Upload
norah
View
25
Download
0
Tags:
Embed Size (px)
DESCRIPTION
DESEREC: Dependability and Security by Enhanced Reconfigurability. Overview. - PowerPoint PPT Presentation
Citation preview
DESEREC, an ICT for Trust and Security project
DESEREC:Dependability and Security by Enhanced Reconfigurability
2 DESEREC, an ICT for Trust and Security project
Overview
The fast growth of highly interconnected Communications and Information Systems (CIS), and the use of them to carry out critical activities, has open an important issue regarding the resilience, reliability and security of these CISs. This strong interdependence increases the consequences of accidents, failures, attacks and implies high vulnerabilities.
Current approaches to protect such infrastructures are scattered into separate scientific fields, such us detection, modelling, simulation, redundancy & reconfiguration.
Interesting research projects are Polyander, SecPol and POSITIF Information representation standards and working groups: WBEM, PCIM, SAML,
XACML, IPSP Simulations standards and working groups: EUROSIS, SCS, NS-2, OPNET, etc. Intrusion and incident detection: CIDF, CISL, IDMEF
DESEREC proposes a joint step forward to improve the CISs supporting those critical services. Following this approach, DESEREC proposes to respond efficiently to:
Attacks from the outside Intrinsic failures Misbehaviour or malicious internal use
3 DESEREC, an ICT for Trust and Security project
Objective
To define a framework to increase the dependability of existing and new networked Information Systems by means of an architecture based on the following modules:
Modelling & simulation: DESEREC devises and develops innovative approaches and tools to
design, model, simulate, and plan critical infrastructures to improve their resilience
Fast reconfiguration with priority to critical activities DESEREC provides a framework to respond in a quick and appropriate
way to a large range of incidents to mitigate the threats to the dependability and thwarts the problem
Incident detection and quick containment DESEREC integrates various detection mechanisms to ensure fast
detection of severe incidents and avoid any impact propagation
4 DESEREC, an ICT for Trust and Security project
Today scenario
malicious internal use
Attack from the outside
Specific detection, reaction, monitoring and reconfiguration processes by device, service or application …..
Attacks Detection &
Reaction
Attacks Detection &
Reaction
Attacks Monitoring/
Reconfiguration
Attacks Monitoring/
Reconfiguration
Internal use Detection &
Reaction
Internal use Detection &
Reaction
Internal use Monitoring/
Reconfiguration
Internal use Monitoring/
Reconfiguration
Intrinsic failures
Failures Detection &
Reaction
Failures Detection &
Reaction
Failures Monitoring/
Reconfiguration
Failures Monitoring/
Reconfiguration
5 DESEREC, an ICT for Trust and Security project
ModellingModelling
SimulationSimulation
Planning and Validation
Planning and Validation
Decision Module
Decision Module
Deployment & Reconfiguration
Deployment & Reconfiguration
Event Monitoring
Event Monitoring
Serious Incident Detection
Serious Incident Detection
TranslatorTranslator
Fast CicatrisationFast Cicatrisation
DESEREC objective
malicious internal use
Attack from the outside
Common framework to model, reconfigure and detect attacks, malicious internal use or internal failures.
Intrinsic failures
6 DESEREC, an ICT for Trust and Security project
Objectives
First objective - prevent keep every incident local
Second objective - react sustain or quickly resume the critical applications
Third objective – plan reallocate optimally the resources to recover the full range of services
7 DESEREC, an ICT for Trust and Security project
Objectives
DESEREC includes three response loops working on 3 different answering times:
A few seconds to locally respond to a severe and well-characterized incident and to launch emergency curative procedure to avoid escalation process or dramatic damage.
Some minutes to detect very complex problem and to readjust the system
Some hours to build a new configuration optimized to resist to a new situation and validated through modelling and simulation
8 DESEREC, an ICT for Trust and Security project
A multi-level response infrastructure
Incident
Incident still presentIncidentcleared,
OK
No critical impact,
OK
A critical service has stopped
Emergency configuration applied
Counter- measures1s
Scope shaping10s
Select an existing configurationor build an emergency one
2 min
hours
dela
y
Detection
Containment
Reconfiguration
ModellingConfiguration
is optimal,OK
Reconfiguration
Run simulation
Optimal configuration applied
9 DESEREC, an ICT for Trust and Security project
Project architecture
WP1 - General architecture, requirementsWP1 - General architecture, requirements
WP8 - Integration, validation and demonstrations
WP8 - Integration, validation and demonstrations
WP2 – Operational PlanningModelling, Simulation
WP2 – Operational PlanningModelling, Simulation
WP3 – Deployment,
Hot Reconfiguration
WP3 – Deployment,
Hot Reconfiguration
WP4 – Intrusion and IncidentDetection, Response
WP4 – Intrusion and IncidentDetection, Response W
P 0
,5,6
Man
agem
ent,
Tra
inin
g,
Dis
sem
inat
ion
WP
0,5
,6M
anag
emen
t, T
rain
ing,
D
isse
min
atio
n
10 DESEREC, an ICT for Trust and Security project
WP1: Horizontal processes
Ensure that the DESEREC approach addresses the requirements and
needs of a representative user community Collection of user cases from different organisations:
Users requirements concerning dependability, resilience and security Description of the user’s requirements in an analytical way Collection of the basic information for the definition of the system architecture.
