GSA Federal Technology Service Smarter Solutions Bell Labs Network Security Model Andrew R. McGee...
-
date post
18-Dec-2015 -
Category
Documents
-
view
213 -
download
0
Transcript of GSA Federal Technology Service Smarter Solutions Bell Labs Network Security Model Andrew R. McGee...
GSA Federal Technology ServiceSmarter Solutions
Bell Labs Network Security Model
Andrew R. McGee
Distinguished Member of Technical Staff
Lucent Technologies Bell Labs
April 2, 2003
Track 5.4 -- Emerging Network Security Technology: A Lucent Bell Labs Prospective
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Topics
Building the Network Security Model:
• Security Threats.
• Security Layers.
• Security Planes.
• Security Dimensions.
Applying the Network Security Model to Network Security Assessments:
• Network, Host and Service Discovery.
• Data Fusion - Putting it All Together.
• Producing Meaningful Results.
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Types of Network Security Threats1
1C. Pfleeger, Security in Computing, Prentice Hall, Upper Saddle River, NJ, 1997.
Interruption (An Attack on Availability):– Network Becomes Unavailable or Unusable– Examples:
• Malicious Destruction of a Network Element• Erasure of a Software Program or Data File• Cutting of a Communication Facility
Interception (An Attack on Confidentiality):– An Unauthorized Access to an Asset– Examples:
• Unauthorized Data Capture (Data Sniffing)• Discovery of Unprotected WLAN Access Points
Modification (An Attack on Integrity):– An Unauthorized Tampering with an Asset– Examples:
• Changing Network Configuration Information• Changing Data as it is Being Transmitted Across the Network
Fabrication (An Attack on Authenticity):– Unauthorized Creation, Modification, or Deletion of Objects on a
Network– Examples:
• Unauthorized Access to the Network• Insertion of Spurious Messages on the Network• Addition of Records to a Database
X
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Infrastructure Security
Applications Security
Services Security
THREATS
VULNERABILITIES
ATTACKS
Interruption
Fabrication
Interception
Modification
Infrastructure Security
Applications Security
Services Security
THREATS
VULNERABILITIES
ATTACKS
Interruption
Fabrication
Interception
Modification
Infrastructure Security Layer:• Fundamental Building Blocks of Networks,
Services, and Applications.• Individual Network Elements and the
Interconnecting Communications Facilities• Examples:
– Individual Routers, Switches, Servers– Point-to-Point WAN Links– Ethernet Links
Applications Security Layer:• Network-Based Applications Accessed by End-Users• Includes:
– Fundamental Applications (e.g., Web Browsing)– Basic Applications (e.g., Directory Assistance
and Email)– High-End Applications (e.g., E-Commerce)
Services Security Layer:• Services Provided to Customers or End-Users• Range from Basic Transport to High-End, Value-
Added Services.• Examples:
– Carrier Facilities (DS-1, DS-3, etc.)– Frame Relay, ATM, IP Connectivity– VoIP, QoS, IM, Location Services– 800-Services
Vulnerabilities Can ExistIn Each Layer
Security Layers
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Security Layers Apply to Every Protocol Layer
Example - Applying Security Layers to ATM Networks (Layer 2): Infrastructure Security Layer:
– Individual ATM Switches– Point-to-Point Communication Links
Between Switches (e.g., DS-3 links, OC-48 links, etc.)
