defense in depth

Chia sẻ: Thuy Linh | Ngày: | Loại File: PDF | Số trang:5

lượt xem

defense in depth

Mô tả tài liệu
  Download Vui lòng tải xuống để xem tài liệu đầy đủ

Defense in Depth is practical strategy for achieving Information Assurance in today’s highly networked environments. It is a “best practices” strategy in that it relies on the intelligent application of techniques and technologies that exist today. The strategy recommends a balance between the protection capability and cost, performance, and operational considerations. This paper provides an overview of the major elements of the strategy and provides links to resources that provide additional insight....

Chủ đề:

Nội dung Text: defense in depth

  1. Defense in Depth A practical strategy for achieving Information Assurance in today’s highly networked environments. Introduction. Defense in Depth is It’s also important to resist practical strategy for achieving detrimental effects from non-malicious Information Assurance in today’s highly events such as fire, flood, power outages networked environments. It is a “best and user error. practices” strategy in that it relies on the Information Assurance. Information intelligent application of techniques and Assurance is achieved when information technologies that exist today. The and information systems are protected strategy recommends a balance between against such attacks through the the protection capability and cost, application of security services such as: performance, and operational Availability, Integrity, Authentication, considerations. This paper provides an Confidentiality, and Non-Repudiation. overview of the major elements of the The application of these services should strategy and provides links to resources be based on the Protect, Detect, and that provide additional insight. React paradigm. This means that in addition to incorporating protection Adversaries, Motivations, Classes mechanisms, organizations need to of Attack. To effectively resist attacks expect attacks and include attack against its information and information detection tools and procedures that allow systems, an organization needs to them to react to and recover from these characterize its adversaries, their attacks. potential motivations, and their classes of attack. Potential adversaries might include: Nation States, Terrorists, Criminal Elements, Hackers, or Information Assurance Corporate Competitors. Their Defense In Depth Strategy Defense Depth motivations may include: intelligence People Operations Technology gathering, theft of intellectual property, denial of service, embarrassment, or just Robust & Integrated Set of Information Assurance Measures & Actions pride in exploiting a notable target. Their classes of attack may include: An important principle of the Defense in passive monitoring of communications, Depth strategy is that achieving active network attacks, close-in attacks, Information Assurance requires a exploitation of insiders, and attacks balanced focus on three primary through the industry providers of one’s elements: People, Technology and Information Technology resources. Operations.
  2. People. Achieving Information for technology acquisition. These Assurance begins with a senior level should include: security policy, management commitment (typically at Information Assurance principles, the Chief Information Officer level) system level Information Assurance based on a clear understanding of the architectures and standards, criteria for perceived threat. This must be followed needed Information Assurance products, through with effective Information acquisition of products that have been Assurance policies and procedures, validated by a reputable third party, configuration guidance, and processes for assessing the risk of the integrated systems. The Defense in Depth strategy Information Assurance recommends several Information Defense In Depth Strategy Assurance principles. These include: People Technology Operations a) Defense in Multiple Places. Given • Policies & Procedures • Physical Security that adversaries can attack a target • Training & Awareness • Personnel Security • System Security • Facilities from multiple points using either Administration Countermeasures insiders or outsiders, an organization Hire Good People —Train & Reward Them Well needs to deploy protection Penalize Unauthorized Behavior mechanisms at multiple locations to resist all classes of attacks. As a assignment of roles and responsibilities, minimum, these defensive “focus commitment of resources, training of areas” should include: critical personnel (e.g. users and system administrators), and personal accountability. This includes the Information Assurance establishment of physical security and Defense In Depth Strategy Defense personnel security measures to control and monitor access to facilities and People Technology Operations People Technology Operations critical elements of the Information Defense in Depth Focus Areas Defense Technology environment. Supporting Defend the Defend the Defend the Infrastructures Enclave Computing Network & Detect & Boundary Environment Infrastructure KMI/PKI Respond Technology. Today, a wide range of technologies are available for providing Information Assurance services and for • Defend the Networks and Infrastructure detecting intrusions. To insure that the - Protect the local and wide area right technologies are procured and communications networks (e.g. from deployed, an organization should Denial of Service Attacks) establish effective policy and processes - Provide confidentiality and integrity protection for data transmitted over these networks (e.g. use encryption and traffic flow security measures to resist Information Assurance passive monitoring) Defense In Depth Strategy • Defend the Enclave Boundaries (e.g. deploy Firewalls and Intrusion Technology People Operations Detection to resist active network attacks) • IA Architecture • Acquisition/Integration of Evaluated Products • IA Criteria (Security, Interoperability, • System Risk Assessment PKI) Application of Evaluated Products and Solutions Support of a Layered Defense Strategy
