* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download TLC_Requirements_TI+AlcatelLucent
Cracking of wireless networks wikipedia , lookup
Mobile security wikipedia , lookup
Information privacy law wikipedia , lookup
Information security wikipedia , lookup
Distributed firewall wikipedia , lookup
Computer security wikipedia , lookup
Computer and network surveillance wikipedia , lookup
MIT Requirements for TLC IRRIIS MIT Conference ROME 8 February 2007 Giustino FUMAGALLI Arnaud ANSIAUX IRRIIS - FP6-2005–IST-4 EC - LOGO General context ICT networks and systems are the nervous system of our modern technological society. FINANCIAL PUBLIC HEALTH LAW ENFORCEMENT Communications Infrastructure ENERGY TRANSPORTATION Other Infrastructures (www.interscience.wiley.com) The dependencies of other services (energy, transportation …) supply on ICT networks have grown ever more complex. ICT : Information Communications Technology IRRIIS General context Because of this interconnectedness and an increasing reliance on ICT networks, services critical to society and economy are becoming more fragile and may fall faster than ever before because of a major technological collapse of an ICT network or system. ICT : Information Communications Technology IRRIIS IRRIIS project The IRRIIS project will provide a novel technology, named « MIT system » aiming at enhancing the dependability, the survivability and the resilience of LCCIs. MIT system will : o Improve the networks’ operators mutual awareness; o Improve the negotiation capacity between different networks; o Reduce the chance that failures spread; o Mitigate the cascading effects. MIT : Middleware Improved Technology; LCCI : Large Complex Critical Infrastructure. IRRIIS Why MIT System for Telco ? Telecommunication infrastructure is defined as « Organizations, personnel, procedures, facilities and networks » employed to transmit and receive information. (www.bitpipe.com/tlist/Telecommunications-Infrastructure.html) Eight Ingredient Framework of Communications Infrastructure PUBLIC HEALTH FINANCIAL LAW ENFORCEMENT Communications Infrastructure Power Software Payload Human Environment Hardware Networks Policy ENERGY TRANSPORTATION Other Infrastructures TELCO infrastructure is definitly a very complexe system to be handled in globality. IRRIIS “Intradependencies” in Telco Intradependencies must be taken into account inside a single operator telecommunication network. Subnetwork 1 Subnetwork Subnetwork i 2 Intradepencies Subnetwork 5 Network Subnetwork i i Subnetwork 3 Subnetwork 4 Network Operator IRRIIS “Interdependencies” in Telco •Internationalization of Business; •Overall mobility of clients; •Convergence of telecoms and IT; •… Telco domain Subnetwork 1 Subnetwork Subnetwork i 2 Intradepencies Subnetwork 5 Operator 2 Operator 3 Interdepencies Subnetwork 3 Subnetwork 4 Increase the number of Operator 1 interdependencies between telecommunication operators. Operator 4 Operator i IRRIIS Interdependencies means interworking needs To grant its own service delivery each CI operator needs to be granted on the service delivery provided by others CI operators; Service Level Agreements with others CI operators (both for electricity or Telco); Service Level Agreements for a certain service could include regulation about the exchange of information concerning the status of the provided service; The nature of the information exchanged often requires feed-back mechanisms. Fast alerting about SLA reduction should be useful to implement countermeasures on-time, avoiding critical malfunctions afterwards; Automatic negotiated service restoration after a malfunction, may help cooperation to a faster and safer return to a “normal state” of all CI’ service deliveries. Moreover, it may help civil protection emergency activities. IRRIIS A basic Interdependency Risk reduction : data exchange No-one can understand better his own risk in the “service delivery” than the “service provider” itself : Share his own risk perception with others CI operators should be very important. BUT!!! Automatic data exchange doesn’t mean automatic reaction : internal procedures for the risk management must be respected; “Service consumer” operator need to trust in data received. Share only relevant data to others: “service consumer” is interested in being informed about service delivery, not about “service producer troubles”. SO Exchange service relevant data in a simple format: – Risk estimation; – Where (Location and expected area involved); – When (Time and how long). IRRIIS Environment drives also Telco •Transformation of Telco Operators business model. The telecom carrier is becoming a global service operator (access to IT resources, hosting, y