Situation Monitoring and Analysis of Security Risk for Networked Services
Wiemer,Douglas
Alcatel
Robert,Jean-Marc
Ecole de Technologie Superieure
McFarlane,Brad
Alcatel
Gustave,Christophe
Alcatel
Chow,Stanley
Alcatel
The complexity of modern networks makes it increasingly hard to understand the potential impact of known security vulnerabilities to a service or mission. As vulnerabilities are published, security and network operations co-operate in an attempt to identify and prioritize actions to mitigate the critical vulnerabilities that will affect their networks. Unfortunately, the tools available are still weak in their ability to understand service or mission interdependence, application interdependence, the impact of connectivity topology and the multiple layers of software that support the service or mission goals.
In this environment, better situational analysis of the impact of known vulnerabilities on the service or mission would provide operations the ability to prioritize actions, in advance of a compromise. Through prioritization, the most efficient response to known weaknesses can mitigate the risk and improve the overall security of the network.
This paper discusses a model of security situational analysis that allows for the effective prioritization of security vulnerabilities for action by operations. Key topics include the analysis of the application interdependence at all levels from within the individual systems to the higher level service or mission interdependence.
The research associated with this paper is the result of collaboration between Alcatel and Defence R&D Canada (DRDC) under the Defence Industrial Research (DIR) Program. Alcatel would like to express its thanks to DRDC, an agency within the Department of National Defence, for its support and efforts.
Douglas Wiemer entered the Canadian Forces (CF) in 1986 and graduated from the Royal Military College of Canada (RMC) Electrical Engineering program in 1990, later completing his master’s degree in Computer Engineering, also from RMC. He served with the CF as a Communications Officer in the Air Force until 1997. During this time he provided network security support to several C4I programs.
In 1997, Mr. Wiemer took a position as a senior systems engineer with SAIC Canada. At SAIC, he performed various network and security engineering roles. Among the assignments, he was Program Manager for the SAIC role in the Canadian Department of National Defence (DND) Year 2000 Operational Readiness Program. This program used a security threat and risk approach to evaluate the service risk to DND missions posed by the potential failure of mission critical systems.
In 2000, Mr. Wiemer left SAIC to join the Alcatel SVPN team and was lead for development of a cryptographic module for an IPSec product. Since 2002, he has been a manager in the Alcatel Research and Innovation (R&I) group. He currently manages the R&I Security Research team, the team responsible for the delivery of the research associated with this paper.