  3. • Defend the Computing Environment is an example of a layered defense. The inner Firewalls may support (e.g. provide access controls on hosts and servers to resist insider, close-in, more granular access control and and distribution attacks). data filtering. b) Layered Defenses. Even the best c) Specify the security robustness available Information Assurance (strength and assurance) of each products have inherent weaknesses. Information Assurance component as So, it is only a matter of time before a function of the value of what’s it is an adversary will find an exploitable protecting and the threat at the point of application. For example, it’s Examples of Layered Defenses often more effective and Class of First Line of Second Line of operationally suitable to deploy Attack Defense Defense stronger mechanisms at the network Passive Link & Network Layer Security Enabled boundaries than at the user desktop. Encryption and Applications Traffic Flow Security Active Defend the Enclave Defend the Computing Boundaries Environment d) Deploy robust key management and Insider Physical and Personnel Authenticated Access public key infrastructures that Security Controls, Audit Close-In Physical and Personnel Technical Surveillance support all of the incorporated Security Countermeasures Distribution Trusted Software Run Time Integrity Information Assurance technologies Development and Controls and that are highly resistant to attack. Distribution This latter point recognizes that these infrastructures are lucrative targets. vulnerability. An effective countermeasure is to deploy multiple e) Deploy infrastructures to detect defense mechanisms between the intrusions and to analyze and adversary and his target. Each of correlate the results and react these mechanisms must present accordingly. These infrastructures unique obstacles to the adversary. should help the “Operations” staff to Further, each should include both answer questions such as: Am I “protection” and “detection” under attack? Who is the source? measures. These help to increase What is the target? Who else is risk (of detection) for the adversary under attack? What are my options? while reducing his chances of success or making successful Operations. The operations leg penetrations unaffordable. focuses on all the activities required to Deploying nested Firewalls (each sustain an organization’s security coupled with Intrusion Detection) at posture on a day to day basis. outer and inner network boundaries
  4. of initiatives to support the Defense in Depth strategy. These include: Information Assurance a) The Information Assurance Defense In Depth Strategy Technical Framework. This Operations People Technology document provides detailed Information Assurance guidance for • Security Mgmt. • Security Policy • ASW&R • Certification and • Key Management each of the Defense in Depth focus • Recovery & • Readiness Accreditation Reconstitution Assessments areas. It is available at Enforce Security Policy Respond Quickly to Intrusions Restore Critical Services b) The National Information Assurance Partnership (NIAP). This is a These include: partnership between NSA and NIST a) Maintaining visible and up to date to foster the development of the system security policy International Common Criteria (an b) Certifying and accrediting changes to ISO standard) and to accredit the Information Technology commercial laboratories to validate baseline. The C&A processes should the security functions in vendor’s provide the data to support “Risk products. Information on this Management” based decisions. activity is available at These processes should also acknowledge that a “risk accepted by c) Common Criteria Protection Profiles. one is a risk shared by many” in an These are documents that interconnected environment. recommend security functions and c) Managing the security posture of the assurance levels using the Common Information Assurance technology Criteria. They are available for a (e.g. installing security patches and wide range of commercially virus updates, maintaining access available technologies and can be control lists) accessed at the IATF or the NIAP d) Providing key management services web sites listed above. and protecting this lucrative d) List of Evaluated Products. These infrastructure are lists of commercial Information e) Performing system security Assurance products that have been assessments (e.g. vulnerability evaluated against the Common scanners, RED teams) to assess the Criteria. The lists are maintained by continued “Security Readiness” NIST and are available at the NIAP f) Monitoring and reacting to current web site. threats e) Configuration Guidance. These g) Attack sensing, warning, and documents, being prepared by NSA, response contain recommended configurations h) Recovery and reconstitution for a variety of commonly used commercial products. Additional Resources. The National Security Agency, with support from other U.S. Government Agencies and U.S. Industry, has undertaken a number
  5. f) Glossary of Terms. The National Information Systems Security (INFOSEC) Glossary, dated September 2000, can be found at: 009.pdf Feedback. Please address questions or comments on this paper by email to or by mail to: National Security Agency Attention: Information Assurance Solutions Group – STE 6737 9800 Savage Road Fort Meade, MD 20755-6737
Đồng bộ tài khoản