1 / 11

CIPSEC architecture

CIPSEC architecture. CIPSEC workshop Frankfurt 16/10/2018 Rubén Trapero Burgos, ATOS. Co-funded by the Horizon 2020 Framework Programme of the European Union. CIPSEC Framework Design Principles. Critical Infrastructures Commonalities. Security Threats. CIPSEC pilot requirements.

mikard
Download Presentation

CIPSEC architecture

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018 Rubén Trapero Burgos, ATOS Co-funded by the Horizon 2020 Framework Programme of the European Union

  2. CIPSEC Framework DesignPrinciples CriticalInfrastructuresCommonalities Security Threats CIPSEC pilotrequirements Data Lifecycle in CriticalInfrastructures CIPSEC architecture

  3. Agents, sensors, sniffing, etc Host and Network Sensors SOC Expertise Data Acquisition Activity and Security Data (LOG) Status Heartbeats Reports Security Decision-Making Security Compliance Data Consumption Data Dissemination UserCredentials Events/Alarms Tokens Software updates Security Data Insights Security Apps PKI Infrastructure SotwareRepository Dashboards Human End-Users (CI Systemadmins) Post-Mortem IncidentAnalysis Security Operation Center Personnel Visualization of data Recommendations Systemadministration Aggregate data Filter Data Reasoning Detectanomalies Document Management Repository Security and Activity monitoringengine

  4. Agents, sensors, sniffing, etc Host and Network Sensors SOC Expertise Acquisition CIPSEC Core Framework Data Acquisition Activity and Security Data (LOG) Status Heartbeats Reports Security Decision-Making Security Compliance Data Consumption Data Dissemination UserCredentials Events/Alarms Tokens Software updates Security Data Insights Security Apps PKI Infrastructure SotwareRepository Dashboards Human End-Users (CI Systemadmins) Post-Mortem IncidentAnalysis Security Operation Center Personnel Presentation DetectionLayer Aggregate data Filter Data Reasoning Visualization of data Recommendations Systemadministration User/System manager Data Processing Document Management Repository Network Security CriticalInfrastructureComponents (sensors, computers, network, servers, routers, …) Security and Activity monitoringengine

  5. High Level CIPSEC Framework CriticalInfrastructurePlatform CriticalInfrastructurePlatform CIPSEC Core Framework User/System manager Layer contingency (reconfigurations, etc) Compliancereport aggregatedinfo (reports, etc) PresentationLayer events/alerts inferredthreats, risks Data ProcessingLayer Updating/Patching correlator admin CIPSEC securityfeatures events/alerts DetectionLayer Compliance Management logs AcquisitionLayer security data security data Network Security CriticalInfrastructureComponents (sensors, computers, network, servers, routers, …) CI securityrequirements User training

  6. CIPSEC Framework Reference Architecture

  7. Partners’ role in CIPSEC Reference Architecture CriticalInfrastructurePlatform CIPSEC Core Framework System manager User/System manager Layer Contingency plan Recommendations PresentationLayer ForensicsAnalysisVisualizationtool Dashboard Data ProcessingLayer Anonymized Sensitive Data Historic anomalies DB Forensics service Data anonymization and Privacy Updating/Patching DetectionLayer Compliance Management Anomalydetectionreasoner AcquisitionLayer External Security Services Futuresecurityservicesplugged EndpointDetection and Response VulnerabilityAssessment Identity Access Management Integrity Management Crypto services Network Security (DPI firewalls, routerswith ACL, networksegmentation, DMZ, NAC, etc.) CriticalInfrastructureComponents (sensors, computers, network, servers, routers, …) User Training

  8. CIPSEC Blocks Covered with Products

  9. CIPSEC Blocks Covered with Services Compliance Management

  10. Innovationtargetedby CIPSEC Framework • CIPSEC proposal is not centred on providing an isolated solution • for cybercrime but a more broad solution. • CIPSEC which is not addressing individual aspects of large crisis • but provides a global solution including additional services related with CIP. • CIPSEC provides a more generic solution, focusing not only on securing • network edge services of cloud infrastructures in CI scenarios, but also • on the global picture, taking into account existing interdependencies. • CIPSEC offers a close-to-market security platform with real validation • trials on real CI operational scenarios.

  11. Thanksforyourattention! Questions? Contact: Antonio Álvarez ATOS antonio.alvarez@atos.net Rubén Trapero ATOS ruben.trapero@atos.net Rodrigo Díaz ATOS rodrigo.diaz@atos.net www.cipsec.eu @CIPSECproject https://www.linkedin.com/in/cipsec-project/ https://www.youtube.com/channel/UCekxicSFAwZdIPAV3iLHttg CIPSEC TechnicalReview Meeting Barcelona 22/11/2017

More Related