Andrew R. McGee

A brink of failure and breach of security detection and recovery system

In todays complex networks, a series of seemingly unrelated and minor events over an extended time period can escalate to catastrophic failure as well as alter the networks security posture. The interactions between these events are too subtle and occur over too long a time for people to recognize and respond to the impending outage or security vulnerability. This paper presents a new concept termed “brink of failure” and demonstrates its relationship to network security. The paper describes an automated Brink of Failure (BOF) and Breach of Security (BOS) Detection and Recovery System that correlates network events to recognize and diagnose BOF conditions and their impact on the networks security posture and also suggests remedial actions. All information is provided on a single display that can be integrated into network operations centers. Scenarios that demonstrate how this system can be used to proactively predict and prevent network outages are also identified.

A framework for ensuring network security

The current focus of network security is concerned with securing individual components as well as preventing unauthorized access to network services. While these are necessary concerns, they do not represent a complete view of network security. In this paper, we present the Lucent Network Security Framework, which provides a comprehensive, top-down, end-to-end perspective on network security. We show how this framework can be applied to network elements, services, and applications including detecting, correcting, and preventing security vulnerabilities. In addition, we demonstrate how the Network Security Framework can be applied to all types of networks and across all layers of the protocol stack. This framework has been submitted to several government and standards bodies (e.g., ITU-T and ISO), and it has been very well received. Service provider networks developed with attention to the Lucent Network Security Framework will have a comprehensive security architecture enabling new value-added revenue-generating security services such as security service-level agreements (SLAs).

Dynamic virtual private networks

Modifications to a virtual private networks (VPNs) topology, security, service provisioning options, or quality of service (QoS) typically require an end-user request to their service provider, whose personnel currently perform the VPN management. This process incurs more provisioning delay and is more costly than user self-provisioning. This paper presents a new service approach and dynamic virtual private network (D-VPN) technology that marries VPNs with directory enabled networking and Web-based subscriber service selection. It places VPN management into the hands of the user to produce instantaneous results, lowering service-provider operations costs, and subsequently reducing the cost to the end user. The paper also describes the target architecture and framework as well as the initial types of services that could be supported by D-VPN technology.3

Assessing smart Grid security

The evolution from traditional power networks to smart grid involves many aspects including data network transformation, distributed functionality, and two-way information flow between supplier and customer. Networks are transforming to the use of packet-based communications and the use of newer networking technologies, including optical, Internet Protocol (IP) and Multiprotocol Label Switching (MPLS). Functionality is being distributed to substations, transmission and distribution nodes, and to the customer site. Information flow evolves to two-way communication of rating, billing, and usage data between the customer and supplier (including “smart metering”). These changes introduce new reliability and security challenges for the power grid utility company. In the security domain, new threat vectors are introduced, and vulnerabilities and attacks related to data networking and information technology become more relevant. Security, reliability, and availability of the management and control network and functionality are business critical. This paper describes a methodology for assessing smart grid security, and trends in smart grid security that we have observed while applying this methodology.

Optimal availability and security for IMS-based VoIP networks

Consumers are continuously looking for ways of improving their productivity, simplifying their tasks, and streamlining communications both domestically and globally. This has resulted in the need to support different applications and thus the ongoing process of migrating many network services from traditional circuit-switched networks to Internet Protocol (IP) to converged networks. The circuit-switched public switched telephone network (PSTN) was a closed network where cyber-security threats were not a major issue. With the advent of converged networks and IP-based services, service providers, government, and enterprises are concerned about the growing security threat. The new networks and equipment will be subject to many types of threats and their vulnerabilities may expose mission critical applications and infrastructure to risk. Realization of these threats can lead to service outage. Todays communications service provider must decide how to treat the effects of security breaches so as to minimize service downtime. This paper highlights a methodology, with examples to identify the effect of security-related failures and the critical design factors to be considered when modeling service reliability. The ITU-TX.805 standard (now also ISO standard 18028-2), based on the Bell Labs security model, is used to evaluate potential high impact threats and vulnerabilities. The analysis uses the Bell Labs domain technique known as security domain evaluation. One of the critical outputs provides a prioritized understanding of the threats the network is exposed to and the vulnerabilities in the security architecture. The next step in the methodology includes incorporating the threats (vulnerabilities) identified in a reliability model and quantifying the corresponding service degradation. In this paper, these concepts are applied to IP Multimedia Subsystem (IMS)-based VoIP (Voice over IP) networks. Using reliability metrics, our analysis shows that reliability models are optimistic if we do not consider security. We demonstrate how reliability models can be enhanced to take security issues into account and that the X.805 standard can be used to identify the security threats. Finally, the model shows the mitigation in downtime by including intrusion-tolerance features in the product and network design. Consideration of security-caused downtime will lead to increased focus on preventing security vulnerabilities that can lead to service outages and also allow service providers to save on maintenance costs.

Public safety network security considerations

Public safety networks are wireless communication networks used for public protection and disaster relief. Mobile broadband access to cloud-based computing power improves the flexibility of these networks. Modern public safety networks must support endpoints such as wireless laptops, handheld computers, and mobile video cameras, as well as facilitate communication, collaboration, and operation with central command posts, coworkers, and other agencies in order to provide situational awareness and optimized operations. Unattended video surveillance and sensor systems also use public service networks to transport control information and data. This combination of interconnectivity and interoperability of endpoints, communications, coworkers, agencies, video surveillance, and sensor systems results in a complex automated information system and introduces new security risks into public safety networks. First responders and public safety personnel are familiar with controls such as encryption, redundancy, and physical security used to protect traditional public safety networks; however, they may be unfamiliar with the controls needed to secure next-generation networks. This letter identifies some of the security factors that make public safety network design challenging.

Security posture for civilian and non-civilian networks

Network security is dependent upon securing individual components, services, and applications. This is done through the prevention, detection, and correction of threats and attacks that exploit vulnerabilities in the network. Network security must be analyzed using various factors, such as security requirements, the inherent strengths and vulnerabilities of different network technologies, and the processes used to design, deploy, and operate networks. The Bell Laboratories security model provides the framework required to plan, design, and assess the end-to-end security of networks. In this paper, the Bell Labs security model is used to (1) define the basic security needs of civilian and non-civilian networks, (2) examine the security capabilities of various technologies and identify their security strengths and gaps, (3) identify key threat-mitigation strategies for civilian and non-civilian networks, and (4) illustrate the value of a comprehensive framework (e.g., the Bell Labs model) in any security program, whether designed for a civilian or a non-civilian network.