Details

Risk Propagation Assessment for Network Security


Risk Propagation Assessment for Network Security

Application to Airport Communication Network Design
1. Aufl.

von: Mohamed Slim Ben Mahmoud, Nicolas Larrieu, Alain Pirovano

139,99 €

Verlag: Wiley
Format: EPUB
Veröffentl.: 08.04.2013
ISBN/EAN: 9781118581018
Sprache: englisch
Anzahl Seiten: 144

DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

<p>The focus of this book is risk assessment methodologies for network architecture design. The main goal is to present and illustrate an innovative risk propagation-based quantitative assessment tool. This original approach aims to help network designers and security administrators to design and build more robust and secure network topologies. As an implementation case study, the authors consider an aeronautical network based on AeroMACS (Aeronautical Mobile Airport Communications System) technology. AeroMACS has been identified as the wireless access network for airport surface communications that will soon be deployed in European and American airports mainly for communications between aircraft and airlines. It is based on the IEEE 802.16-2009 standard, also known as WiMAX.<br />The book begins with an introduction to the information system security risk management process, before moving on to present the different risk management methodologies that can be currently used (quantitative and qualitative). In the third part of the book, the authors’ original quantitative network risk assessment model based on risk propagation is introduced. Finally, a network case study of the future airport AeroMACS system is presented. This example illustrates how the authors’ quantitative risk assessment proposal can provide help to network security designers for the decision-making process and how the security of the entire network may thus be improved.</p> <p>Contents</p> <p>Part 1. Network Security Risk Assessment<br />1. Introduction to Information System Security Risk Management Process.<br />2. System Security Risk Management Background.<br />3. A Quantitative Network Risk Management Methodology Based on Risk Propagation.<br />Part 2. Application to Airport Communication Network Design<br />4. The AeroMACS Communication System in the SESAR Project.<br />5. Aeronautical Network Case Study.</p>
<p>LIST OF FIGURES ix</p> <p>LIST OF TABLES xiii</p> <p>INTRODUCTION xv</p> <p><b>PART 1. NETWORK SECURITY RISK ASSESSMENT 1</b></p> <p><b>CHAPTER 1. INTRODUCTION TO INFORMATION SYSTEM SECURITY RISK MANAGEMENT PROCESS 3</b></p> <p>1.1. On the importance of network security for network designers 5</p> <p>1.2. On the impact of risk assessment in the decision-making process for network security designers 6</p> <p>1.3. Quantitative versus qualitative risk assessment approaches 7</p> <p>1.4. Network security risk propagation concept 10</p> <p>1.4.1. Impact of node correlation 10</p> <p>1.4.2. Network security risk transitivity 11</p> <p>1.4.3. Network security risk propagation illustrative case 12</p> <p><b>CHAPTER 2. SECURITY RISK MANAGEMENT BACKGROUND 17</b></p> <p>2.1. Qualitative security risk management methods 18</p> <p>2.1.1. CRAMM 18</p> <p>2.1.2. OCTAVE 18</p> <p>2.1.3. EBIOS 19</p> <p>2.1.4. MEHARI 19</p> <p>2.1.5. CORAS 20</p> <p>2.1.6. Discussion 20</p> <p>2.2. Quantitative security risk assessment approaches 20</p> <p>2.3. Toward a quantitative propagation-based risk assessment methodology 25</p> <p><b>CHAPTER 3. A QUANTITATIVE NETWORK RISK ASSESSMENT METHODOLOGY BASED ON RISK PROPAGATION 27</b></p> <p>3.1. Quantifying methodology parameters 27</p> <p>3.1.1. Network risk decomposition 28</p> <p>3.1.2. Node value 29</p> <p>3.1.3. Enhanced node value 