Minnesota ISSA Chapter - Serving the Upper Midwest
ISSA Meeting
March 16th, 2010
1:30 PM - 4:00 PM
Dorsey Ewald Conference Center
1000 Westgate Drive
St. Paul, MN 55114
Ph: 651-290-6260
Directions: http://www.ewald.com/displaycommon.cfm?an=1&subarticlenbr=54
Speaker: Gunnar Peterson
Title: Dealing with the Wildness That Awaits
Abstract: Inexactitude is a part of software development project, but the problem is which part is inexact? Finding the imperfection in the software you're building before attackers do is a laudable goal, but also a kind of guesswork. To deal with this issue, we look at the margin of safety as a software engineering tool that leverages our knowledge and skills.
The fitness of the system is not decided at design time, its ability to withstand attacks is ultimately decided at runtime; but there are concrete design steps that can be taken to build systems that resist and recover from attacks. The combination of Threat Models, which show how the system may fail, and Attack Surface which show where the system is vulnerable, is a starting point for assessing Margin of Safety at design time. The output of the combined Threat Model and Attack Surface is a Countermeasure Model, which identifies and locates the Countermeasures in the system.
The Countermeasure Model forms the basis of the Margin of Safety by providing testable criteria for the resiliency of both the countermeasures and the system as a whole. This has proven useful in the field for two reasons, one expected and the other more subtle. The expected reason for the utility of the Countermeasure Model is that security gets more challenging each day due to new threats, vulnerabilities, attacker skill, functionality and connectivity. The more subtle reason is that Security Countermeasures are first and foremost a systems integration problem, meaning the resultant Countermeasures, such as access control systems, require architecture, planning, prioritization, and detailed design to effectively integrate with system’s applications, network channels, messages and other constituents. Suffice to say, this is not a linear process, and frequently decisions are not based on technical merits.
The Margin of Safety concept is used to provide the team with a framework to:
· Make security architecture decisions
· Communicate security architecture decisions
· Provide a concrete basis for building the security architecture
· Measure security architecture effectiveness
· Manage security architecture lifecycle
In this talk we will take an end to end example of a portion of security architecture from design time (using Threat Models and Attack Surface to build a Countermeasure Model), reviewing the Margin of Safety; and then examine how these are applied in deployment and runtime policies and security mechanisms. This being a security talk, we will wrap up discussing how this all goes wrong when the rubber meets the road, specifically what failure modes are present in current Web service implementations.
BIO: Gunnar Peterson is a Managing Principal at Arctec Group. He is focused on distributed systems security for large mission critical financial, financial exchanges, healthcare, manufacturer, and insurance systems, as well as emerging start ups. Mr. Peterson is an internationally recognized software security expert, frequently published, an Associate Editor for IEEE Security & Privacy Journal on Building Security In, a contributor to the SEI and DHS Build Security In portal on software security, a Visiting Scientist at Carnegie Mellon Software Engineering Institute, and an in-demand speaker at security conferences. He maintains a popular information security blog athttp://1raindrop.typepad.com
Speaker: Brian Tokuyoshi
Title: Too Many Encryption Keys
Abstract: In the effort to meet compliance goals and to encrypt more information, companies are deploying a greater number of encryption products. However, as many companies are discovering, the inconsistencies of tools and policies for managing encryption keys are creating a growing administrative problem. Could the deployment of too many encryption products and the lack of centralized policy increase the risk of data loss?
In this session, learn about the ins & outs of key management. Brian will discuss the problem of too many encryption keys, dig into the architectures behind enterprise key management, and go over strategies to get the problem under control for better centralized management in the future.
BIO: Brian Tokuyoshi is a Solution Manager for PGP Corporation, overseeing the server products. He has a 14 years of expertise in data encryption, identity management, smart cards and enterprise messaging. Prior to PGP, Brian served as Product Marketing Manager for ActivIdentity, where he oversaw the smart card management systems and strong authentication solutions. He was part of the team that launched the Sun Identity Management platform, and also served as the senior market analyst for The Radicati Group, covering the PKI and directory server markets.
