tailieunhanh - Northrop Grumman Cybersecurity Research Consortium (NGCRC)

Northrop Grumman Cybersecurity Research Consortium (NGCRC) includes Problem Statement, Benefits of Proposed Research, State of the Art, Year 5 Final Report, Year 6 Proposal (Technical Approach Overview, Active Bundles for Data Privacy, Active Bundles for Identity Management,.). | Northrop Grumman Cybersecurity Research Consortium (NGCRC) 2014 Fall Symposium Outline Problem Statement Benefits of Proposed Research State of the Art Year 5 Final Report Methodology Results Impact Demo Year 6 Proposal Technical Approach Overview Active Bundles for Data Privacy Active Bundles for Identity Management Agile Defense Management Approach Anomaly Detection Resiliency and Adaptability Dynamic Service Reconfiguration Moving Target Defense Proposed Deliverables Collaboration Possibilities 1 2 Trust Domain PII PII Service A Service B Service C PII Service D Problem Domain: Typical SOA Scenario Service Level Agreements / Security Policies Enforced Potentially malicious PII: Personally identifying information Services may outsource part of their functionality to other services There is no control over the sharing of PII and service invocations outside the trust domain Problem Statement A new threat landscape (large attack surface) Diverse security administration domains Security across organizational boundaries Any service may outsource part of its functionality to other services Chain of service invocations Service consumer only interacts only with the first service in the invocation chain Businesses place a lot of trust in their partners (trust is not transitive!) Consumer has no knowledge of or control over the invoked services in the invocation chain Some of these services may be untrusted for the consumer User cannot specify the service invocation policies Violations and malicious activities in a trusted service domain remain undetected External services are not verified or validated dynamically (uninformed selection of services by user) Malicious activity may cause service disruptions 3 Benefits of Proposed Research This research proposes a novel method of dealing with security problems in SOA: Monitoring all interactions among services in the enterprise Provides increased awareness of security violations Proactive treatment of potentially malicious . | Northrop Grumman Cybersecurity Research Consortium (NGCRC) 2014 Fall Symposium Outline Problem Statement Benefits of Proposed Research State of the Art Year 5 Final Report Methodology Results Impact Demo Year 6 Proposal Technical Approach Overview Active Bundles for Data Privacy Active Bundles for Identity Management Agile Defense Management Approach Anomaly Detection Resiliency and Adaptability Dynamic Service Reconfiguration Moving Target Defense Proposed Deliverables Collaboration Possibilities 1 2 Trust Domain PII PII Service A Service B Service C PII Service D Problem Domain: Typical SOA Scenario Service Level Agreements / Security Policies Enforced Potentially malicious PII: Personally identifying information Services may outsource part of their functionality to other services There is no control over the sharing of PII and service invocations outside the trust domain Problem Statement A new threat landscape (large attack surface) Diverse security administration domains Security