Adaptive Risk Management System (ARMS) - PowerPoint PPT Presentation

Loading...

PPT – Adaptive Risk Management System (ARMS) PowerPoint presentation | free to view - id: 7bfb61-MzY1Y



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Adaptive Risk Management System (ARMS)

Description:

Adaptive Risk Management System (ARMS) Mihaela Ulieru Network and Information Security Workshop, Halifax – PowerPoint PPT presentation

Number of Views:96
Avg rating:3.0/5.0
Slides: 59
Provided by: Mihae9
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Adaptive Risk Management System (ARMS)


1
Adaptive Risk Management System (ARMS)
  • Mihaela Ulieru

Network and Information Security Workshop, Halifax
2
IMMUNITY IN CYBERSPACE
Information Ecosystem (Global Open Dynamic
Interactive EVERYONE)
New Business Models (Strategic Partnerships)
Self-Organizing
Mirroring Biological Behavior
SOFTWARE-DRIVEN
NEW THREATS!
3
Victim or Perpetrator ?
  • Only those who risk going too far can possibly
    find out how far one can go T. S. Elliott
  • VICTIM can you trust your computer?
  • PERPETRATOR how far can I go without being
    caught?

4
Risk Management Approach to Security
  • Risk management is at the core of security and
    trust
  • Risk analysis - the process of evaluating system
    vulnerabilities and the threats facing it
  • Risk analysis involves ability to trust our
    judgement as well as the reliability and security
    or predictability of the environment in which the
    analysis is performed.
  • We must also be able to trust that our privacy is
    not at risk.

5
CIP Framework http//www2.nr.no/coras/
CORAS A Platform for Risk Analysis of
Security-Critical Systems
6
  • Risk analysis aids in developing a security
    strategy and provides the basis for establishing
    a cost-effective security program that minimizes
    the effects of risk.

7
Integrated Approach to Security
8
Security Risk Analysis
  • Should indicate
  • (1) the current level of risk (Risk metrics),
  • (2) the likely consequences, and
  • (3) what to do about it if the residual risk is
    too high.

9
Risk Metrics
10
Risk Analysis Terminology
  • Asset - Anything with value and in need of
    protection.
  • Threat - An action or potential action with the
    propensity to cause damage.
  • Vulnerability - A condition of weakness. If there
    were no vulnerabilities, there wouldbe no concern
    for threat activity.
  • Countermeasure - Any device or action with the
    ability to reduce vulnerability.
  • Expected Loss - The anticipated negative impact
    to assets due to threat manifestation.
  • Impact - Losses as a result of threat activity
    are normally expressed in one or moreRisk
    Analysis Terminology
  • Impact areas Four areas are commonly used
    Destruction, Denial of Service, Disclosure, and
    Modification.

11
Security Risk Analysis
  • Examination of the interrelationships between
    assets, threats, vulnerabilities, and
    countermeasures to determine the current level of
    risk.
  • Residual risk the level of risk that remains
    after consideration of all in-place
    countermeasures, vulnerability levels, and
    related threats.
  • Ultimately, it is the residual risk that must be
    accepted as is or reduced to a point where it
    can be accepted.

12
Security Risk Analysis
13
Risk Assessment
  • Identifies plausible threats, vulnerabilities,
    and potential consequences.
  • Process that identifies the probable consequences
    or risks associated with the vulnerabilities and
    provides the basis for establishing a
    cost-effective security program.

14
Risk Management
  • The process of implementing and maintaining
    countermeasures that reduce the effects of risk
    to an acceptable level.
  • Consists of the spectrum of decisions made and
    actions taken to prevent, mitigate, or manage
    adverse consequences if potential threats become
    reality and exploit identified vulnerabilities.

15
Risk Assessment
  • Includes the following steps
  • Identifying core service processes
  • Identifying critical assets (including
    supporting information technology systems) that
    support those core processes
  • Identifying the potential threats to and
    vulnerabilities of those critical assets

16
Risk Analysis
  • Identifies the existing security controls,
    calculates vulnerabilities, and evaluates the
    effect of threats on each area of vulnerability.
  • Procedure attempts to strike an economic balance
    between the impact of risks and the cost of
    security solutions intended to manage them

17
Key Elements
  • All risk analysis methodologies enable system
    users to compare possible losses to their agency
    with the cost of countermeasures (a.k.a.
    safeguards or controls) designed to protect
    against those losses.

