abose report
play

AbOSE Report ( Ab ilene O perational S ecurity E xercise) T. Charles - PowerPoint PPT Presentation

Feb 28, 2023 •623 likes •762 views

AbOSE Report ( Ab ilene O perational S ecurity E xercise) T. Charles Yun, Internet2 Presentation Overview 2006 January A bit of scene setting and background Background, Goals Methodology TF-CSIRT, Amsterdam, the Netherlands

  1. AbOSE Report ( Ab ilene O perational S ecurity E xercise) T. Charles Yun, Internet2

  2. Presentation Overview 2006 January • A bit of scene setting and background • Background, Goals • Methodology TF-CSIRT, Amsterdam, the Netherlands • Findings • Lessons Learned • Follow up • Invitation to International Security Exercise • Contact Info Slide 2

  3. 2006 January TF-CSIRT, Amsterdam, the Netherlands Slide 3 Abilene Network Backbone Main office Logo Current location Background Information

  4. Background Information Salsa (1 of 2) 2006 January • Advisory and coordination group for security activities for Internet2 • Security at Line Speed workshop (S@LS), the “fruitcake” document, annual meetings TF-CSIRT, Amsterdam, the Netherlands • Working Groups and meetings • Network Authorization (NetAuth), Federated Wireless Network Authentication (FWNA), Computer Security Incident (CSI2) • Reconnections “Managing Academic Networks With New Requirements”, NetGurus Slide 4 xref Marco’s ENISA hierarchy from yesterday

  5. Background Information Salsa (2 of 2) 2006 January • Address security in various ways: • Time frames: short, medium, long • Process, procedure, policy (think ISO-9000, legal requirements, etc.) TF-CSIRT, Amsterdam, the Netherlands • Groups: community, Community, COMMUNITY • Operational, exploratory, R&D Slide 5

  6. AbOSE 2006 January • One day long event, held November 2005 in Indianapolis, Indiana, USA • Designed to initiate conversations on the Network Operation Center's (NOC) activities in their support of Abilene TF-CSIRT, Amsterdam, the Netherlands • This was not an audit • Information gathering, gap analysis , baseline, document • Report is currently in draft and has been released to participants, public version soon. Slide 6

  7. Methodology 2006 January • Two scenarios, invented, refined, executed • “Table top” exercise (talking, no flows initiated) • DDoS attack TF-CSIRT, Amsterdam, the Netherlands • Backbone link is inconsistently saturated between two core router nodes • Targeting an important demo • Router compromise with press/reporter investigation • Router provides indication of problem and reporter has been contacted by “bad guy” to advertise the compromise Slide 7

  8. Findings 2006 January • Report identifies ~40 observations with suggested responses • Patterns of activity emerged in the two scenarios, TF-CSIRT, Amsterdam, the Netherlands some expected and others not. • Some processes were in place and followed, others need to be developed, noting that the any new process is hinged on the NOC’s return on investment • Some observations revealed policy questions that should be answered by Internet2, or, the NOC’s response is based on other people’s decisions. Slide 8

  9. Lessons Learned (some of them) 2006 January • Well designed, detailed scenarios are important to respond to unexpected questions. • Engineers (plural) need to be involved in the design * and * execution of the scenario. (Obviously, these engineers will not participate in the exercise.) TF-CSIRT, Amsterdam, the Netherlands • Make sure that every external “event” or “character” is represented by a real person. If someone is supposedly upset and sending email, have a real person start sending email… and then call a person’s cell phone. • Test processes, not the cleverness of engineers. Slide 9

  10. Follow Up 2006 January • Initiate regularly occurring Abilene exercise • Planning to hold annually, during the summer holidays • Potentially run a table-top and * live * exercise TF-CSIRT, Amsterdam, the Netherlands • “Regular” exercises with international partners • What is the proper format of an international exercise? Process analysis or “real problems” • Start off with a similar baseline exercise and evolve into more complicated activities Slide 10