om outsourcing, etc …); on Ec Te c hno log y Telco domain •Development of new technologies (high bandwidth capabilities, multimedia technologies, mobile technologies, service platforms, IP convergence…); other domain 1 Subnetwork 1 other domain 2 Interdepencies Subnetwork Subnetwork i 2 Intradepencies Subnetwork 5 other domain i So ty •Change of habits of Clients. Development of new end to end services to their clients ( QoS, security guaranties, service profile, … ); cie Operator 2 Operator 3 Interdepencies Subnetwork 3 Subnetwork 4 Operator 4 Operator 1 Operator i Pol s it ic •Strong partnerships with other operators, ISP and content providers / Constraints due to governmental law enforcement. IRRIIS Existing solutions to enhance resilience in Telco •Redundancies of main equipments, services and pathways inside operator networks (logically or physically) •Security Management - “Off-line” analysis Prevention Incident Handling - Network engineering; - Risk management studies ... Crisis Management Learning - Operational Continuity & Emergency Plans - Crisis Management Process (fast reaction) IRRIIS Existing solutions to enhance resilience in Telco Network Operating Center Security Operating Center •Security Management ; - “On-line” monitoring : Supervision solutions. - Network Operation Center (NOC); - Security Operation Center (SOC); IRRIIS Remaining and new issues •Supervision solutions - Mainly based on technical information collection ; - Large amount of data are collected from networks which involve issues : storage and data mining, complex treatments (filtering, aggregation, correlation…) ; - Too many supervision tools are needed which make a lot of communication interoperability issues and make decision phase more and more complex. •IP and mobility technologies are source of new vulnerabilities, threats and malicious attacks for Telco network operators. A lot of effort should be done to develop single efficient system to enhance overall Telco resilience. IRRIIS Main requirements for MIT system (1/2) Processing functions Collect and process internal data and information, – Embedded computing at lower level inside the network to make efficient, timely and secure the data processing ( filtering, aggregation and correlation mechanisms); Perform analysis and diagnosis useful for the infrastructure where MIT components are installed and for other infrastructures with which they are connected; Process data coming from other infrastructures in order to allow the operator to prevent potential cascading effects; Security policies management capabilities to define emergency conditions and if possible automatic recovery. IRRIIS Main requirements for MIT system (2/2) Communication functions Support information sharing to provide early warning to neighboring systems and infrastructure; Exchange data with other Communication Components installed on other infrastructures; Enhance global communication capabilities by defining communication standards to resolve interoperability issues (ie : risk common exchange language); Define standard for scallable, tunable information on resilience and security aspects for inter-domain level agreement. IRRIIS MIT System general architecture MIT system should be implemented both at : The management service level; The collector level; Network Operating Center Security Operating Center Inside the operator core network : • directly on « critical » network equipments; •using specific probes. Main objectives : Independent Define and modular architecture; the content of RML* messages. * RML : Risk Management Language IRRIIS MIT System general architecture •Because each LCCI will remain responsible for his own security management and overall technical capacity management; Processing functions Communication functions •But also to ensure the most resilience and scalable capabilities within Telco interdependencies … MIT system general architecture has been oriented where each MIT system communicates with all interfaced MIT systems making use of client-server paradigm. IRRIIS Extension of TELCO MIT system to other domains The application of these general requirements for MIT system should enhance overall resilience of all these complex communication Infrastructures. Because, ICT networks are the nervous system of other infrastructures, it could be then possible to extend the concept of MIT system to other interdependent domains and really start to think about : – – – Global service continuity, resilience with limiting cascading effect between all critical infrastructures; Global security reaction management with support of authorized recovery; Global “TRUST & CONFIDENCE”. telecom electricity other IRRIIS THANK YOU IRRIIS