Security as Infrastructure

Presented at USENIX LISA (Boston) on Dec 11, 1998


Click here to start


Table of Contents

Security as Infrastructure

Are you “shooting rabbits”?

Strategic versus Tactical

Overview

What is going on “out there” today?

Threat Pyramid

Sophistication Trends

System Administrator Workload

“Us” vs.. “Them

Which intrusion methods are working?

The herd effect

Good System Administration is Good Security

What kind of automation?

Automate configuration management

automate policy checking

Automated anomaly detection

“Professional” System Management

Share

Security Infrastructure

What is a security architecture?

What are the components?

Risk Analysis

Security Policy

Procedures

Network Architecture

Good Network Design

More Good Network Design

Bad Network Design

More Bad Network Design

A detour - “Trust”

Multiple Layers of Trust

Less trusted

More trusted

Critical

A possible network architecture

Configuration Management

The tough questions

User Authentication

Monitoring

Why do you monitor?

How do you monitor?

How much monitoring?

One example - SDSC

Risk (Threat) Analysis

Identify “Themes”

Design Requirements

More Design Requirements

Even More Requirements

Policies and Procedures

Policy checking software

Network Architecture

Configuration Management

Monitoring - System Logs

Logging Activity

Monitoring - Networks

More network monitoring

User Authentication

Must give users a choice

Plaintext passwords

“Safe” user authentication

DCE

Kerberos Version 5

Secure Shell (SSH)

SecurID

SNK tokens

S/Key

How do I deploy?

Social Considerations

Technical Considerations

Big Bang

Slow and Steady

Conclusions

More conclusions

Some Places to Visit

 Author: tep

Email: tep@sdsc.edu

Home Page: http://www.sdsc.edu/~tep