  11. Invitation to Intl Security Exercise 2006 January • Which entities should participate (regional, national, backbone, or collaborative organizations)? • Who should organize? • When: I suggest late summer 2006 TF-CSIRT, Amsterdam, the Netherlands • Format: Baseline assessment, similar to the AbOSE reported here. Probably a distributed event, via video+voice+IM (or in Hawaii/Sicily/Provence) • Goals: Some are obvious, additional thoughts? Slide 11

  12. 2006 January TF-CSIRT, Amsterdam, the Netherlands Slide 12 • http://security.internet2.edu/ Ann Arbor, Michigan, USA charles @ internet2 . edu 734.352.4960 (desk) Contact Info • T. Charles Yun Internet2

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

TOWN OF WHITBY REPORT R E C O M M E N D A T I O N R E P O R T REPORT TO: Planning and

TOWN OF WHITBY REPORT R E C O M M E N D A T I O N R E P O R T REPORT TO: Planning and

TOWN OF WHITBY REPORT R E C O M M E N D A T I O N R E P O R T REPORT TO: Planning and Development Committee REPORT NO: PL 81-09 DATE OF MEETING: September 8, 2009 FILE NO(S): Z-04-08 PREPARED BY: Planning/Public Works Joint Report LOCATION:

896 views • 58 slides
Scotch College morrisby report morrisby report morrisby report morrisby Morrisby

Scotch College morrisby report morrisby report morrisby report morrisby Morrisby

Understanding the Morrisby Report Scotch College morrisby report morrisby report morrisby report morrisby Morrisby Report Overview Intention - to support the process of subject, course and career choice by providing an

672 views • 41 slides
2017 Report Card Annual Report Cards The 2017 Report Card is our 6 th Report Card! 2 Sustainable

2017 Report Card Annual Report Cards The 2017 Report Card is our 6 th Report Card! 2 Sustainable

2017 Report Card Annual Report Cards The 2017 Report Card is our 6 th Report Card! 2 Sustainable Peterborough 2017 Overview 7 3 154 Working Staff Partners Groups Members Climate Change Action Plan updated baseline inventory for 2012-

506 views • 35 slides
Report to PBC 5/21/2014 1 Report to PBC 5/21/2014 2 Report to PBC 5/21/2014

Report to PBC 5/21/2014 1 Report to PBC 5/21/2014 2 Report to PBC 5/21/2014

Report to PBC 5/21/2014 1 Report to PBC 5/21/2014 2 Report to PBC 5/21/2014 3 Report to PBC 5/21/2014 4 Participatory Governance Process Survey Results Spring 2014 4.00 3.50 3.39 3.37 3.31 3.29 3.25 3.20 3.19

562 views • 19 slides
TEST REPORT DIRECTORY Pages A) Documentation Directory 2 Test Standards 3 Address of the

TEST REPORT DIRECTORY Pages A) Documentation Directory 2 Test Standards 3 Address of the

TEST REPORT TEST REPORT Report Number : ETLE090324.03 Report issue date: May 26, 2009 Model / Serial No. : W2-360 / NONE Multiple Model Name : W2-340, W2-360H, W2-310H Product Type : Hot & Cold Water Purifier System Brand Name :

641 views • 37 slides
EMC TEST REPORT DIRECTORY A) Documentation Directory 2 Test Standards 3 Address of the test

EMC TEST REPORT DIRECTORY A) Documentation Directory 2 Test Standards 3 Address of the test

EMC TEST REPORT CE TEST REPORT Report Number : ETLE080619.495 Report issue date : July 21, 2008 Model / Serial No. : HWC-640 / NONE Multiple Model Name : HWC-630, HWC-650, HWC-660, HWC-680 Product Type : Hot & Cold Water Purifier

522 views • 35 slides
EMC TEST REPORT DIRECTORY A) Documentation Directory 2 Test Standards 3 Address of the test

EMC TEST REPORT DIRECTORY A) Documentation Directory 2 Test Standards 3 Address of the test

