*
Copyright © 2012, Elsevier Inc. All Rights Reserved
Chapter 3
Separation
Cyber Attacks
Protecting National Infrastructure, 1st ed.
Copyright © 2012, Elsevier Inc. All Rights Reserved
The University of Adelaide, School of Computer Science
The University of Adelaide, School of Computer Science
*
Chapter 2 — Instructions: Language of the Computer
*
Chapter 2 — Instructions: Language of the Computer
*
Using a firewall to separate network assets from intruders is the most familiar approach in cyber securityNetworks and systems associated with national infrastructure assets tend to be too complex for firewalls to be effective
Copyright © 2012, Elsevier Inc. All rights Reserved
Chapter 3 – Separation
Introduction
Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science
The University of Adelaide, School of Computer Science
*
Chapter 2 — Instructions: Language of the Computer
*
Chapter 2 — Instructions: Language of the Computer
*
Three new approaches to the use of firewalls are necessary to achieve optimal separationNetwork-based separationInternal separationTailored separation
Copyright © 2012, Elsevier Inc. All rights Reserved
Chapter 3 – Separation
Introduction
The University of Adelaide, School of Computer Science
The University of Adelaide, School of Computer Science
*
Chapter 2 — Instructions: Language of the Computer
*
Chapter 2 — Instructions: Language of the Computer
*
Fig. 3.1 – Firewalls in simple and complex networks
Copyright © 2012, Elsevier Inc. All rights Reserved
Chapter 3 – Separation
Copyright © 2012, Elsevier Inc. All rights Reserved
*
Separation is a technique that accomplishes one of the followingAdversary separationComponent distribution
Copyright © 2012, Elsevier Inc. All rights Reserved
Chapter 3 – Separation
What Is Separation?
The University of Adelaide, School of Computer Science
The University of Adelaide, School of Computer Science
*
Chapter 2 — Instructions: Language of the Computer
*
Chapter 2 — Instructions: Language of the Computer
*
A working taxonomy of separation techniques: Three primary factors involved in the use of separationThe source of the threatThe target of the security controlThe approach used in the security control
(See figure 3.2)
Copyright © 2012, Elsevier Inc. All rights Reserved
Chapter 3 – Separation
What Is Separation?
The University of Adelaide, School of Computer Science
The University of Adelaide, School of Computer Science
*
Chapter 2 — Instructions: Language of the Computer
*
Chapter 2 — Instructions: Language of the Computer
*
Copyright © 2012, Elsevier Inc. All rights Reserved
Chapter 3 – Separation
Fig. 3.2 – Taxonomy of separation techniques
*
Separation is commonly achieved using an access control mechanism with requisite authentication and identity managementAn access policy identifies desired allowances for users requesting to perform actions on system entitiesTwo approachesDistributed responsibi.