Engineering Information Security: The Applicationof Systems Engineering Concepts to Achieve Information Assurance
Buy Rights Online Buy Rights

Rights Contact Login For More Details

  • Wiley

More About This Title Engineering Information Security: The Applicationof Systems Engineering Concepts to Achieve Information Assurance

English

Information security is the act of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction. This book discusses why information security is needed and how security problems can have widespread impacts. It covers the complete security lifecycle of products and services, starting with requirements and policy development and progressing through development, deployment, and operations, and concluding with decommissioning. Professionals in the sciences, engineering, and communications fields will turn to this resource to understand the many legal, technical, competitive, criminal and consumer forces and influences that are rapidly changing our information dependent society.

If you’re a professor and would like a copy of the solutions manual, please contact [email protected].

The material previously found on the CD can now be found on www.booksupport.wiley.com.

English

Stuart Jacobs is Principal Consultant for YCS Consulting LLC and a Lecturer at Boston University Metropolitan College. He serves as an Industry Security Subject Matter Expert for the Telecommunications Management and Operations Committee (TMOC) of the Alliance for the Telecommunications Industry Solutions (ATIS). Mr. Jacobs has also served as a technical editor of ATIS Joint Committee Technical Reports and ITU-T Recommendations.

English

Preface and Acknowledgments xxiii

1WHAT IS SECURITY? 1

1.1 Introduction 1

1.2 The Subject of Security 2

1.2.1 Branches of Security 2

1.2.2 Defining Security by Function 5

1.2.2.1 Risk Avoidance 5

1.2.2.2 Deterrence 5

1.2.2.3 Prevention 6

1.2.2.4 Detection 7

1.2.2.5 Recovery 7

1.2.3 The Common Body of Knowledge (CBK) Security Domains 7

1.2.3.1 Access Control Systems and Methodology 8

1.2.3.2 Application and Systems Development Security 9

1.2.3.3 Business Continuity Planning and Disaster Recovery Planning 10

1.2.3.4 Cryptography 10

1.2.3.5 Information Security and Risk Management 11

1.2.3.6 Legal, Regulations, Compliance, and Investigations 11

1.2.3.7 Operations Security 12

1.2.3.8 Physical Security 13

1.2.3.9 Security Architecture and Models 14

1.2.3.10 Telecommunications and Network Security 14

1.2.3.11 CBK Summary 15

1.3 A Twenty-First Century Tale 15

1.3.1 The Actors 15

1.3.1.1 Bob’s Story 15

1.3.1.2 Carol’s Story 16

1.3.1.3 Alice’s Story 17

1.3.2 What Actually Occurred 17

1.3.3 How Could All This Have Been Prevented? 19

1.3.4 They Did Not Live Happily Ever After 20

1.4 Why are You Important to Computer Security? 21

1.4.1 What are the Threats to Your Computer? 22

1.4.2 As a User, What to Do? 23

1.5 End of the Beginning 23

1.6 Chapter Summary 25

1.7 Further Reading and Resources 26

1.8 Questions 26

1.9 Exercises 27

2SYSTEMS ENGINEERING 29

2.1 So What Is Systems Engineering? 29

2.1.1 SIMILAR Systems Engineering Process 30

2.1.1.1 Stating the Problem 32

2.1.1.2 Investigate Alternatives and Model the System 33

2.1.1.3 Develop/Integrate 34

2.1.1.4 Launch the System 35