Services Security Layer:– ATM Services Classes: CBR, VBR-RT,
VBR-nRT, ABR, UBR Applications Security Layer:
– ATM-Based Video Conferencing Application
Example - Applying Security Layers to IP Networks (Layer 3): Infrastructure Security Layer:
– Wireline NEs: Individual Routers, Servers– Wireless NEs: PDSN, SGSN, GGSN.– Communication Links Between NEs -
Note: Could be ATM PVCs Services Security Layer:
– Basic IP Transport– IP Support Services (e.g., AAA, DNS, DHCP)– Value-Added Services: (e.g., VPN, VoIP,
QoS) Applications Security Layer:
– Basic Applications (e.g., ftp, Web Access)– Fundamental Applications (e.g., Email)– High-End Applications (e.g., E-Commerce,
Training)
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Infrastructure Security
Applications Security
Services Security
End User Security
Control/Signaling Security
Management Security
THREATS
VULNERABILITIES
ATTACKS
Security Layers
Interruption
Fabrication
Interception
Modification
Security Planes
Infrastructure Security
Applications Security
Services Security
End User Security
Control/Signaling Security
Management Security
THREATS
VULNERABILITIES
ATTACKS
Security Layers
Interruption
Fabrication
Interception
Modification
Security Planes
Security Planes
Control/Signaling Security Plane:• Enables the Efficient Delivery of Information,
Services, and Applications Across the Network• Machine-to-Machine Communications to
Determine How to Best Route or Switch Traffic Across the Network
• May Be In-Band or Out-of-Band
Management Security Plane:• Concerned with OAM&P of Network Elements,
Transmission Facilities, Operations/Business Systems
• Concerned with Management and Provisioning of Network Services and Applications
• Supports the FCAPS Functions• May Be In-Band or Out-of-Band
End-User Security Plane:• How Customers Access and Use the Network• Represents End-User Data At Rest and In Motion• End-Users May Use the Network For:
– Basic Connectivity/Transport– Value-Added Services (VPN, VoIP, etc.)– Access to Network-Based Applications (e.g.,
Email).
Vulnerabilities Can ExistIn Each Layer and Plane
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Example: Applying Security Planes to Network Activities/Protocols
End User Security Plane: Activities
• End-User Data Transfer• End-User – Application Interactions
Protocols
• HTTP, RTP, POP, IMAP• TCP, UDP, FTP• IPSec, TLS
Control/Signaling Security Plane: Activities
• Update of Routing/Switching Tables• Service Initiation, Control, and Teardown• Application Control
Protocols
• BGP, OSPF, IS-IS, RIP, PIM• SIP, RSVP, H.323, SS7.• IKE, ICMP• PKI, DNS, DHCP, SMTP
Management Security Plane:
• Operations• Administration• Management• Provisioning
Activities Protocols• SNMP• Telnet• FTP• HTTP
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Access Management
Authentication
Non-repudiation
Data Confidentiality
Communication Security
Integrity
Availability
Privacy
• Limit and Control Access to Network Elements, Services, and Applications.
• Techniques Include: ACL, Firewall, IDS, Password, Security Token, RBAC.
• Prevent the Denial of an Activity on the Network or Transmission Through a Network.
• Techniques Include: System Logs, Digital Signatures, Asymmetrical Encryption.
• Ensure Information Only Flows from the Source to the Destination.
• Techniques Include: VPN, MPLS, L2TP, Source Path Routing.
• Ensure network elements, services and application are available to legitimate users.
• Techniques Include: Reliable network design, IDS, network redundancy, and disaster recovery.
• Ensure Proof of Identity of the Claimed Entity (Person, Device, Application).
• Techniques Include: Shared Secret, PKI, Digital Signature, Digital Certificate.
• Ensure the Confidentiality of Data to Prevent Unauthorized Viewing.
• Techniques Include: Encryption.
• Ensure that Data is Received as Sent or Retrieved as Stored.
• Techniques Include: MD5, Digital Signature, Anti-Virus Software.
• Ensure that confidential information of end user, network element, and network architecture is not disclosed to unauthorized entity.
• Techniques Include: Encryption, Service Level agreement, etc.