18
KEY FACTORS
  • To be useful, a risk analysis methodology should
    produce a quantitative statement of the impact of
    a risk or the effect of specific security
    problems. The three key elements in risk analysis
    are
  • (1) A statement of impact or the cost of a
    specific difficulty if it happens,
  • (2) A measure of the effectiveness of in-place
    countermeasures, and
  • (3) A series of recommendations to correct or
    minimize identified problems.

19
Supply Networks
20
Network Optimization Theory
  • Capacitated network flow model (removing a fixed
    number of nodes)
  • Minimum cost flow model (interdiction reduces
    capacity and increases cost flow along an arc)
  • Shortest path model optimal set of arcs to be
    monitored so as to cost-effectively detect an
    evader

21
Threat Sources
22
Network Safeguarding
  • Determine the frail links and nodes with respect
    to a given type of threat and add resources (e.g.
    sensors) to detect and thwart threats
  • ? Where do we place the sensors
  • Security-aware design of supply networks
    capture the effect of safeguarding constraint on
    parameters and network cost

23
Functional Ecomap of ARMS
24
Human Immune Response System
Recognition
Defence
25
Artificial Immune Response System
26
Autonomic Risk Management System (ARMS)
27
Functional View of ARMS
28
Immune Cyberspace Extended to an Immune World
29
ARMS Framework
30
Risk Holarchy
31
Emergency Response Holarchy
32
Support Holarchy
33
Cybersecurity Holarchy
34
CHALLENGES
  • Can a trusted access capability be built into
    security protected environments, enabling
    emergency help (medical, fire brigade and police)
    to intervene when life-critical help is at stake?
  • How can we decide on the appropriate policies,
    strategies, architectures and allocation of
    resources in the absence of an assumed rationale
    for threat?
  • Across an open, large community, how can
    knowledge be securely exchanged over time, as the
    community evolves and data and trust change?
  • How can we manage the security associated with
    spontaneous cooperation without imposed or
    predefined fixed roles and rules?
  • Can the ideal of running secure applications on
    an insecure network be reached? Can we include
    liability in the design rationale?

35
Purpose
  • To create an agent-wireless network which endowed
    with a proper Ontology be able to exchange
    information, first in simulated emergencies then
    in a real emergency.

36
Technology Involved
  • JADE (Java Agent DEvelopment Framework) 4 is a
    software framework fully implemented in Java
    language. It simplifies the implementation of
    multi-agent systems through a middle-ware that
    claims to comply with the FIPA specifications and
    through a set of tools that supports the
    debugging and deployment phase
  • LEAP (Lightweight Extensible Agent Platform) 5
    The synergy between the JADE platform and the
    LEAP libraries allows to obtain a FIPA-compliant
    agent platform with reduced footprint and
    compatibility with mobile Java environments down
    to J2ME-CLDC
  • J2ME (Java 2 Platform, Micro Edition) 6
  • CLDC (Connected, Limited Device Configuration)
  • MIDP (Mobile Information Device Profile)
  • JAVA-enabled PDAs and Cell Phones

37
Distributed System
  • Problems
  • Different Network Protocols
  • Proprietary Code
  • No interaction possible

38
Multi-Agent Approach
  • Advantages
  • Interoperability
  • Standardized (FIPA)
  • Expandability
  • JAVA-based

39
Deployed Platform
Planet-Lab Node (planetlab2.enel.ucalgary.ca1099)
JADE-LEAP Server
Hospital Manager Agents
Ambulance Manager Agent
GPRS
Windows Station

Internet
DB1
Nokia 6600
Bluetooth
Linux Station
Fortuna GPSmart
GPS
DB2
40
Developed Application
  • Messages Screen

41
Developed Application
42
SECURITY HOLARCHY
43
EXAMPLE
44
Wireless Network
?
?
?
PAN
LAN
WAN
45
Scalable Secure Web Based Services for e-Health
Static Environment
46
E-Health Holarchy

