Unifying the Conceptual levels of Network Security through use of Patterns. PhD Proposal Ajoy Kumar Secure Systems Research Group – Florida Atlantic University Overview Application TLS Firewall IDS VPN IPSec Secure Systems Research Group – Florida Atlantic University Problem Statement • In each of the layers such as the application layer, transport layer, and the IP layer, security is of utmost concern. At each of these layers we discuss the different security components such as Firewall, IDS and VPNs and analyze security criteria and identify the non existing patterns and develop them. Secure Systems Research Group – Florida Atlantic University Network Architecture Security Mechanisms FireWall IDS VPN Protocol Application XML FW XML IDS XML VPN SAML TCP Proxy FW TCP IDS TLS/SSL VPN TLS IP Packet FW Packet IDS IPSec VPN IPSec A U T H E N T I C A T I O N Secure Systems Research Group – Florida Atlantic University S E C R E C Y A U T H O R I Z A T I O N I D E N T I F I C A T I O N SAML TLS IPSec Supports XML VPN Supports Supports TLS VPN VPN IP VPN Secure Systems Research Group – Florida Atlantic University Pattern Diagram for VPN VPN Realize SAML Realize Realize TLS VPN TLS IP VPN XML VPN IPSec Authentication Secure Channel Secure Systems Research Group – Florida Atlantic University • We can create similar diagrams for Firewalls and IDS. • Previous Work - Survey Secure Systems Research Group – Florida Atlantic University Class Diagram for a Packet FW[Fe06] ExternalHost 1 requestService * PFFirewall * requestService1 address LocalHost address 1 RuleBase addRule deleteRule modifyRule reorderRules * {ordered} Rule in/out ExplicitRule DefaultRule Secure Systems Research Group – Florida Atlantic University Class Diagram for Proxy FireWall[Fe03] Secure Systems Research Group – Florida Atlantic University Work Already Completed • IDS Pattern (Signature Based) • VPN Pattern (Abstract) Secure Systems Research Group – Florida Atlantic University Class Diagram for Signature basedIDS.[Fer05] Viking PLOP Secure Systems Research Group – Florida Atlantic University Class Diagram For VPN Network VPN * * Network End Point 1 1 * Authenticator Secure Channel 1 Identity Base * Identity Secure Systems Research Group – Florida Atlantic University Proposed Work • Missing Patterns for the Functions and Protocols • Study of Combinations – IDS + Firewalls – Firewalls + VPN Secure Systems Research Group – Florida Atlantic University Expected Contributions • Unification of Security Functions in the Network Layer. • Consider a Case study like a SCADA system and see how these patterns apply to a SCADA system. • Development of Specific Patterns Secure Systems Research Group – Florida Atlantic University Case Study • SCADA Architecture • SCADA can be used as an example of a distributed system where we apply these patterns. Secure Systems Research Group – Florida Atlantic University SCADA • Supervisory Control and Data Acquisition (SCADA) systems consists of geographically scattered units (field devices) controlled using centralized data acquisition and control (control center) [Sto06]. They are usually highly distributed systems. Field devices could be controlling local operations such as valve operations, collecting sensor data, and monitoring for disaster conditions. The next figure shows the general architecture of a SCADA system. Examples for SCADA systems are electric power systems, oil and gas pipelines, water utilities, and any system that requires remote monitoring and control. Secure Systems Research Group – Florida Atlantic University General SCADA architecture (from [Sto06]). Secure Systems Research Group – Florida Atlantic University • The common attacks threatening a SCADA system are physical attacks to the field (remote) units and network attacks to the communication networks usually through the internet. The primary security concerns are availability and integrity. Confidentiality and non-repudiation are secondary concerns. Secure Systems Research Group – Florida Atlantic University • Example – An important example of SCADA application is electric power generation. • Context – A SCADA system such as electric power generation system with a Distributed Architecture and connected to the Internet. Secure Systems Research Group – Florida Atlantic University Forces • Only Authorized personnel should be able to access the system at the Remote units and the Main control unit. . • Messages sent from the supervisory control unit to the Remote field units and back