2.1.1.5 Assess Performance 36

2.1.1.6 Re-evaluate 36

2.1.2 Another Systems Engineering View 36

2.1.3 Process Variations 37

2.2 Process Management 37

2.2.1 ISO 9000 Processes and Procedures 39

2.2.2 Capability Maturity Model (CMM) 41

2.3 Organization Environments 44

2.3.1 Economic, Legal, and Political Contexts 44

2.3.1.1 Regulations/Legislation 45

2.3.1.2 Market-Based Regulations 47

2.3.1.3 Technology Evolution 48

2.3.1.4 Customer Demands and Expectations 49

2.3.1.5 Legal Liability 49

2.3.1.6 Competition 49

2.3.1.7 Terrorism and Cyber Crime 49

2.3.2 Business/Organizational Types 50

2.3.2.1 Commercial 51

2.3.2.2 Residential 51

2.3.2.3 Governments 52

2.3.2.4 Nongovernmental Organizations (NGOs) 54

2.3.3 National Critical Infrastructure 54

2.4 Chapter Summary 56

2.5 Further Reading and Resources 57

2.6 Questions 57

2.7 Exercises 58

3FOUNDATION CONCEPTS 59

3.1 Security Concepts and Goals 60

3.1.1 Subjects and Objects 61

3.1.2 What Is Trust? 61

3.1.3 Domains, Security, and Trust 62

3.1.4 Security Goals/Objectives 63

3.1.5 X.800 Security Services 65

3.1.5.1 Authentication 65

3.1.5.2 Access Control 66

3.1.5.3 Confidentiality 66

3.1.5.4 Data Integrity 66

3.1.5.5 Non-Repudiation 67

3.1.6 A Modern Definition of Security Services 67

3.1.6.1 Authentication 68

3.1.6.2 Authorization 68

3.1.6.3 Integrity 68

3.1.6.4 Availability 69

3.1.6.5 Accountability 71

3.1.6.6 Privacy as a Security Service 72

3.1.6.7 Service Mapping and Application of Services 72

3.2 Role of Cryptology in Information Security 79

3.2.1 Cryptographic Hash Algorithms 80

3.2.2 Encryption Algorithms 82

3.2.2.1 Symmetric Encryption 82

3.2.2.2 Asymmetric Encryption 87

3.2.2.3 Encryption Algorithm Performance 90

3.2.3 Cryptanalysis and Other Key Issues 95

3.2.3.1 Cryptanalysis 95

3.2.3.2 Key Randomness 98

3.2.3.3 Key Protection 100

3.2.4 Key Management 100

3.2.4.1 Diffie–Hellmann Key Distribution 102

3.2.5 Cryptographic Authentication 104

3.2.5.1 Challenge-Response Technique 105

3.2.5.2 Message Authentication Code Technique 108

3.2.5.3 Digital Signature Authentication Technique 110

3.3 Key Management Revisited 111

3.4 Chapter Summary 113

3.5 Further Reading and Resources 113

3.6 Questions 114

3.7 Exercises 117

4AUTHENTICATION OF SUBJECTS 119

4.1 Authentication Systems 119

4.1.1 Kerberos-Based Authentication 120

4.1.2 Public-Key Infrastructure 124

4.1.2.1 X.509 Digital Certificates 125

4.1.2.2 Certificate Authority Hierarchies 126

4.1.2.3 Certificate Generation Requests 133

4.1.2.4 PKI Component Deployment 136

4.1.2.5 Digital Certificate Revocation and

Status Verification 138

4.1.2.6 Certificate Verification 138

4.1.3 Remote Authentication Dial-in User Service 141

4.1.4 Diameter 145

4.1.5 Secure Electronic Transactions (SET) 146

4.1.6 Authentication Systems Summary 150

4.2 Human Authentication 150

4.2.1 What the Subject Has Factor 151

4.2.2 What the Subject Knows Factor 151

4.2.3 What the Subject Is Factor 153

4.2.4 Where the Subject Is Factor 153

4.2.5 Combinations of Factors 153

4.2.6 Example Detailed Security Requirements for Identification and Authentication 154

4.2.7 Proxies for Humans 156

4.2.7.1 Operating Systems 156

4.2.7.2 User Agents 157

4.2.7.3 Single Sign-On (SSO) 157

4.2.7.4 Identity Management (IdM) 159

