Coordinated Security:
    A New Paradigm
               Steve Hanna
       October 8, 2009

         Copyright © 2009 Trus...
Computing Is Fundamental




… but it’s built on sand …
       Copyright© 2009 Trusted Computing Group – Other names and b...
Consumers Are Worried
TOP RANKED CONCERNS ACROSS ALL COUNTRIES
                             10
                           ...
Worried for Good Reason
 # BOT-Infected Computers (MM)                                       # Phishing Web Site Hosts

  ...
Our Current Defense




      Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their res...
Coordinated Security
Trusted Clients

                                           Security Built In
                                            ...
Trusted Servers

                                             Security Built In
                                          ...
Trusted Storage


                                             Security Built In
                                         ...
Trusted Networks


                                             Security Built In & Coordinated
                          ...
Coordinated Security


                                                             Share
                                ...
Open Standards
                                     Asset
                                                                ...
Benefits
                                                Stronger security




       Copyright© 2009 Trusted Computing Gr...
Benefits
                                                Faster Response




       Copyright© 2009 Trusted Computing Grou...
Benefits
                                                More flexibility




       Copyright© 2009 Trusted Computing Gro...
Benefits
                                                Single security policy




       Copyright© 2009 Trusted Computi...
Benefits
                                                Product choice




       Copyright© 2009 Trusted Computing Group...
How to Deploy Coordinated Security

1. Get info from TCG web site
    Case studies, design guidelines, standards
2. Make c...
For More Information



Trusted Computing Group (TCG)


    http://www.trustedcomputinggroup.org




        Copyright© 20...
Upcoming SlideShare
Loading in...5
×

Steve Hanna - Coordinated Security: A New Paradigm - Interop Mumbai 2009

674

Published on

Today's information security environment is composed of isolated systems, unable to share information in an effective way. Device security, network security, and application security systems proliferate but never communicate. Only through the use of new open standards can we address this problem, sharing information to increase the value of already-deployed systems and enable a nimble response with reduced waste.

This keynote would cover the Trusted Network Connect (TNC) standards (especially IF-MAP) and touch on the other Trusted Computing Group (TCG) technologies, showing how TCG standards enable better coordination among security systems. The emphasis of the talk is on business perspectives and challenges and how TCG technologies address them.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
674
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
30
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Steve Hanna - Coordinated Security: A New Paradigm - Interop Mumbai 2009

  1. 1. Coordinated Security: A New Paradigm Steve Hanna October 8, 2009 Copyright © 2009 Trusted Computing Group
  2. 2. Computing Is Fundamental … but it’s built on sand … Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 2# ed S 2# ediiiillllS 2# ed S 2# ed S
  3. 3. Consumers Are Worried TOP RANKED CONCERNS ACROSS ALL COUNTRIES 10 3rd Highest Concern 8 1 2nd Highest Concern 4 6 Highest Concern 4 4 2 5 4 3 1 3 0 1 Bankcard Identity National Epidemics Viruses/ Fraud Theft Security Spam COMPARISON OF FINDINGS FROM 4 SECURITY INDEX SURVEYS Aug 2007 Mar 2008 200 17 9 17 8 17 5 17 0 17 2 Sep 2008 16 7 17 0 16 6 13 8 13 6 13 6 13 6 Mar 2009 15 0 13 7 12 7 13 1 12 6 12 5 12 6 118 12 8 114 112 10 9 113 114 118 118 10 9 10 2 10 1 10 0 96 10 0 50 0 National Health Bankcard Meeting Online Viruses Identity Personal Security Epidemic Fraud Financial Transactions and Spam Theft Safety Obligations Source: Unisys Security Index Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 3# ed S 3# ediiiillllS 3# ed S 3# ed S
  4. 4. Worried for Good Reason # BOT-Infected Computers (MM) # Phishing Web Site Hosts 55,389 10 60, 000 8 40, 000 33,428 6 9. 5 9. 5 4 20, 000 2 0 0 2007 2008 2007 2008 # Identities Breached Due to # Conficker Infections (MM) Data Loss and Theft (MM) 60 1 50 40 30 56 1 20 39 10 0 0 2007 2008 2007 2008 Source: Symanec Internet Security Threat Report Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 4# ed S 4# ediiiillllS 4# ed S 4# ed S
  5. 5. Our Current Defense Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 5# ed S 5# ediiiillllS 5# ed S 5# ed S
  6. 6. Coordinated Security
  7. 7. Trusted Clients Security Built In Trusted Platform Module (TPM) Mobile Trusted Module (MTM) Features Authentication Encryption Attestation Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 7# ed S 7# ediiiillllS 7# ed S 7# ed S
  8. 8. Trusted Servers Security Built In Trusted Platform Module (TPM) Secure Virtualization Secure Cloud Features Authentication Encryption Attestation Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 8# ed S 8# ediiiillllS 8# ed S 8# ed S
  9. 9. Trusted Storage Security Built In Self Encrypting Drive (SED) Features Encryption Authentication Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 9# ed S 9# ediiiillllS 9# ed S 9# ed S
  10. 10. Trusted Networks Security Built In & Coordinated Trusted Network Connect (TNC) Features Authenticate Health Check Behavior Monitor Enforce Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 01# ed S 01# ediiiillllS 01# ed S 01# ed S
  11. 11. Coordinated Security Share Who, What, When, Where, Privileges Threats Policies Cooperative Defense Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 11# ed S 11# ediiiillllS 11# ed S 11# ed S
  12. 12. Open Standards Asset NAC Management Decision System Point Custom Integration SIM /SEM IPAM MAP DHCP SNMP, Syslog AD IF-MAP Protocol RADIUS Routing IDS Switching Wireless Firewalls Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 21# ed S 21# ediiiillllS 21# ed S 21# ed S
  13. 13. Benefits Stronger security Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 31# ed S 31# ediiiillllS 31# ed S 31# ed S
  14. 14. Benefits Faster Response Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 41# ed S 41# ediiiillllS 41# ed S 41# ed S
  15. 15. Benefits More flexibility Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 51# ed S 51# ediiiillllS 51# ed S 51# ed S
  16. 16. Benefits Single security policy Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 61# ed S 61# ediiiillllS 61# ed S 61# ed S
  17. 17. Benefits Product choice Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 71# ed S 71# ediiiillllS 71# ed S 71# ed S
  18. 18. How to Deploy Coordinated Security 1. Get info from TCG web site Case studies, design guidelines, standards 2. Make case to management based on benefits 3. Require coordinated security support in RFPs 4. Deploy incrementally 5. Enjoy benefits Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 81# ed S 81# ediiiillllS 81# ed S 81# ed S
  19. 19. For More Information Trusted Computing Group (TCG) http://www.trustedcomputinggroup.org Copyright© 2009 Trusted Computing Group – Other names and brands are properties of their respective owners. 91# ed S 91# ediiiillllS 91# ed S 91# ed S
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×