Download
1 / 11
110 likes | 130 Views
Explore the comprehensive CIPSEC architecture and workshop details encompassing security threats, data lifecycle, agent systems, and more. Learn about the advanced security features and layered approach for safeguarding critical infrastructure components.
E N D
CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018 Rubén Trapero Burgos, ATOS Co-funded by the Horizon 2020 Framework Programme of the European Union
CIPSEC Framework DesignPrinciples CriticalInfrastructuresCommonalities Security Threats CIPSEC pilotrequirements Data Lifecycle in CriticalInfrastructures CIPSEC architecture
Agents, sensors, sniffing, etc Host and Network Sensors SOC Expertise Data Acquisition Activity and Security Data (LOG) Status Heartbeats Reports Security Decision-Making Security Compliance Data Consumption Data Dissemination UserCredentials Events/Alarms Tokens Software updates Security Data Insights Security Apps PKI Infrastructure SotwareRepository Dashboards Human End-Users (CI Systemadmins) Post-Mortem IncidentAnalysis Security Operation Center Personnel Visualization of data Recommendations Systemadministration Aggregate data Filter Data Reasoning Detectanomalies Document Management Repository Security and Activity monitoringengine
Agents, sensors, sniffing, etc Host and Network Sensors SOC Expertise Acquisition CIPSEC Core Framework Data Acquisition Activity and Security Data (LOG) Status Heartbeats Reports Security Decision-Making Security Compliance Data Consumption Data Dissemination UserCredentials Events/Alarms Tokens Software updates Security Data Insights Security Apps PKI Infrastructure SotwareRepository Dashboards Human End-Users (CI Systemadmins) Post-Mortem IncidentAnalysis Security Operation Center Personnel Presentation DetectionLayer Aggregate data Filter Data Reasoning Visualization of data Recommendations Systemadministration User/System manager Data Processing Document Management Repository Network Security CriticalInfrastructureComponents (sensors, computers, network, servers, routers, …) Security and Activity monitoringengine
High Level CIPSEC Framework CriticalInfrastructurePlatform CriticalInfrastructurePlatform CIPSEC Core Framework User/System manager Layer contingency (reconfigurations, etc) Compliancereport aggregatedinfo (reports, etc) PresentationLayer events/alerts inferredthreats, risks Data ProcessingLayer Updating/Patching correlator admin CIPSEC securityfeatures events/alerts DetectionLayer Compliance Management logs AcquisitionLayer security data security data Network Security CriticalInfrastructureComponents (sensors, computers, network, servers, routers, …) CI securityrequirements User training
Partners’ role in CIPSEC Reference Architecture CriticalInfrastructurePlatform CIPSEC Core Framework System manager User/System manager Layer Contingency plan Recommendations PresentationLayer ForensicsAnalysisVisualizationtool Dashboard Data ProcessingLayer Anonymized Sensitive Data Historic anomalies DB Forensics service Data anonymization and Privacy Updating/Patching DetectionLayer Compliance Management Anomalydetectionreasoner AcquisitionLayer External Security Services Futuresecurityservicesplugged EndpointDetection and Response VulnerabilityAssessment Identity Access Management Integrity Management Crypto services Network Security (DPI firewalls, routerswith ACL, networksegmentation, DMZ, NAC, etc.) CriticalInfrastructureComponents (sensors, computers, network, servers, routers, …) User Training
CIPSEC Blocks Covered with Services Compliance Management
Innovationtargetedby CIPSEC Framework • CIPSEC proposal is not centred on providing an isolated solution • for cybercrime but a more broad solution. • CIPSEC which is not addressing individual aspects of large crisis • but provides a global solution including additional services related with CIP. • CIPSEC provides a more generic solution, focusing not only on securing • network edge services of cloud infrastructures in CI scenarios, but also • on the global picture, taking into account existing interdependencies. • CIPSEC offers a close-to-market security platform with real validation • trials on real CI operational scenarios.
Thanksforyourattention! Questions? Contact: Antonio Álvarez ATOS antonio.alvarez@atos.net Rubén Trapero ATOS ruben.trapero@atos.net Rodrigo Díaz ATOS rodrigo.diaz@atos.net www.cipsec.eu @CIPSECproject https://www.linkedin.com/in/cipsec-project/ https://www.youtube.com/channel/UCekxicSFAwZdIPAV3iLHttg CIPSEC TechnicalReview Meeting Barcelona 22/11/2017