Security Dimensions Address the Breadth of Network Vulnerabilities
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Applicable To:• Wireless, Wireline and Optical
Networks• Voice, Data, and Converged Networks• Any Layer of the Protocol Stack• Management, Administrative and Data
Center Networks• SP Infrastructure Networks• Enterprise Networks
Acc
es
s M
an
age
me
nt
Infrastructure Security
Applications Security
Services Security
End User Security
Control/Signaling Security
Management Security
THREATS
VULNERABILITIES
8 Security Dimensions
ATTACKS
Dat
a C
on
fid
en
tia
lity
Co
mm
un
ica
tio
n S
ec
uri
ty
Inte
gri
ty
Ava
ila
bili
ty
Pri
va
cy
Au
the
nti
ca
tio
n
No
n-
rep
ud
iati
on
Security Layers
Security Planes
Acc
es
s M
an
age
me
nt
Infrastructure Security
Applications Security
Services Security
End User Security
Control/Signaling Security
Management Security
THREATS
VULNERABILITIES
8 Security Dimensions
ATTACKS
Dat
a C
on
fid
en
tia
lity
Co
mm
un
ica
tio
n S
ec
uri
ty
Inte
gri
ty
Ava
ila
bili
ty
Pri
va
cy Interruption
Fabrication
Interception
Modification
Interruption
Fabrication
Interception
Modification
Au
the
nti
ca
tio
n
No
n-
rep
ud
iati
on
Security Layers
Security Planes
Bell Labs Network Security Model
Vulnerabilities Can ExistIn Each Layer, Plane,Dimension
Supported by Government Agencies & Standards Bodies: NSIE NSTAC NRIC DHS
ITU-T SG17 Industry
Canada
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Infrastructure Layer
Services LayerApplications
Layer
Management Plane
Module One Module Four Module Seven
Control/Signaling Plane
Module Two Module Five Module Eight
User PlaneModule Three Module Six Module Nine
Access Management
Authentication
Non-repudiation
Data Confidentiality
Communication Security
Integrity
Availability
Privacy
The Eight Security Dimensions Are Applied to Each Security Perspective
Methodical & Modular Approach to Network Security Analysis(The Bell Labs Network Security Model in Tabular Form)
Execute– Top Row for Analysis of Management
Network– Middle Column for Analysis of
Network Services– Intersection of Each Layer and Plane
for analysis of Security Perspective
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Applying the Bell Labs Network Security Model to Security Programs
Maintenance
Implementation
SecurityProgram
Policies &Procedures
Technology
Definition & Planning
Ac
cess
Man
age
me
nt
Infrastructure Security
Application Security
Service Security
End User Plane
Control Plane
Management Plane
THREATS
VULNERABILITIES
8 Security Dimensions
ATTACKSDa
ta C
on
fiden
tia
lity
Co
mm
un
ica
tion
Sec
uri
ty
Inte
gri
ty
Av
aila
bili
ty
Pri
vac
y
Interruption
Fabrication
Interception
Modification
Au
then
tica
tio
n
No
n-r
epu
dia
tio
n
Security Layers
Can Apply to Every Aspect of a Network Security Program• Definition & Planning: Helps define comprehensive Security Policies, Incident Response &
Recovery Plans and Technology Architectures by taking Security Dimensions, Layers and Planes into account
• Implementation: Forms basis of an assessment that examines how the Security Dimensions, Layers and Planes are addressed as Policies and Procedures are rolled out and technology is deployed
• Maintenance: Assists in managing the Security Policies & Procedures, Incident Response & Recovery Plans and Technology Architectures by ensuring modifications to the Security Program address Security Dimensions, Layers and Planes
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
BL Network Security Model in Action:Network Survivability Assessment Service
Analysis Phase
Data collection Phase
Recommendation Phase
Implementation/operation
HealthCheck
Health Check Iteration
AssessmentModule
RecommendationModule
InternalTest Module1
QuestionnaireModule
Customer Input
Module
Implementation/OperationModule
Bell Labs Network Security Model Network Survivability Assessment
ExternalTest Module2
Analysis Phase
Data collection Phase
Recommendation Phase
Implementation/operation
HealthCheck
Health Check Iteration
AssessmentModule
RecommendationModule
InternalTest Module1
QuestionnaireModule
Customer Input
Module
Implementation/OperationModule
Bell Labs Network Security Model Network Survivability Assessment
ExternalTest Module2
GSA Federal Technology ServiceSmarter Solutions
GSA/FTS Network Services Conference 2003GSA/FTS Network Services Conference 2003Managing the Future: Mastering the MazeManaging the Future: Mastering the Maze
Conclusion
Bell Labs Network Security Model• Provides Comprehensive, End-to-End View of Network Security.• Applies to Any Networking Technology:
– Wireless, Wireline and Optical Networks.– Voice, Data and Converged Networks.
• Applies to Any Layer of the Protocol Stack.• Applies to Any Portion of a Network:
– Management, Administrative and Data Center Networks.– Infrastructure Networks.– Enterprise Networks.
• Widely Accepted by Government Agencies and Standards Bodies:– National Security Information Exchange (NSIE).– National Security Telecommunications Advisory Committee (NSTAC).– National Reliability and Interoperability Council (NRIC).– U.S. Department of Homeland Security (DHS).– Industry Canada.– ITU-T.
Comprehensive Network Security Assessments Based on BL Network Security Model• Tools and Techniques are used to Assess Security Layers, Planes, Dimensions.• Results are Provided in Terms of Network and Business Impact.