4.3 Chapter Summary 163

4.4 Further Reading and Resources 163

4.5 Questions 164

4.6 Exercises 166

5SECURITY SYSTEMS ENGINEERING 167

5.1 Security Policy Development 168

5.2 Senior Management Oversight and Involvement 168

5.3 Security Process Management and Standards 168

5.3.1 ISO 27002 170

5.3.1.1 Establishing Organizational Security Policy (Section 5) 170

5.3.1.2 Organizational Security Infrastructure (Section 6) 171

5.3.1.3 Asset Classification and Control (Section 7) 173

5.3.1.4 Personnel Security (Section 8) 174

5.3.1.5 Physical and Environmental Security (Section 9) 176

5.3.1.6 Communications and Operations Management (Section 10) 177

5.3.1.7 Access Controls (Section 11) 178

5.3.1.8 Information Systems Acquisition, Development, and Maintenance (Section 12) 179

5.3.1.9 Information Security Incident Management (Section 13) 180

5.3.1.10 Business Continuity Management (Section 14) 181

5.3.1.11 Compliance (Section 15) 181

5.3.1.12 ISO 27002 Summary 183

5.3.2 ISO 27001 183

5.3.3 An Enterprise Security Policy Example 185

5.4 Information Security Systems Engineering Methodology 185

5.4.1 Existing Asset Inventory and Classification 187

5.4.1.1 Physical Assets 187

5.4.1.2 Logical Assets 188

5.4.1.3 Conceptual Assets 188

5.4.2 Vulnerabilities, Threats, and Risk 189

5.4.2.1 Asset Vulnerabilities 190

5.4.2.2 Organization Threat Profile(s) 200

5.4.3 Risk Management 210

5.4.3.1 Risk Mitigation 211

5.4.3.2 Risk Assignment 218

5.5 Requirements Analysis and Decomposition 218

5.6 Access Control Concepts 221

5.6.1 Subjects, Objects, and Access Operations 222

5.6.2 Access Control Structures 223

5.6.3 Access Control Lists 223

5.6.4 Capability Lists 224

5.6.5 Administrative Tasks in Access Control Methods 225

5.6.5.1 Groups and Permissions 225

5.6.5.2 Protection Rings 226

5.6.6 Role-Based Access Control (RBAC) 227

5.7 Security Modeling and Security-Related Standards 228

5.7.1 Confidentiality Policies and Integrity Policies 228

5.7.2 Bell–LaPadula Model 230

5.7.3 Harrison–Ruzzo–Ullman Extensions to BLP 231

5.7.4 Chinese Wall Model 231

5.7.5 Biba Model 232

5.7.6 Clark–Wilson Model 232

5.7.7 Security Model Summary 235

5.7.8 Security Standards 235

5.7.8.1 Public-Key Cryptography Standards 236

5.7.8.2 Third-Generation Partnership Project 236

5.7.8.3 Third-Generation Partnership Project 2 238

5.7.8.4 Alliance for Telecommunications Industry Solutions 238

5.7.8.5 Cable Television Laboratories, Inc. 239

5.7.8.6 European Telecommunications Standards Institute 239

5.7.8.7 International Organization for Standardization 239

5.7.8.8 ITU Telecommunication Standardization Sector 239

5.7.8.9 Internet Engineering Task Force 240

5.7.8.10 Object Management Group 240

5.7.8.11 Organization for the Advancement of Structured Information Standards 241

5.7.8.12 Parlay Group 241

5.7.8.13 TeleManagement Forum 241

5.7.8.14 World Wide Web Consortium 241

5.8 Chapter Summary 242

5.9 Questions 243

5.10 Exercises 246

6TRADITIONAL NETWORK CONCEPTS 249

6.1 Networking Architectures 249

6.1.1 OSI Network Model 250

6.1.2 Internet Network Model 252

6.2 Types of Networks 254

6.2.1 Local Area Network (LAN) 255

6.2.2 Wireless LAN (WLAN) 256

6.2.3 Metropolitan Area Networks (MAN) 256

6.2.4 Wide Area Networks (WAN) 257

