1 / 18

DESEREC: Dependability and Security by Enhanced Reconfigurability

DESEREC: Dependability and Security by Enhanced Reconfigurability. Overview.

norah
Download Presentation

DESEREC: Dependability and Security by Enhanced Reconfigurability

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DESEREC:Dependability and Security by Enhanced Reconfigurability DESEREC, an ICT for Trust and Security project

  2. Overview The fast growth of highly interconnected Communications and Information Systems (CIS), and the use of them to carry out critical activities, has open an important issue regarding the resilience, reliability and security of these CISs. This strong interdependence increases the consequences of accidents, failures, attacks and implies high vulnerabilities. Current approaches to protect such infrastructures are scattered into separate scientific fields, such us detection, modelling, simulation, redundancy & reconfiguration. • Interesting research projects are Polyander, SecPol and POSITIF • Information representation standards and working groups: WBEM, PCIM, SAML, XACML, IPSP • Simulations standards and working groups: EUROSIS, SCS, NS-2, OPNET, etc. • Intrusion and incident detection: CIDF, CISL, IDMEF DESEREC proposes a joint step forward to improve the CISs supporting those critical services. Following this approach, DESEREC proposes to respond efficiently to: • Attacks from the outside • Intrinsic failures • Misbehaviour or malicious internal use

  3. Objective To define a framework to increase the dependability of existing and newnetworked Information Systems by means of an architecture based on the following modules: • Modelling & simulation: • DESEREC devises and develops innovative approaches and tools to design, model, simulate, and plan critical infrastructures to improve their resilience • Fast reconfiguration with priority to critical activities • DESEREC provides a framework to respond in a quick and appropriate way to a large range of incidents to mitigate the threats to the dependability and thwarts the problem • Incident detection and quick containment • DESEREC integrates various detection mechanisms to ensure fast detection of severe incidents and avoid any impact propagation

  4. Attacks Detection & Reaction Attacks Monitoring/ Reconfiguration Attack from the outside Intrinsic failures Internal use Detection & Reaction malicious internal use Failures Detection & Reaction Internal use Monitoring/ Reconfiguration Failures Monitoring/ Reconfiguration Today scenario Specific detection, reaction, monitoring and reconfiguration processes by device, service or application …..

  5. Attack from the outside Translator Event Monitoring Serious Incident Detection Planning and Validation Modelling Deployment & Reconfiguration Decision Module Fast Cicatrisation Simulation Intrinsic failures malicious internal use DESEREC objective Common framework to model, reconfigure and detect attacks, malicious internal use or internal failures.

  6. Objectives • First objective - prevent • keep every incident local • Second objective - react • sustain or quickly resume the critical applications • Third objective – plan • reallocate optimally the resources to recover the full range of services

  7. Objectives • DESEREC includes three response loops working on 3 different answering times: • A few seconds to locally respond to a severe and well-characterized incident and to launch emergency curative procedure to avoid escalation process or dramatic damage. • Some minutes to detect very complex problem and to readjust the system • Some hours to build a new configuration optimized to resist to a new situation and validated through modelling and simulation

  8. A multi-level response infrastructure Incident delay Counter- measures 1s Detection Incident still present Incident cleared, OK Scope shaping 10s Containment A critical service has stopped No critical impact, OK Select an existing configuration or build an emergency one 2 min Reconfiguration Emergency configuration applied Configuration is optimal, OK hours Modelling Run simulation Optimal configuration applied Reconfiguration

  9. Project architecture WP1 - General architecture, requirements WP 0,5,6 Management, Training, Dissemination WP2 – Operational Planning Modelling, Simulation WP4 – Intrusion and Incident Detection, Response WP3 – Deployment, Hot Reconfiguration WP8 - Integration, validation and demonstrations

  10. Translator Event Monitoring Serious Incident Detection Planning and Validation Modelling Deployment & Reconfiguration Decision Module Fast Cicatrisation Simulation WP1: Horizontal processes • Ensure that the DESEREC approach addresses the requirements and needs of a representative user community • Collection of user cases from different organisations: • Users requirements concerning dependability, resilience and security • Description of the user’s requirements in an analytical way • Collection of the basic information for the definition of the system architecture. Entities information and requirements

  11. Translator Translator Event Monitoring Event Monitoring Serious Incident Detection Serious Incident Detection Planning and Validation Planning and Validation Modelling Modelling Deployment & Reconfiguration Deployment & Reconfiguration Decision Module Decision Module Fast Cicatrisation Fast Cicatrisation Simulation Simulation WP2: Operational Planning • Deals with models of information systems, their intended behaviour (policies), and risks (foreseen faults and attacks also unforeseen failures) • Checks the expected behaviour of the system when configured in a specific way and it is subject to specific inputs and faults • To create the needed tools to manage information and scenarios needed to configure the target system and react to faults and attacks

  12. Translator Event Monitoring Serious Incident Detection Planning and Validation Modelling Deployment & Reconfiguration Decision Module Fast Cicatrisation Simulation WP3: Deployment and hot reaction • Provide mechanisms to ensure the setup and deployment of an operational planning and its hot adaptation following the detection of abnormal events (incident, failure, misbehaviour) on the system • Define and design an efficient toolbox for the day-to-day management of complex system

  13. Translator Event Monitoring Serious Incident Detection Planning and Validation Modelling Deployment & Reconfiguration Decision Module Fast Cicatrisation Simulation WP4: Fast cicatrisation • Provide the basic conceptual and technical tools for implementing incident detection and fast reaction. • Questions to be resolved: • How do we know an incident affecting a system’s dependability is underway? • How do we detect it? • Once an incident has been detected, what can we do to avoid or minimize it?

  14. WP5: Dissemination and exploitation • Coordination of the collection of research and technical results coming out from the other work packages, and reaching the maximum number of potential end-users in the European ICT community in order to promote their widespread adoption • Organization of two DESEREC dissemination workshops and the submission of technical papers to international conferences and scientific journals • Preparation of training material for the user community.

  15. WP6: Training • Professional Training to staff involved in the project development, implementing the demonstrations, and potential users of the tools and methodologies from outside the consortium • Training workshops foreseen during the project duration: • Workshop on “The Concepts and Requirements for Increasing Dependability and Security of Information Systems” • Workshop on “The Mechanisms used for Increasing Dependability through Enhanced Reconfiguration” • Workshop on “The Results and Applications of DESEREC” • Workshop on “Architecture, Modelling and Tools for Increasing Dependability and Security of Information Systems”

  16. Translator Event Monitoring Serious Incident Detection Planning and Validation Modelling Deployment & Reconfiguration Decision Module Fast Cicatrisation Simulation WP8: Integration, Validation and Demonstration • Design of a test and validation model for the general architecture reflecting the combinations of solutions proposed in DESEREC • The coordination of the integration of contributions from other work packages in this model • Validation of the solutions with verification tools and expert tests • Design, development and calibration of test and validation systems • Demonstration of the DESEREC results to the users community.

  17. Test-bed scenarios • Based on the establishment of three typical cases of critical • infrastructure provided through 2 partners: • OTE, a telecommunication operator in Greece • RENFE-Operadora, the national railway operator in Spain

  18. Partners Canadian Resedarch Center IEIIT/CNR University of Murcia

More Related