Security in Critical Information Infrastructures
Doctoral thesis
Permanent lenke
http://hdl.handle.net/11250/293101Utgivelsesdato
2015-06-05Metadata
Vis full innførselSamlinger
- PhD theses (TN-IDE) [23]
Originalversjon
Security in Critical Information Infrastructures by Martin Gilje Jaatun, Stavanger : University of Stavanger, 2015 (PhD thesis UiS, no. 254)Sammendrag
Information and Communication Technologies (ICT) are permeating the critical infrastructures that our modern society relies on, and ICT security is becoming increasingly important to all aspects of our lives. This dissertation presents security solutions from domains such as telecommunication, oil & gas, and aviation, and shows by contrasting with information about attacks and the threat of malware, that whereas a security architecture is necessary for all security solutions, software security is becoming vital to all types of development, not only security software.
This dissertation addresses the following research questions:
(i) How can handovers between wireless access points be performed se-
curely without incurring delays that a ects VoIP user experience?
The secure handover scheme using Kerberos tickets (Paper 2, Paper 3) allows
for handover between 802.11 access points with a delay between 10 and 40 ms,
also when the mobile station has never encountered the destination access point
before.
(ii) How can security functions be organized in a critical infrastructure
network?
The dissertation presents a novel, simple, yet elegant scheme for asset identi cation
as part of the requirements elicitation process (Paper 4), and contrasts this with
a requirements process in the aviation domain (Paper 5). Furthermore, two
case studies demonstrating security architectures in two different domains are
presented (Paper 1, Paper 7). Finally, the difficulty of measuring the security of
software is discussed, emphasizing the importance of ensuring that the software
engineering process includes secure software engineering practices, and that the
level of adoption of such processes can be used to measure the secure software
engineering maturity of an organization (Paper 6).
(iii) How can a system survive a successful attack without alerting the
attacker?
The ISH system (Paper 9) represents a novel protection scheme where compromise
of a component can be detected by multiple mechanisms, and the compromised
component is removed from the system by being promoted to honeypot; achieving
the dual goal of both isolating the attacker and providing intelligence on the attack
to the defenders.
(iv) How can a successful attack on a critical infrastructure system be mit-
igated by incident handling?
The IRMA method (Paper 8) is based on sustained interaction with the Norwegian
oil & gas industry, and is tailored to this domain with a particular emphasis on
learning from security incidents to improve handling of future incidents.
(v) What is the threat posed by malware currently not detectable by
signature-based anti-malware systems?
The experiment reported in this dissertation (Paper 10) found that five computers
with the latest version of various anti-malware software were infected by a total
of 124 unique malware samples after two weeks of agressive internet activity.
The dissertation discusses the challenges faced by security practitioners when convincing customers and other stakeholders of the need for security, and highlights the
importance of making explicit tradeoffs between security on one hand, and cost, functionality and user-friendliness on the other.
Beskrivelse
PhD thesis in Information technology
Består av
A Security Architecture for an Open Broadband Access Network M. G. Jaatun, I. A. Tøndel, M. B. Line (nee Dahl), T. J. Wilke) Published in Proceedings of the 10th Nordic Conference on Secure IT Systems (NordSec 2005), Tartu, EstoniaSecure Fast Handover in an Open Broadband Access Network using Kerberos-style Tickets M. G. Jaatun, I. A. Tøndel, F. Paint, T.H. Johannessen, J. C. Francis, C. Duranton Published in Security and Privacy in Dynamic Environments, IFIP International Federation for Information Processing Volume 201 (IFIP/SEC 2006)
Extending 3G/WiMAX Networks and Services through Residential Access Capacity F. Panken, G. Hoekstra, D. Barankira, J. C. Francis, R. Schwenderer, O. Grøndalen, M. G. Jaatun Published in IEEE Communications Magazine
Covering Your Assets in Software Engineering M. G. Jaatun, I. A. Tøndel Published in Proceedings of Third International Conference on Availability, Reliability and Security (ARES 2008)
Sink or SWIM M. G. Jaatun, T. E. Fægri Published in Proceedings of Eighth International Conference on Availability, Reliability and Security (ARES 2013)
Hunting for Aardvarks: Can Information Security be Measured? M. G. Jaatun Published in Multidisciplinary Research and Practice for Information Systems, Lecture Notes in Computer Science Volume 7465, 2012
Secure remote access to autonomous safety systems: A good practice approach M. G. Jaatun, M. B. Line, T. O. Grøtan Published in the International Journal of Autonomous and Adaptive Communications Systems
A framework for incident response management in the petroleum in- dustry M. G. Jaatun, E. Albrechtsen, M. B. Line, I. A. Tøndel, O. H. Longva Published in the International Journal of Critical Infrastructure Protection
Survival by Deception M. G. Jaatun, A. A. Nyre, J. T. Sørensen Published in Computer Safety, Reliability, and Security, Lecture Notes in Computer Science Volume 4680 (Safecomp 2007)
Fools Download Where Angels Fear to Tread M. G. Jaatun, J. Jensen, H. Vegge, F. M. Halvorsen, R. W. Nergård Published in IEEE Security & Privacy Magazine