Transcript Document

The Need For
Trust in Communications Networks
Carlos Solari
Bell Labs, Security Solutions
May 2007
Topics
We Are Not Winning the Security Challenge
Convergence – All Media IP – Will Bring New Challenges
Rethink the Approach: Design - Build Trusted Communications Networks
An Opportunity: Design In Now or Retrofit Later
2 | Engineering Society | May 2006
All Rights Reserved © Alcatel-Lucent 2006, #####
Lots of Data Telling Us…The Current Approach is Not Working:
DDOS on
the Rise
Faster,
Stealthier Mths
Exploits Wks
Avg. exploit in 2005 5.8
days.
Dys
2003
2004
2005
SPAM: 8
in 10
emails
Sources: CERT/CC, Symantec, NVD, OSVD
3 | Engineering Society | May 2006
All Rights Reserved © Alcatel-Lucent 2006, #####
The Challenge: Difficult, Multi-Dimensional, and In Flux
Blacklist
Defenses
Ineffective
Reacting to infinite possible
sources Ex: polymorphism
Point Prod’s Security un-manageable and
Point Roles no single situation awareness
Increasing
Network
Complexity
Increased vulnerability
Ex: firewall VOIP sessions
Weak Links
Prevalent
Exploitation Threat occur faster than we
Window
can detect and respond
Zero-Day
before it impacts business
Lack of
Universal
Standard
Data
Leakage
More personal data is online
– uncertain protection
Data
Control &
Integrity
Data
Flooding
SPAM – SPIT – SPASMS tough
to separate wanted info
Inconsistent security applied
to network components –
un-trusted pieces make…
That addresses security in a
comprehensive way – so very
difficult to integrate security
Data exchange requires
better security controls
Sophisticated From phishing and spyware
Cyber Crime to DDOS and Network
Penetration Attacks
4 | Engineering Society | May 2006
All Rights Reserved © Alcatel-Lucent 2006, #####
Convergence – Many Benefits, Many Risks
Intersection of threats…beyond the reach of the law…
• Consume RF b/w
• Deperimiterization
• Battery drain
• Data theft
• Identity theft
• Scams
• “SPIT”
• Compromised system
• Scams
integrity
• Content theft
• Compromised privacy
• Scams
5 | Engineering Society | May 2006
All Rights Reserved © Alcatel-Lucent 2006, #####
We Have a Window of Opportunity
Design Trusted Communications Networks
Now
6 | Engineering Society | May 2006
All Rights Reserved © Alcatel-Lucent 2006, #####
It Will Take A Multi-Disciplined Approach
System
Hardening
(Standards)
Integrated
Security
Eco-System
Network
Defenses
&
Imbed
Integrity
Attestation
7 | Engineering Society | May 2006
Data
Design
Security
End-to-End
All Rights Reserved © Alcatel-Lucent 2006, #####
Design-Build Secure Systems & Services
ISO 2700X and X.805/ISO 18028
System
Hardening
(Standards)
 Standards-based approach
 Security as a systematic, rigorous process
 Applied to all network elements - system
 In the Product Development Lifecycle
ISO 2700X Provides the “what”
X.805 & ISO 18028-2
…provides the “how” details
8 | Engineering Society | May 2006
All Rights Reserved © Alcatel-Lucent 2006, #####
Trust Can Be Required…
“My company can only do business
with ISO 2700X certified
businesses…”
“Are you certified?”
9 | Engineering Society | May 2006
All Rights Reserved © Alcatel-Lucent 2006, #####
System Hardening – Standards Based
Bell labs Security Framework – Instantiated in ITU/T X.805, ISO 18028
Infrastructure
Planes
Applications
End User
MODULE 1
MODULE 4
MODULE 7
Control /
Signaling
MODULE 2
MODULE 5
MODULE 8
Management
MODULE 3
MODULE 6
MODULE 9
Access Control
Authentication
10 | Engineering Society | May 2006
Services
Non-Repudiation
Comms Security
Availability
Data
Confidentiality
Data Integrity
Privacy
All Rights Reserved © Alcatel-Lucent 2006, #####
The X.805 Security Standard
The X.805 Security Standard
Layers
ISO/IEC 27001 enhanced by ITU-T X.805 / ISO 18028-2
ISO/IEC 27001:2005 Controls
Specify acceptable use policy
for equipment.
