Cyber Security Principles and Its Challenges in 21st Century – Part 2

SECURITY PRINCIPLES:

 In my previous blog, I discussed some of the vulnerabilities around cyber security and in this one I will talk about on some security principles if applied will yield significant benefits in preventing massive hacking attacks but the problem of hacking must be solved in almost N dimension and we are talking given knowledge of industry in 3-5 dimensions using Firewall, IDS, DDoS and other techniques but not enough to thwart any hacking attacks completely.

So, in this blog, I will describe the basic principles that need to be adopted worldwide in managing corporate enterprises and securing their networks and services. Subsequent blogs will provide examples of how each of these principles is put into practice.

Enterprise corporations should adhere to the following core security principles:

•  Defense in Depth: One of the fundamental security design principles for service providers is a “Defense-in-Depth” strategy. This strategy provides a multi-layered secure environment. Defense-in-Depth ensures that many integrated mechanisms provide multiple levels of protection against attacks. Should one security mechanism be breached, other mechanisms continue to provide protection and prevent or limit the potential damage.

•  Prevention:  Service providers should focus on preventing network attacks by designing security into every network and service from the start, from architecture to deployment. They need to use the best available methods and technology, and they must design networks with security as a primary concern. Service providers should adopt measures to ensure that their network, systems, and services are secure against all known attacks.

•  Security Management: Service providers should focus on deploying a variety of methods and systems for dealing with the evolving security environment. Areas of interest should include software management and system integrity; configuration management, traffic measurement and detection; response and mitigation; and post-event analysis and remediation. As part of this effort, providers will need to bring intelligence into the IP network to eliminate the costly inefficiencies of deploying security solutions at the edge of the network.

•  Innovation Transfer: Service providers need to treat its enterprise network and infrastructure as a “living laboratory” where innovations are put into place and rigorously tested for feasibility, scalability, and reliability. They need to continue developing and implementing security innovations on their enterprise network first, and then extend those technologies to the networks and services provided to customers. A number of innovations discussed below were developed in this fashion.

Designing Security:  Rigorous Processes

For many service providers and enterprise networks worldwide, security begins with security policy and requirements (ASPR). This family of policies and practices governs security in every service, from operating systems to operations. For each new service or feature, the service provider’s security team works closely with product management, systems architects and engineers, developers, and testers to ensure that security is built into the service or feature. For new services, the security team leads formal reviews that include subject matter experts (SMEs) for the services working closely with expert reviewers from the service providers’ security community.

Designing Security:  Domain Separation

Service providers — as corporations and IP services suppliers — employ the principle of domain separation for their internal networks and for managing customer networks. Domain separation ensures that communications between domains are allowed only as authorized. Communications travel through designated gateways, which can detect suspicious activity and block it if necessary. If one domain is compromised in a security incident, domain separation protects the other domains from compromise and contains the incident, limiting the damage.

While networks and the Internet are generally perceived as being all about openness, in practice there is no real business need for everyone on a company’s network to access everything on that network. Common examples are the HR and Payroll records – they need to be protected rather than shared with all the company’s employees. The same principle applies to systems and whole networks. Different systems and networks have different characteristics, access needs, and personnel. Systems that access the Internet have different protection needs from systems that are completely internal to the company. It’s clear that different systems should be treated as separate entities, each with its own protection needs and level of trust. An entity that comprises one or more systems and networks, all with a common function, constitutes a domain. Each domain must have a set of rules for communication within the domain and another set for communication outside the domain.

Domain separation entails allowing communications between two domains to occur in a tightly controlled manner, through only a few communication points and under close scrutiny based on the type of traffic, its source, destination and volume. These few communication points are usually called choke points, or more generically security gateways, and the rules applied at each are called choke filtering. Service providers should employ this practice extensively within their corporate intranet as well as on their various service networks and between operational networks and network management infrastructures. Network management domains are strictly separated from the operational networks themselves.

Service provider points of presence should be built with multiple security zones. Within the buildings themselves only authorized technicians would be able to access equipment on an as-needed basis; visiting technicians and employees must be escorted at all times. Network equipment from different network layers (such as transport and IP) is secured in separate rooms with additional physical security mechanisms.

Service providers’ Internet data centers must be built in data center facilities that are designed for security. The data center architecture should include several logical zones for security. Each zone should have different requirements for security and be segmented so that traffic cannot leak between zones. Various complementary mechanisms would be deployed to maintain segmentation.

In my next blog, I will discuss more of designing security including Hardening Infrastructure Elements within the network environment.

Dr. Eslambolchi