30</p> <p>3.1.4. Impact of threats 30</p> <p>3.1.5. Likelihood of threats 32</p> <p>3.2. Network security risk assessment process 36</p> <p>3.3. Conclusion 39</p> <p><b>PART 2. APPLICATION TO AIRPORT COMMUNICATION NETWORK DESIGN 41</b></p> <p><b>CHAPTER 4. THE AEROMACS COMMUNICATION SYSTEM IN THE SESAR PROJECT 43</b></p> <p>4.1. Overview of the European SESAR project 43</p> <p>4.2. Overview of aeronautical communications operating concept and requirements 44</p> <p>4.3. Introduction to the AeroMACS communication system 47</p> <p>4.3.1. AeroMACS protocol stack 48</p> <p>4.3.2. AeroMACS reference network architecture 50</p> <p>4.3.3. AeroMACS security considerations 52</p> <p>4.3.3.1. Analysis of AeroMACS security weaknesses 53</p> <p>4.3.4. AeroMACS reference network topology 55</p> <p>4.3.4.1. Isolated AeroMACS network architecture 55</p> <p>4.3.4.2. End-to-end AeroMACS network architecture 56</p> <p><b>CHAPTER 5. AERONAUTICAL NETWORK CASE STUDY 59</b></p> <p>5.1. Experimental parameters 59</p> <p>5.1.1. Testbed infrastructure 59</p> <p>5.1.2. Aeronautical node values instantiation 61</p> <p>5.1.3. Aeronautical services instantiation 62</p> <p>5.1.4. Isolated vs. end-to-end emulation scenarios 63</p> <p>5.2. AeroMACS case study: experimental results 63</p> <p>5.2.1. Main inputs for emulation scenarios 63</p> <p>5.2.2. Isolated AeroMACS scenario: preliminary results 63</p> <p>5.2.2.1. Individual risks 63</p> <p>5.2.2.2. Propagated risks 68</p> <p>5.2.2.3. Node and network risks 70</p> <p>5.2.3. Isolated AeroMACS scenario: EAP vs. RSA sub-scenario 72</p> <p>5.2.4. Preliminary AeroMACS security enhancement guidance 76</p> <p>5.2.5. AeroMACS implementation improvements: isolated scenario without operational server vulnerabilities 77</p> <p>5.2.5.1. Experimental inputs 78</p> <p>5.2.5.2. Network topology 78</p> <p>5.2.5.3. Vulnerability statistics 79</p> <p>5.2.5.4. Individual risk results 81</p> <p>5.2.5.5. Propagated risk results 81</p> <p>5.2.5.6. Network risk results 83</p> <p>5.2.6. AeroMACS topological improvements: isolated scenario with two ASN gateways 84</p> <p>5.2.6.1. Experimental inputs 84</p> <p>5.2.6.2. Network topology 85</p> <p>5.2.6.3. Vulnerability statistics 85</p> <p>5.2.6.4. Individual risk results 85</p> <p>5.2.6.5. Propagation risk results 87</p> <p>5.2.6.6. Network risk results 89</p> <p>5.2.7. Scenario with end-to-end AeroMACS topology 91</p> <p>5.2.7.1. Experimental inputs 91</p> <p>5.2.7.2. Network topology 92</p> <p>5.2.7.3. Vulnerability statistics 93</p> <p>5.2.7.4. Individual risk results 95</p> <p>5.2.7.5. Propagated risk results 97</p> <p>5.2.7.6. Network risk results 97</p> <p>5.3. Improving AeroMACS network security 99</p> <p>5.3.1. DHCP security 101</p> <p>5.3.2. Mobile IP security 103</p> <p>CONCLUSION 109</p> <p>BIBLIOGRAPHY 111</p> <p>INDEX 117</p>
<p><b>Mohamed Slim Ben Mahmoud</b> is a research engineer for the research group ResCo at the TELECOM laboratory of ENAC, the French national institution for civil aviation.</p> <p><b>Nicolas Larrieu</b> is a teacher and researcher at the research group ResCo at the TELECOM laboratory of ENAC.</p> <p><b>Alain Pirovano</b> is a teacher and researcher and head of the research group ResCo at the TELECOM laboratory of ENAC.</p>

Diese Produkte könnten Sie auch interessieren:

Foundations of Electromagnetic Compatibility
Foundations of Electromagnetic Compatibility
von: Bogdan Adamczyk
PDF ebook
117,99 €
Human Bond Communication
Human Bond Communication
von: Sudhir Dixit, Ramjee Prasad
EPUB ebook
105,99 €
Computer Vision in Vehicle Technology
Computer Vision in Vehicle Technology
von: Antonio M. López, Atsushi Imiya, Tomas Pajdla, Jose M. Álvarez
PDF ebook
81,99 €