
vulnerability of these critical systems.
Secure Systems Research Group – Florida Atlantic University
Class Diagram (w/o Security
Components)
Central Controller
Comm. Network
*
Field Unit
Controller
1
*
Internet
User Interface
1
Zone
1
Secure Systems Research Group – Florida Atlantic University
Class Diagram for Secure SCADA
Secure Systems Research Group – Florida Atlantic University
Consequences
• Advantages
– Users are authenticated by the system. This
helps to maintain a good logging system also.
– The RBAC model helps authorization policies
to be implemented within the system based
on roles of the personnel.
– Secure channels use strong encryption which
helps confidentiality and data integrity.
– Firewall and IDS helps to make the system
more secure.
Secure Systems Research Group – Florida Atlantic University
Consequences(Contd…)
• Liabilities
– High overhead with VPN connection, firewall
and IDS.
– If the protocol used is not a secure protocol,
the risk increases. .
Secure Systems Research Group – Florida Atlantic University
• Known Uses
– Any Power Utility company such as FPL.
• Related Patterns
– VPN Patterns.
– Firewall Patterns
– IDS Patterns
Secure Systems Research Group – Florida Atlantic University
References
•
•
•
•
•
•
•
•
•
•
[Bar04] K. Barnes, B. Johnson and R Nickelson. “Review of Supervisory Control and
Data Acquisition (SCADA) Systems. “ Idaho National Engineering and Environmental
Laboratory, Bechtel BWXT, Idaho.
http://www.inl.gov/technicalpublications/Documents/3310858.pdf
[Cla04] Practical Modern SCADA Protocols: DNP3, 60870.5 and Related Systems
GR Clarke, D Reynders - 2004 - books.google.com
[Fer07] Eduardo B. Fernandez. Class Notes COT5930 – Fall 2007, Florida Atlantic
University.
[Fer05] Eduardo B. Fernandez, Jose Ballesteros, Ana C. Desouza-Doucet, and Maria
M.
Larrondo-Petrie. “Security Patterns for Physical Access Control Systems.” Class
Notes COT5930 – Fall 2007, Florida Atlantic University.
[Jeo07] Jeon Il Moon, Jung Sub Kim, Jong Bae Kim, Kye Young Lim and Byoung
Wook Choi, “A hardware implementation of distributed network protocol.” Computer
Standards & Interfaces, Volume 27, Issue 3, Pages 221-232
[Pat07] S C Patel and Y Yu, “Analysis of SCADA security Models.” International
Management Review. Vol.3 No.2., 2007 Pages 68 – 76.
[Sto06] K. Stouffer, J. Falco, and K. Kent, “Guide to supervisory control and data
acquisition (SCADA) and industrial control systems security”, Spec. Pub. 800-82,
National Institute of Standards and Technology (NIST),
http://csrc.nist.gov/publications/drafts/800-82/Draft-SP800-82.pdf
Secure Systems Research Group – Florida Atlantic University
•
•
•
•
•
Suggestions
Additions
Concerns
Modifications
Improvement
Secure Systems Research Group – Florida Atlantic University
Download