6.2.5 The Internet 259

6.3 Network Protocols 259

6.3.1 Layer 1—Physical 260

6.3.2 Layer 2—Data Link Protocols 260

6.3.2.1 Ethernet 261

6.3.2.2 Virtual Ethernets 262

6.3.2.3 Wireless Networking 264

6.3.2.4 MultiProtocol Label Switching 265

6.3.2.5 Asynchronous Transfer Mode and Frame Relay 267

6.3.2.6 Digital Subscriber Lines 268

6.3.2.7 Optical Networking 269

6.3.2.8 Security in Data Link Layer Protocols 273

6.3.3 Layer 3—Internetworking Layer Protocols 276

6.3.3.1 Address Resolution Protocol 277

6.3.3.2 IP Version 4 278

6.3.3.3 Internet Control Management Protocol 283

6.3.3.4 IPv4 Fragmentation and Related Attacks 285

6.3.3.5 IP Version 6 287

6.3.3.6 Security in Internetworking Layer Protocols 290

6.3.3.7 Example Detailed Security Requirements for Layer 3 292

6.3.4 Layer 4—Transport 292

6.3.4.1 Transmission Control Protocol 292

6.3.4.2 User Datagram Protocol 294

6.3.4.3 Stream Control Transmission Protocol 297

6.3.4.4 Open Shortest Path First 298

6.3.4.5 Security in Transport Layer Protocols 300

6.3.4.6 Example Detailed Security Requirements for Layer 4 302

6.3.5 Layer 5—User Application Protocols 302

6.3.5.1 Initial Internet User Application Protocols 303

6.3.5.2 HyperText Transfer Protocol 303

6.3.5.3 X Windows 305

6.3.5.4 eXtensible Markup Language 305

6.3.5.5 Security in User Application Protocols 308

6.3.5.6 Example Detailed Security Requirements for Layer 5 User Application Protocols 308

6.3.6 Layer 5—Signaling and Control Application Protocols 310

6.3.6.1 MPLS Signaling Protocols 310

6.3.6.2 Border Gateway Protocol 312

6.3.6.3 Mobile IP Routing 312

6.3.6.4 Dynamic Host Configuration Protocol 316

6.3.6.5 Network Time Protocols 318

6.3.6.6 Domain Name System 319

6.3.6.7 Lightweight Directory Access Protocol 320

6.3.6.8 Active Directory 321

6.3.6.9 Security in Signaling and Control Application Protocols 323

6.3.6.10 Example Detailed Security Requirements for Layer 5

Signaling and Control Application Protocols 323

6.3.7 Layer 5—Management Application Protocols 323

6.3.7.1 Simple Network Management Protocol 327

6.3.7.2 Customer Premise Equipment WAN Management Protocol 329

6.3.7.3 Remote Monitoring 329

6.3.7.4 Security in Management Application Protocols 329

6.3.7.5 Example Detailed Security Requirements for Layer 5 Management Application Protocols 331

6.4 Chapter Summary 332

6.5 Further Reading and Resources 332

6.6 Questions 332

6.7 Exercises 334

7 NEXT-GENERATION NETWORKS 335

7.1 Framework and Topology of the NGN 336

7.1.1 Functional Entities and Groups 336

7.1.2 Domains 337

7.1.2.1 Customer Domain 338

7.1.2.2 SP Access Domain 338

7.1.2.3 SP Core/Services Domain 338

7.1.3 Interfaces 338

7.1.4 Protocol Layers, Functional Planes, and Interfaces 340

7.2 The NGN Functional Reference Model 343

7.2.1 Strata 344

7.2.2 Management Functional Group 344

7.2.3 Application Functional Group 345

7.2.4 The Transport Stratum 345

7.2.5 The Service Stratum 348

7.2.6 The Service Stratum and the IP Multimedia Subsystem (IMS) 349

7.3 Relationship between NGN Transport and Service Domains 351

7.4 Enterprise Role Model 353

7.5 Security Allocation within the NGN Transport Stratum Example 356

7.6 Converged Network Management (TMN and eTOM) 357

7.7 General Network Security Architectures 364