EMC TEST REPORT CE TEST REPORT Report Number : ETLE070516.328 Report issue date : June 27, 2007 Model / Serial No. : ROMEO III / NONE Multiple Model Name : W2-360H, W2-340H, W2-300H, W2-310H Product Type : POU Water Cooler Applicant

612 views • 36 slides
Report of Keith Mitchell, Director of Education Purpose of the Report 1. This report and

Report of Keith Mitchell, Director of Education Purpose of the Report 1. This report and

Cabinet 23 March 2006 Industrial Learning Centre Vocational Learning Trust (VOLT) Presentation to Cabinet Report of Keith Mitchell, Director of Education Purpose of the Report 1. This report and attachment seek to summarise where we are on

349 views • 7 slides
DIRECTORS REPORT The directors present their report and the audited 21 May 2014 to

DIRECTORS REPORT The directors present their report and the audited 21 May 2014 to

56 INTERSERVE ANNUAL REPORT 2013 GOVERNANCE DIRECTORS REPORT GOVERNANCE DIRECTORS REPORT The directors present their report and the audited 21 May 2014 to shareholders appearing on the register at the consolidated fjnancial statements

370 views • 9 slides
Flight AF 447 A330-203, F-GZCP 1st Interim Report 2 July 2009 Interim Report This report

Flight AF 447 A330-203, F-GZCP 1st Interim Report 2 July 2009 Interim Report This report

Flight AF 447 A330-203, F-GZCP 1st Interim Report 2 July 2009 Interim Report This report is written in accordance with international standards and practices (ICAO, Annex 13) It contains : The factual elements gathered since the

536 views • 27 slides
MWRA Annual CSO Progress Report 2014 This is the 19 th annual report. Report includes:

MWRA Annual CSO Progress Report 2014 This is the 19 th annual report. Report includes:

MWRA Annual CSO Progress Report 2014 This is the 19 th annual report. Report includes: Progress in 2014 and Q1 2015 CSO control achievements and benefits to-date Remaining activities and court/regulatory requirements Spending,

268 views • 16 slides
Preliminary Report from Preliminary Report from Preliminary Report from Preliminary Report from

Preliminary Report from Preliminary Report from Preliminary Report from Preliminary Report from

Preliminary Report from Preliminary Report from Preliminary Report from Preliminary Report from the JMOC Actuary the JMOC Actuary the JMOC Actuary the JMOC Actuary Presentation to JMOC Committee September 22, 2016 Setting a Growth Target

588 views • 23 slides
CFO Report Finance and Audit Committee 7/16/20 Topics May YTD 2020 Reports: Financial

CFO Report Finance and Audit Committee 7/16/20 Topics May YTD 2020 Reports: Financial

CFO Report Finance and Audit Committee 7/16/20 Topics May YTD 2020 Reports: Financial Performance Report and Asset Liability Management Report Annual Reports: Green Bonds Report and Fares Report Updated Financial Impacts and

811 views • 19 slides
IAB report to the community for IETF-108 This is the IAB report for the period between IETF 107

IAB report to the community for IETF-108 This is the IAB report for the period between IETF 107

IAB report to the community for IETF-108 This is the IAB report for the period between IETF 107 and IETF 108. This report presents a summary of activities. More detailed information on many of the topics is also available at https://www.iab.org

205 views • 3 slides
ROADSHOW PRESENTATION May 2019 DISCLAIMER This report (the Report) was drawn up and

ROADSHOW PRESENTATION May 2019 DISCLAIMER This report (the Report) was drawn up and

ROADSHOW PRESENTATION May 2019 DISCLAIMER This report (the Report) was drawn up and supplied by CFT S.p.A. (the Company) for information and illustrative purposes only. Therefore, the Report does not represent, nor can it be intended

578 views • 29 slides
IESO Report Site Refresh New Report Site Changes October 10, 2014 R. Jovic Introduction The

IESO Report Site Refresh New Report Site Changes October 10, 2014 R. Jovic Introduction The

IESO Report Site Refresh New Report Site Changes October 10, 2014 R. Jovic Introduction The current IESO Report Site faces a number of issues: Report Site Performance and Capacity The IESO Report Site is built upon aging hardware