should be confidential and data integrity should be preserved. • Messages should be sent only by authorized personnel at the remote location and the main location. • Authorized personnel should be able to do their respective duties based on Company defined Policies. Secure Systems Research Group – Florida Atlantic University Forces (Contd…) • Any message from unknown or spurious remote locations should be discarded. • We should be able to detect any intrusions into the system and create alert logs. • Field Units and Communication Lines should be free from Physical Attacks. • Service should be available 24 hrs 7 days a week. Secure Systems Research Group – Florida Atlantic University Solution • Authentication is done at the Remote and the Central Controller unit to make sure that only Authorized personnel have entry access to the system. • We can create secure VPN channels at the Central Controller and the Remote units so that we can send confidential messages. This also makes sure that the integrity of data is maintained. • Intrusion Detection Systems are able to detect any intrusions to the systems based on misuse based detection or anomaly based detection. • Firewalls prevent messages from unknown and dangerous sites from reaching the system. Secure Systems Research Group – Florida Atlantic University Solution (Contd…) • By providing Reference monitor or RBAC, we can make sure that the authorized personnel can perform their respective roles. • By adding Physical Access control zones we can prevent physical attacks caused by external elements. • All these security measures added make sure that there is no Denial of Service (DOS). • The use of these security models in SCADA communication can significantly reduce the vulnerability of these critical systems. Secure Systems Research Group – Florida Atlantic University Class Diagram (w/o Security Components) Central Controller Comm. Network * Field Unit Controller 1 * Internet User Interface 1 Zone 1 Secure Systems Research Group – Florida Atlantic University Class Diagram for Secure SCADA Secure Systems Research Group – Florida Atlantic University Consequences • Advantages – Users are authenticated by the system. This helps to maintain a good logging system also. – The RBAC model helps authorization policies to be implemented within the system based on roles of the personnel. – Secure channels use strong encryption which helps confidentiality and data integrity. – Firewall and IDS helps to make the system more secure. Secure Systems Research Group – Florida Atlantic University Consequences(Contd…) • Liabilities – High overhead with VPN connection, firewall and IDS. – If the protocol used is not a secure protocol, the risk increases. . Secure Systems Research Group – Florida Atlantic University • Known Uses – Any Power Utility company such as FPL. • Related Patterns – VPN Patterns. – Firewall Patterns – IDS Patterns Secure Systems Research Group – Florida Atlantic University References • • • • • • • • • • [Bar04] K. Barnes, B. Johnson and R Nickelson. “Review of Supervisory Control and Data Acquisition (SCADA) Systems. “ Idaho National Engineering and Environmental Laboratory, Bechtel BWXT, Idaho. http://www.inl.gov/technicalpublications/Documents/3310858.pdf [Cla04] Practical Modern SCADA Protocols: DNP3, 60870.5 and Related Systems GR Clarke, D Reynders - 2004 - books.google.com [Fer07] Eduardo B. Fernandez. Class Notes COT5930 – Fall 2007, Florida Atlantic University. [Fer05] Eduardo B. Fernandez, Jose Ballesteros, Ana C. Desouza-Doucet, and Maria M. Larrondo-Petrie. “Security Patterns for Physical Access Control Systems.” Class Notes COT5930 – Fall 2007, Florida Atlantic University. [Jeo07] Jeon Il Moon, Jung Sub Kim, Jong Bae Kim, Kye Young Lim and Byoung Wook Choi, “A hardware implementation of distributed network protocol.” Computer Standards & Interfaces, Volume 27, Issue 3, Pages 221-232 [Pat07] S C Patel and Y Yu, “Analysis of SCADA security Models.” International Management Review. Vol.3 No.2., 2007 Pages 68 – 76. [Sto06] K. Stouffer, J. Falco, and K. Kent, “Guide to supervisory control and data acquisition (SCADA) and industrial control systems security”, Spec. Pub. 800-82, National Institute of Standards and Technology (NIST), http://csrc.nist.gov/publications/drafts/800-82/Draft-SP800-82.pdf Secure Systems Research Group – Florida Atlantic University • • • • • Suggestions Additions Concerns Modifications Improvement Secure Systems Research Group – Florida Atlantic University