7.7.1 The ITU-T X.800 Generic Architecture 365

7.7.2 The Security Frameworks (X.810-X.816) 366

7.7.3 The ITU-T X.805 Approach to Security 366

7.8 Chapter Summary 368

7.9 Further Reading and Resources 368

7.10 Exercises 370

8GENERAL COMPUTER SECURITY ARCHITECTURE 371

8.1 The Hardware Protects the Software 372

8.1.1 Processor States and Status 373

8.1.1.1 Protection on the Motorola 68000 373

8.1.1.2 Protection on the Intel 80386/80486 374

8.1.2 Memory Management 374

8.1.2.1 Fence 375

8.1.2.2 Relocation 375

8.1.2.3 Base/Bounds Registers 376

8.1.2.4 Segmentation 378

8.1.2.5 Paging 380

8.1.2.6 Combining Segmentation and Paging (Virtual Memory) 381

8.1.3 Interruption of Processor Activity 382

8.1.4 Hardware Encryption 383

8.1.4.1 Hardware Security Modules 383

8.1.4.2 Hardware Acceleration Cards 384

8.1.4.3 Hardware Acceleration USB Devices 385

8.1.4.4 Smartcards 385

8.2 The Software Protects Information 386

8.3 Element Security Architecture Description 388

8.3.1 The Kernel 391

8.3.2 Security Contexts 392

8.3.3 Security-Critical Functions 394

8.3.3.1 Security Policy Decision Function (SPDF) 394

8.3.3.2 Authentication Function 395

8.3.3.3 Audit Function 395

8.3.3.4 Process Scheduling Function 396

8.3.3.5 Device Management Functions and Device Controllers 396

8.3.4 Security-Related Functions 397

8.4 Operating System (OS) Structure 397

8.4.1 Security Management Function 399

8.4.2 Networking Subsystem Function 399

8.5 Security Mechanisms for Deployed Operating Systems (OSs) 399

8.5.1 General Purpose (GP) OSs 400

8.5.1.1 Hardware Mechanisms for GP OS Usage 400

8.5.1.2 Software Functional Entities for General Purpose (GP) OS Contexts 400

8.5.2 Minimized General Purpose Operating Systems 402

8.5.2.1 Hardware Mechanisms for Minimized GP OS Usage 413

8.5.2.2 Software Mechanisms for Minimized GP OS Usage 413

8.5.3 Embedded (“Real-Time”) Operating Systems 413

8.5.3.1 Hardware Mechanisms for Embedded OS Usage 413

8.5.3.2 Software Mechanisms for Embedded OS Usage 415

8.5.4 Basic Input–Output Systems (BIOS) 415

8.5.4.1 Hardware Mechanisms for BIOS Usage 415

8.5.4.2 Software Mechanisms for BIOS Usage 421

8.6 Chapter Summary 421

8.7 Further Reading and Resources 425

8.8 Questions 425

8.9 Exercises 426

9COMPUTER SOFTWARE SECURITY 427

9.1 Specific Operating Systems (OSs) 427

9.1.1 Unix and Linux Security 428

9.1.1.1 Login and User Accounts 428

9.1.1.2 Group Accounts 429

9.1.1.3 Set User ID (setuid) and Set Group ID (setgid) 429

9.1.1.4 Access Control 430

9.1.1.5 Audit Logs and Intrusion Detection 433

9.1.1.6 TCP Wrappers 435

9.1.2 Solaris Operating System and Role-Based Access Controls 436

9.1.3 Windows OSs 438

9.1.3.1 Users and Groups 438

9.1.3.2 Access Control Model 439

9.1.3.3 Access Tokens 440

9.1.3.4 Access Control Lists 440

9.1.3.5 Access Control Entries 441

9.1.3.6 Access Rights and Access Masks 442

9.1.3.7 Security Identifiers 443

9.1.3.8 The Registry 444

9.1.3.9 Domains and Trust Relationships 446

9.1.3.10 Active Directory 448

9.1.3.11 More on Trust Relationships 451

9.1.3.12 Identification and Authentication 454

9.1.3.13 Windows Server 2003—Role-Based Access Control (RBAC ) 454

9.1.4 Embedded OSs 457

9.2 Applications 459

9.2.1 Application Security Issues 460

9.2.1.1 Buffer Overflows 460