ModellingModelling
SimulationSimulation
Planning and Validation
Planning and Validation
Decision Module
Decision Module
Deployment & Reconfiguration
Deployment & Reconfiguration
Event Monitoring
Event Monitoring
Serious Incident Detection
Serious Incident Detection
TranslatorTranslator
Fast CicatrisationFast Cicatrisation
Entities information and requirementsEntities information and requirements
11 DESEREC, an ICT for Trust and Security project
WP2: Operational Planning
Deals with models of information systems, their intended behaviour (policies), and risks (foreseen faults and attacks also unforeseen failures)
Checks the expected behaviour of the system when configured in a specific way and it is subject to specific inputs and faults
To create the needed tools to manage information and scenarios needed to configure the target system and react to faults and attacks
ModellingModelling
SimulationSimulation
Planning and Validation
Planning and Validation
Decision Module
Decision Module
Deployment & Reconfiguration
Deployment & Reconfiguration
Event Monitoring
Event Monitoring
Serious Incident Detection
Serious Incident Detection
TranslatorTranslator
Fast CicatrisationFast Cicatrisation
ModellingModelling
SimulationSimulation
Planning and Validation
Planning and Validation
Decision Module
Decision Module
Deployment & Reconfiguration
Deployment & Reconfiguration
Event Monitoring
Event Monitoring
Serious Incident Detection
Serious Incident Detection
TranslatorTranslator
Fast CicatrisationFast Cicatrisation
12 DESEREC, an ICT for Trust and Security project
WP3: Deployment and hot reaction
Provide mechanisms to ensure the setup and deployment of an operational planning and its hot adaptation following the detection of abnormal events (incident, failure, misbehaviour) on the system
Define and design an efficient toolbox for the day-to-day management of complex system
ModellingModelling
SimulationSimulation
Planning and Validation
Planning and Validation
Decision Module
Decision Module
Deployment & Reconfiguration
Deployment & Reconfiguration
Event Monitoring
Event Monitoring
Serious Incident Detection
Serious Incident Detection
TranslatorTranslator
Fast CicatrisationFast Cicatrisation
13 DESEREC, an ICT for Trust and Security project
WP4: Fast cicatrisation
Provide the basic conceptual and technical tools for implementing incident detection and fast reaction.
Questions to be resolved: How do we know an incident affecting a system’s dependability is underway? How do we detect it? Once an incident has been detected, what can we do to avoid or minimize it?
ModellingModelling
SimulationSimulation
Planning and Validation
Planning and Validation
Decision Module
Decision Module
Deployment & Reconfiguration
Deployment & Reconfiguration
Event Monitoring
Event Monitoring
Serious Incident Detection
Serious Incident Detection
TranslatorTranslator
Fast CicatrisationFast Cicatrisation
14 DESEREC, an ICT for Trust and Security project
WP5: Dissemination and exploitation
Coordination of the collection of research and technical results coming out from the other work packages, and reaching the maximum number of potential end-users in the European ICT community in order to promote their widespread adoption
Organization of two DESEREC dissemination workshops and the submission of technical papers to international conferences and scientific journals
Preparation of training material for the user community.
15 DESEREC, an ICT for Trust and Security project
WP6: Training
Professional Training to staff involved in the project development, implementing the demonstrations, and potential users of the tools and methodologies from outside the consortium
Training workshops foreseen during the project duration: Workshop on “The Concepts and Requirements for Increasing
Dependability and Security of Information Systems” Workshop on “The Mechanisms used for Increasing Dependability
through Enhanced Reconfiguration” Workshop on “The Results and Applications of DESEREC” Workshop on “Architecture, Modelling and Tools for Increasing
Dependability and Security of Information Systems”
16 DESEREC, an ICT for Trust and Security project
WP8: Integration, Validation and Demonstration
Design of a test and validation model for the general architecture reflecting the combinations of solutions proposed in DESEREC
The coordination of the integration of contributions from other work packages in this model
Validation of the solutions with verification tools and expert tests Design, development and calibration of test and validation systems Demonstration of the DESEREC results to the users community.
ModellingModelling
SimulationSimulation
Planning and Validation
Planning and Validation
Decision Module
Decision Module
Deployment & Reconfiguration
Deployment & Reconfiguration
Event Monitoring
Event Monitoring
Serious Incident Detection
Serious Incident Detection
TranslatorTranslator
Fast CicatrisationFast Cicatrisation
17 DESEREC, an ICT for Trust and Security project
Test-bed scenarios
Based on the establishment of three typical cases of critical
infrastructure provided through 2 partners:
OTE, a telecommunication operator in Greece
RENFE-Operadora, the national railway operator in Spain
18 DESEREC, an ICT for Trust and Security project
Partners
University of Murcia
IEIIT/CNR
Canadian Resedarch Center