47
ARMS as an Autonomic Computing System
  • The system must know itself in terms of what
    resources it has access to, what its capabilities
    and limitations are and how and why it is
    connected to other systems.
  • This is achieved by the Risk Management Database,
    which continuously stores and dynamically updates
    information about systems status and its
    environment, through the adaptive risk agents,
    and by the Risk Agent Determination of Risks
    component.
  • The system must be able to automatically
    configure and reconfigure itself depending on the
    changing computing environment. This is achieved
    via the controlled emergence within the Holarchic
    structure.
  • The system must be able to optimize its
    performance to ensure the most efficient
    computing process. The controlled emergence
    mechanism, guarantees optimality of resources
    used as well as maximal efficiency in task
    accomplishment.

48
The Case for Autonomic Computing
  • The system must be able to work around
    encountered problems by either repairing itself
    or routing functions away from the trouble. This
    is achieved via the inter-holarchic interaction
    between the risk management, infrastructure and
    support holarchies.
  • The system must detect, identify and protect
    itself against various types of attacks to
    maintain overall system security and integrity.
    ARMS was designed with this purpose in mind, each
    of its holarchies working collaboratively at
    various levels of resolution to accomplish this.
  • The system must be able to adapt to its
    environment as it changes, interacting with
    neighbouring systems and establishing
    communication protocols. The Adaptive Risk
    Agents, ensure the fulfilment of this
    requirement, using the mechanism provided by the
    Risk Agent Determination of Risk component.

49
The Case for Autonomic Computing
  • The system must rely on open standards. The
    open-systems approach to ARMS design is
    transparent in the functional ecomap, which
    emphasizes ARMS continuous communication with the
    outside world via an agent-exchange osmosis
    process. In all our implementations we are using
    the FIPA (Foundation for intelligent Physical
    Agents) open standard for agent implementation,
    which ensures this requirements fulfilment.
  • The system must anticipate the demand on its
    resources while keeping transparent to users. The
    anticipatory feature is ensured by the middle
    ARMS component, which continuously uses the risk
    management agents to collect information from the
    external (and internal) environment and allocates
    resources optimally via the controlled emergence
    mechanism.

50
CONCLUSIONS
  • Applying life emergence approach to the virtual
    societies living in Cyberspace endows them with
    behavioral properties characteristic to natural
    systems.
  • Entropy minimization induces self-organization
    properties
  • Selection enables evolution of the virtual
    organization in Cyberspace (like a social
    organism) by autocatalytic mating with new
    partners, as they are discovered in a continuous
    incremental improvement search process.

51
OVERALL CHALLENGES
  • Can pathological emergent behavior of the total
    system, arising from the interactions between
    people, agents, objects, and their various
    policies, be avoided?
  • How do we translate the interaction of agents in
    different contexts and environments into machine
    understandable language?
  • How do we express and code sufficient real world
    semantics when the scope of interaction between
    agents is too broad or not predefined?

52
Questions
53
(No Transcript)
54
(No Transcript)
55
(No Transcript)
56
(No Transcript)
57
eRisk
  • Digital Risk Management resolves the complexity
    associated with implementing digital solutions
    and measuring their performance through Service
    Level Management. It includes selecting the
    optimum technology set, managing external
    partners and alliances, linking payments to
    targets, defining rigorous quality control
    procedures, managing system availability,
    achieving the expected return on investment, and
    bringing about changes in corporate culture
    required for successful business.
  • http//www.mi2g.com/cgi/mi2g/pdfs/drm.pdf

58
PROCESS
  • Security policy requires the creation of an
    ongoing information management planning process
    that includes planning for the security of each
    organization's information assets.
  • Risk management is an ongoing, proactive program
    for establishing and maintaining an acceptable
    information system security posture.
  • Once an acceptable security posture is attained
    accreditation or certification, the risk
    management program monitors it through every day
    activities and follow-on security risk analyses.
  • In many cases, the rules, regulations, or
    policies that govern the information security
    program will stipulate when a follow-on risk
    analysis must be done.
About PowerShow.com