9.2.1.2 Exception Handling, Bounds Checking, and Shared Libraries 461

9.2.2 Malicious Software (Malware) 462

9.2.2.1 Viruses 463

9.2.2.2 Worms 464

9.2.2.3 Trojan Horses, Rootkits, and Backdoors 466

9.2.2.4 Spyware and Botnets 469

9.2.2.5 Linux, Unix and Mac OS X Malware 470

9.2.3 Anti-malware Applications 470

9.2.3.1 Malware and Spyware Scanners 471

9.2.3.2 Host-Based Firewalls 472

9.2.3.3 Modification Scanners 472

9.2.3.4 Host-Based Intrusion Detection 473

9.3 Example Detailed Security Requirements for Specific Operating Systems and Applications 474

9.4 Chapter Summary 476

9.5 Further Reading and Resources 477

9.6 Questions 477

9.7 Exercises 478

10SECURITYSYSTEMS DESIGN—DESIGNINGNETWORKSECURITY 479

10.1 Introduction 479

10.2 Security Design for Protocol Layer 1 482

10.2.1 Wired and Optical Media 482

10.2.1.1 Link-Bulk Encryption 482

10.2.1.2 Dial-back Modems 484

10.2.2 Wireless Media 484

10.2.2.1 Fast Frequency Hopping 485

10.3 Layer 2—Data Link Security Mechanisms 485

10.3.1 IEEE 802.1x 486

10.3.2 IEEE 802.1ae 488

10.3.3 IEEE 802.11 WPA and 802.11i 490

10.3.4 Example Detailed Security Requirements for Layer 2 Protocols 492

10.4 Security Design for Protocol Layer 3 493

10.4.1 IP Security (IPsec) 493

10.4.1.1 IPsec Architecture 494

10.4.1.2 IPsec Key Management and Key Exchange 500

10.4.1.3 IKE Operation 500

10.4.1.4 IPsec Security Associations (SAs) 505

10.4.1.5 Combining Security Associations 505

10.4.1.6 IPsec Authentication Header (AH) Transform 507

10.4.1.7 The IPsec Encapsulating Security Payload (ESP) Transform 508

10.4.1.8 The Various ESP Transforms 509

10.4.1.9 IPsec Processing 510

10.4.1.10 IPsec Policy Management 510

10.4.1.11 IPsec and Network Address Translation 514

10.4.1.12 Example Detailed Security Requirements for IPsec 518

10.4.1.13 IPsec Implementation Availability 520

10.4.1.14 IPsec and Fault-Tolerant Network Designs 521

10.4.1.15 IPsec and PKI 522

10.4.1.16 IPsec Summary and Observations 522

10.5 IP Packet Authorization and Access Control 525

10.5.1 Network and Host Packet-Filtering 525

10.5.2 The De-militarized Zone 530

10.5.3 Application-Level Gateways 532

10.5.4 Deep-Packet Inspection (DPI) 534

10.5.5 Example Detailed Security Requirements for Packet-Filtering 537

10.6 Chapter Summary 538

10.7 Further Reading and Resources 538

10.8 Questions 539

10.9 Exercises 541

11TRANSPORT AND APPLICATION SECURITY DESIGN AND USE 543

11.1 Layer 4—Transport Security Protocols 543

11.1.1 TLS, DTLS, and SSL 544

11.1.1.1 TLS Session Establishment 546

11.1.1.2 TLS Operational Activities 549

11.1.1.3 TLS and SSL Security Items 549

11.1.2 Secure Shell (SSH) 551

11.1.3 Comparison of SSL, TLS, DTLS, and IPsec 551

11.1.4 Example Detailed Security Requirements for TLS, SSL, and DTLS 552

11.2 Layer 5—User Service Application Protocols 553

11.2.1 Email 554

11.2.1.1 Pretty Good Privacy (PGP) 554

11.2.1.2 Secure/Multipurpose Internet Mail Extensions (S/MIME) 556

11.2.1.3 S/MIME and OpenPGP Differences 558

11.2.2 World Wide Web (Web) and Identity Management 558

11.2.2.1 eXtensible Markup Language Security (XML) 560

11.2.2.2 Service-Oriented Architecture (SOA) 561

11.2.2.3 Web Services 563

11.2.2.4 SOAP 564

11.2.2.5 Security Assertion Markup Language (SAML) 564