Sub-controls: Access control,
Authentication, Non-repudiation
Security Policy
Access Control
Organizing
Information
Security
Information
Systems
Acquisition,
Development &
Maintenance
Restrict access to
privileged information /
applications to ensure
service continuity.
Sub-Controls: Authentication,
Access Control, Nonrepudiation
Asset Mgmt
Harden network element
or system before
deployment.
Sub-Controls: Access
control, Availability
Human Resources
Security
Physical &
Environment
Security
Communications &
Ops Mgmt
11 | Engineering Society | May 2006
Information Security
Incident
Management
Business Continuity
Management
Compliance
All Rights Reserved © Alcatel-Lucent 2006, #####
Maintain security of
stored information.
Sub-Controls: Access
control, Confidentiality,
Integrity, Availability, Nonrepudiation
ISO/IEC 27001 Controls and X.805 Applied to the Real-World
Bell Labs Security Framework Dimensions
Provide ISO/IEC 27001 Control A.10.9.2
ISMS Implementation and Operation Details
Enterprise Data Center
Help Desk
Module 6: Management Plane of
Services Layer
Desktop and Laptop Support
Communications Security Use VPNs
Employee Database
Module 9: Management Plane of
Infrastructure Layer
Network Operations
• File System Maint.
• System Updates
• Patch Mgmt., etc.
Data Confidentiality Use IPsec ESP
Corporate IT
Data Integrity Protect files w/ checksums
Data Confidentiality Encrypt files
Employee Information is accessed for:
• Network Service Management
• Network Infrastructure Management
12 | Engineering Society | May 2006
Data Integrity Use IPSec AH
Access Control Use file system ACLs
All Rights Reserved © Alcatel-Lucent 2006, #####
Opportunity…Deliver Secure Systems & Services
ISO 2700X and X.805/ISO 18028
System
Hardening
(Standards)
 Security as a systematic, rigorous process
 Applied to all network elements
 From device to system, to infrastructure
 Standards-based
Imbed
Integrity
Attestation
13 | Engineering Society | May 2006
Integrity Attestation
 Apply integrity metrics
 Measure at point of Creation,
 Delivery and in Operation
 Access policy based on “integrity score”
 Perform in “real-time’
All Rights Reserved © Alcatel-Lucent 2006, #####
The Issue of “Integrity Drift”
IT system confidence degrades from boot time
Confidence
100%
Applications are installed
Patches are applied
Change and routine maintenance
Reformatting and rebuilding from scratch
Time
(by permission from SignaCert)
14 | Engineering Society | May 2006
All Rights Reserved © Alcatel-Lucent 2006, #####
The big
unknown…when
will it fail, what
is the cause,
what was lost?
What if We Could Measure the Integrity…Report it, and Act on It?
Confidence is constantly maintained
Confidence
100%
System and Device-level
Confidence and Trust Measured
and Enforced
Restoring to a known and trusted
state is easy
Time
(by permission from SignaCert)
15 | Engineering Society | May 2006
All Rights Reserved © Alcatel-Lucent 2006, #####
Summary
 We actually have the know-how to improve the state of security
 It is needed more than ever – especially as systems get more
complex and we have greater dependency on these systems
 By applying the ISO 2700X with X.805/ISO-18028 standards and
Integrity Measurements, we can:
 Baseline the state of security
 Have a consistent way to measure it
 Consistent application
 Completeness
 Repeatable
 Scales to size and complexity of present and future networks
16 | Engineering Society | May 2006
All Rights Reserved © Alcatel-Lucent 2006, #####