180 likes | 288 Views
Federal Aviation Administration. AMHS Security Security Sub-Group Activities ATS Message Handling System (AMHS ) Implementation Workshop Chennai, India December, 15-16 th 2008. Vic Patel FAA/ATO-P Security Engineering Group William J. Hughes FAA Technical Center
E N D
Federal Aviation Administration AMHS SecuritySecurity Sub-Group ActivitiesATS Message Handling System (AMHS )Implementation WorkshopChennai, IndiaDecember, 15-16th 2008 Vic Patel FAA/ATO-P Security Engineering Group William J. Hughes FAA Technical Center Atlantic City International Airport Atlantic City, NJ 08405 USA Presentation to:Name:Date:
Federal Aviation Administration Presentation Overview Our Vision: Service and Safety • Security Policy • Security Checklist • Security Guidance Document • Technical Controls for AMHS Security • Other Regional Security Documents • System-wide Risk Assessment • Contingency Plan • Incident Response Plan AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 2
Federal Aviation Administration Asia/Pacific ICG Strategic Objective: Security Our Vision: Service and Safety • Task (1) Update System Integrity Policy as needed • Asia/Pacific ATN System Security Policy Document • Adopted by ICAO Asia-Pacific as of October 2008 • Task (2) Develop Information Security Checklist • Asia/Pacific ATN Develop Security Checklist • Task (3) Develop Information Security Guidance • Asia/Pacific ATN Security Guidance Document • Task (4) Develop Information Security Solution for Initial and Enhanced Services • To be included in Asia/Pacific ATN Security Guidance Document AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 3
Federal Aviation Administration Security Policy Our Vision: Service and Safety • The Asia/Pacific region has developed an ATN System Security Policy • The Policy was previously called the “System Integrity Policy” and was somewhat broader in scope. • It was agreed at the September Security Sub-Group meeting that the requirements for Interoperability be removed from this document and it was re-named the System Security Policy. • The policy requires that ATN systems be verified to have appropriate security controls. • The policy requires that ATN systems be formally approved for operation a Designated Approval Authority for each state/organization. AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 4
Federal Aviation Administration Security Policy Our Vision: Service and Safety • Security Policy Outline: • Purpose. • Applicability. • Authority. • Implementation and Enforcement. • System Integrity Requirements. • System Integrity Services • Confidentiality • Data Integrity • Authenticity. • Availability. • Accountability. • Interoperability. • System Integrity Policy Statements • Functional Policy Statements • Verification and Authorization AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 5
Federal Aviation Administration Security Checklist Our Vision: Service and Safety • A checklist serves to see that controls are in place • It is generally the basis on which the Approving Authority grants approval • At the April 2008 meeting of the Security Subgroup it was agreed that the controls would be derived from the following document: • NIST SP 800-53, Recommended Security Controls for Federal Information Systems, December 2006 • The SP 800-53 controls were reviewed by the Security Subgroup and the Subgroup identified which of the Technical, Operational, and Management controls applied to an ATN system. • At the September meeting of the Security Subgroup the controls were converted to a Checklist format. AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 6
Federal Aviation Administration Security Guidance Document Our Vision: Service and Safety • The Security Sub-Group is developing a region should develop a Security Guidance Document which provides guidance on the implementation of management, technical, and operational controls. • Management controls • focus on management of system and associated risks • Security reviews, security risk assessments • Technical controls • address specific types of threats • may be sub-typed as: preventative technical controls, recovery technical controls, and support technical controls • Operational controls • focus on operational procedures, personnel security measures, and physical security measures • This document was previously called the “Security Implementation Plan” AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 7
Federal Aviation Administration Security Guidance DocumentAMHS Technical Controls Our Vision: Service and Safety • Network Security Provisions • From User Terminal to Message Server or Between Message Servers (Routers) • End-to-End Security Provisions • Defined in ICAO Doc 9705 Edition 3 using the ATN Digital Signature Scheme • May not be implemented if region does not move to ATN air-ground security provisions AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 8
Federal Aviation Administration Security Guidance DocumentAMHS Technical Controls Our Vision: Service and Safety AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 9
Federal Aviation Administration Security Guidance DocumentAMHS Technical Controls Our Vision: Service and Safety AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 10
Federal Aviation Administration Security Guidance DocumentAMHS Technical Controls Our Vision: Service and Safety Network Security Secure Communications from User Agents to MTA Server • Technique depends on connectivity • Internet Protocol Security (IPsec) • Transport Layer Security (TLS) (formerly Secure Sockets Layer (SSL)) • Layer 2 Protocols (Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP), Layer 2 Forwarding (L2F) • Secure Shell (SSH) AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 11
Federal Aviation Administration Security Guidance DocumentAMHS Technical Controls Our Vision: Service and Safety Network Security Secure Communications between Routers which support MTA Servers • Communications Security • IDRP Security • Initially pre-shared keys • Longer term - PKI • Audit Logs • TCP, IP, BGP Logs AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 12
Federal Aviation Administration Security Guidance DocumentTechnical Control Summary Our Vision: Service and Safety • Technical controls may initially consist of securing IDRP router connections • Initially using pre-shared keys • Migrate to limited use of certificates • For TCP/IP MTA-to-MTA connections either TLS or IPsec may be used. • For User Terminal to MTA connections layer 2 provisions may also be used • As the AMHS evolves to enhanced services, including directory services, AMHS application security may be employed • Firewalls and other security appliances should be introduced as needed. AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 13
Federal Aviation Administration Contingency Plan Our Vision: Service and Safety • The Security Sub-group has been tasked to develop a “Contingency and Disaster Recovery Plan. • This plan identifies the coordination activities, processes, and procedures to be followed in the event that an AMHS system is unavailable. AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 14
Federal Aviation Administration Contingency Plan Our Vision: Service and Safety • NIST SP800-34, Contingency Planning Guide for Information Technology Systems, June 2002 “IT contingency planning refers to a coordinated strategy involving plans, procedures, and technical measures that enable the recovery of IT systems, operations, and data after a disruption. Contingency planning generally includes one or more of the approaches to restore disrupted IT services: • Restoring IT operations at an alternate location • Recovering IT operations using alternate equipment • Performing some or al of the affected business processes using non-IT (manual) means” AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 15
Federal Aviation Administration Incident Response Plan Our Vision: Service and Safety • The Security Sub-group has been tasked to develop an Incident Response Plan • The incident response plan would specify common procedures for identifying, reporting, and responding to computing incidents. AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 16
Federal Aviation Administration Incident Response Plan Our Vision: Service and Safety • NIST SP 800-61, Computer Security Incident Handling Guide, January 2004, specifies that an incident response capability should include the following actions: • Creating an incident response policy • Developing procedures for performing incident handling and reporting, based on the incident response policy • Setting guidelines for communicating with outside parties regarding incidents • Selecting a team structure and staffing model • Establishing relationships between the incident response team and other groups, both internatl and external • Determining what services the incident response team should provide • Staffing and training the incident response team AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 17
Questions Federal Aviation Administration Our Vision: Service and Safety AMHS Security: Security Sub-Group Activities AMHS IMPLEMENTATION WORKSHOP, Chennai, India December 15th-16th, 2008. Challenges of a Growing Aviation SystemApril 12, 2005 18