11.2.3 Voice over Internet Protocol (VoIP) 566

11.2.3.1 VoIP Signaling Security 569

11.2.3.2 Real-Time Protocol 570

11.2.3.3 VoIP Media Security 572

11.2.3.4 VoIP Session Boarder Control 573

11.2.3.5 VoIP Device Security 573

11.2.3.6 Example Detailed Security Requirements for VoIP 573

11.2.4 DNS Security Extensions 576

11.2.5 Instant Messaging and Chat 578

11.2.6 Peer-to-Peer Applications 587

11.2.7 Ad hoc Networks 588

11.2.8 Java 590

11.2.8.1 Basic Concepts 591

11.2.8.2 Java 2 Cryptographic Architecture 592

11.2.9 .NET 594

11.2.9.1 Role-Based Security 594

11.2.9.2 Web Application Security 594

11.2.9.3 Evidence-Based Security 594

11.2.9.4 Cryptography Available in .Net 595

11.2.10 Common Object Request Broker Architecture (CORBA) 595

11.2.11 Distributed Computing Environment 597

11.2.12 Dynamic Host Configuration Protocol Security 601

11.3 Chapter Summary 603

11.4 Further Reading and Resources 603

11.5 Questions 604

11.6 Exercises 605

12SECURING MANAGEMENT AND MANAGING SECURITY 607

12.1 Securing Management Applications 607

12.1.1 Management Roots 607

12.1.2 The Telecommunications Management Network 608

12.1.2.1 Telecommunications Management Network Structure 609

12.1.2.2 Element, Network Management Systems, and Operations Systems 610

12.1.3 TMN Security 614

12.1.4 Management of Security Mechanisms 616

12.1.4.1 EMS Security Needs 617

12.1.4.2 NMS Security Additions 618

12.1.4.3 Selected OS/EMS Security Services 618

12.1.5 A Security Management Framework 619

12.1.6 Example Detailed Security Requirements for Management Applications 621

12.2 Operation, Administration, Maintenance, and Decommissioning 625

12.2.1 Operational Security Mechanisms 625

12.2.1.1 Separation of Duties and Roles 625

12.2.1.2 Operational Guidelines, Procedures 627

12.2.1.3 Independent Auditing and Review 628

12.2.1.4 Human Resources and Legal Aspects 629

12.2.1.5 Accountability 629

12.2.1.6 Documentation 629

12.2.1.7 Acceptance Testing, Field Testing, and Operational Readiness 630

12.2.2 Operations Security 631

12.2.2.1 Third-Party Access 631

12.2.2.2 Security Event Response and Forensics 632

12.2.2.3 Senior Security Management Mechanisms 633

12.2.2.4 Operational Reviews 634

12.2.2.5 Accreditation and Certification 634

12.2.2.6 Life-cycle Review 637

12.2.2.7 Withdrawal from Service 638

12.2.3 Operations Compliance 641

12.2.3.1 Example Security Tools 643

12.2.3.2 Penetration Testing 645

12.3 Systems Implementation or Procurement 647

12.3.1 Development 648

12.3.1.1 CMMI and IOS-9001 Processes 648

12.3.1.2 Coding 648

12.3.1.3 Testing 649

12.3.2 Procurement 649

12.3.2.1 Requests for Information/Proposals (RFIs/RFPs) 649

12.3.2.2 Standards Compliance 655

12.3.2.3 Acceptance Testing and Review 655

12.4 Chapter Summary 657

12.5 Further Reading and Resources 657

12.6 Questions 657

12.7 Exercises 659

Appendix A: State Privacy Laws as of 2010 on CD

Appendix B: Example Company Security Policy on CD

Appendix C: Example Generic Security Requirements on CD

Appendix D: Significant Standards and Recommendations Related to Networking and Security on CD

Appendix E: Detailed Security Requirements on CD

Appendix F: RFP Security Analysis of ABC Proposal on CD

Appendix G: Security Statement of Work on CD

About the Author 661

Index 663

loading