227 views • 7 slides
on Emerging Architectures Big Simulation and Big Data Workshop January 9, 2017 Indiana University

on Emerging Architectures Big Simulation and Big Data Workshop January 9, 2017 Indiana University

Accelerating Machine Learning on Emerging Architectures Big Simulation and Big Data Workshop January 9, 2017 Indiana University Judy Qiu Associate Professor of Intelligent Systems Engineering Indiana University SALSA Outline 1. Motivation:

1.11k views • 61 slides
Tutorial http://www.iterativemapreduce.org/ Workshop Workshop Jaliya Ekanayake Community Grids

Tutorial http://www.iterativemapreduce.org/ Workshop Workshop Jaliya Ekanayake Community Grids

Tutorial http://www.iterativemapreduce.org/ Workshop Workshop Jaliya Ekanayake Community Grids Laboratory, Digital Science Center Pervasive Technology Institute Indiana University SALSA Acknowledgements to: Team at IU SeungHee Bae,

930 views • 37 slides
MATH 105: Finite Mathematics 3-1: The Inverse of a Matrix Prof. Jonathan Duncan Walla Walla

MATH 105: Finite Mathematics 3-1: The Inverse of a Matrix Prof. Jonathan Duncan Walla Walla

Introduction to Linear Programming Systems of Linear Inequalities Regions in the Plane Conclusion MATH 105: Finite Mathematics 3-1: The Inverse of a Matrix Prof. Jonathan Duncan Walla Walla College Winter Quarter, 2006 Introduction to

659 views • 50 slides
Salsa An Automatic Tool to Improve the Numerical Accuracy of Programs Nasrine Damouche &

Salsa An Automatic Tool to Improve the Numerical Accuracy of Programs Nasrine Damouche &

Salsa An Automatic Tool to Improve the Numerical Accuracy of Programs Nasrine Damouche & Matthieu Martel University of Perpignan, LAMPS Laboratory Metalibm Workshop 2018 March 12, 2018 N. DAMOUCHE MetaLibm Workshop 1 / 61 SALSA Context

856 views • 61 slides
Cryptography Deian Stefan Adopted slides from Kirill Levchenko and Dan Boneh Cryptography

Cryptography Deian Stefan Adopted slides from Kirill Levchenko and Dan Boneh Cryptography

CSE 127: Computer Security Cryptography Deian Stefan Adopted slides from Kirill Levchenko and Dan Boneh Cryptography Is: A tremendous tool The basis for many security mechanisms Is not: The solution to all security problems

701 views • 53 slides
An Empirical View on Semantic Roles Part V Katrin Erk Sebastian Pado Saarland University

An Empirical View on Semantic Roles Part V Katrin Erk Sebastian Pado Saarland University

An Empirical View on Semantic Roles Part V Katrin Erk Sebastian Pado Saarland University ESSLLI 2006 1 Structure A Historical Introduction 1. Contemporary Frameworks 2. Empirically Difficult Phenomena 3. Role Semantics vs. Formal

299 views • 15 slides
Todays Presenter Tracy LaStella Coordinator for Youth Services, Middle Country Public

Todays Presenter Tracy LaStella Coordinator for Youth Services, Middle Country Public

Todays Presenter Tracy LaStella Coordinator for Youth Services, Middle Country Public Library (NY), and 2015 Library Journal Mover & Shaker Explore and Discover: Nature-Based Spaces and Activities at your Library Tracy LaStella

548 views • 22 slides
Narrowing a Broad Subject 04.14.13 || English 1301: Composition I || D. Glen Smith, instructor

Narrowing a Broad Subject 04.14.13 || English 1301: Composition I || D. Glen Smith, instructor

Narrowing a Broad Subject 04.14.13 || English 1301: Composition I || D. Glen Smith, instructor From Broad Topic to Narrow Subject Step One: Find a Subject: Through a listing technique the writer breaks down the broad topic to a manageable size

352 views • 8 slides

More recommend