A New Dimension in
System Security Engineering Overview: Based on the principles of
total security integration into the program mainstream and building the security
disciplines into the lifecycle process, this "New Dimension in System Security Engineering"
(SSE) provides the latest SSE approach to applying contemporary security technology and
information assurance to existing networks and developing programs. Goals
and Objectives:
In 2001, a new technology; the SSE
software program has been adopted and is used as a model for this training. The objectives
of this new SSE approach are to:
1. Comply with regulatory requirements on systems security and information assurance.
2. Make systems secure by integrating automated security functions into the IT mainstream and
provide Critical Infrastructure
Protection.
3. Provide automated technologies to monitor and maintain the level of security based upon the
phenomenon of increasing intruder threats and increasing computer operating system
vulnerabilities.
Integrating the "Security" Systems
Essentially in the “New Dimension of SSE”, many of the security disciplines previously addressed have
taken on totally new perspectives with the advancement of computer and server technology and the Internet.
The flow diagram below depicts the change process:
New IT Security Technologies
Within the emerging IT security technologies, NDI introduced to the IT Security community the first
publicized Focus on External Intrusions presented by Cliff Stoll and later the first commercial
Internet security scanner and its founder, Christopher Klaus. The introduction of ISS stimulated
a series of security software development now overwhelming the system with numerous “single point”
products. NDI is introducing the next generation security technologist, Christopher Berlandier,
one of the founders of this new SSE IT Security Integration Technology.
The wheel chart below portrays the new SSE Security Management integration:
New IT Security Technologies
Within the emerging IT security technologies, NDI introduced to the IT Security community the first
publicized Focus on External Intrusions presented by Cliff Stoll and later the first commercial
Internet security scanner and its founder, Christopher Klaus. The introduction of ISS stimulated
a series of security software development now overwhelming the system with numerous “single point”
products. NDI is introducing the next generation security technologist, Christopher Berlandier,
one of the founders of this new SSE IT Security Integration Technology.
The New Core Security Disciplines
The new security disciplines range in magnitude, but are essentially comprised of the following:
| • |
Security Scanner–Find vulnerabilities
in operating systems (Vulnerability Analysis) |
| • |
Intrusion Detection Systems
(IDS) – reports attempted intrusions into the network. |
| • |
Firewalls – designed to
control authorized entry or exit into and out of a network |
| • |
Encryption Technologies
–cryptographic transfer/exchange of message data and files. |
These products represent the core applied by the new IT security technologies. Several other security
technologies that have been added to the menu of products which include:
| • |
Automated policy |
| • |
Anti-virus programs,
including home computer firewalls and the like. |
Software Supported Security Functions
In addition to the above, new technologies have been introduced. These provide for Risk Assessment (risk analysis)
and Certification and Accreditation; Auto-Install, Back-up and Restore for contingency planning, disaster recovery
and one of the newest software capabilities: (Patch Management) which employs new technologies and agents to perform
configuration changes to secure operating systems with vendor released patches.
New Dimensions in Threat & Risk Analysis
The NEW approach employs current technologies to structure Threat and Risk Analyses. The following pie
chart portrays the New Threat and Categories of Attacks.
Some attacks produce heavier damages depending on sensitivity of the data AND system critical functions. A virus
attack may be a nuisance or web-site defacement embarrassing; a denial of service could impact trajectory.
New Dimensions in SSE Training
The new training program approaches contemporary System Security Engineering by:
| • |
Reviewing the various security disciplines
(much like the original approach), |
| • |
Providing for methodologies to integrate
security software into the life cycle development, |
| • |
Providing for techniques for Independent
Verification and Validation, and, finally |
| • |
Representing a total end-to-end
security assurance model to be used as a process to achieve |
the new dimension in information technology-based System Security Engineering.
NDI SSE Background- NDI originally developed the SSE training curriculum for the Departments of
Air Force and Navy and later the Defense Department. These courses have been presented to
numerous program officers and personnel from government as well as Defense and space contractor
personnel addressing how to build security into the program and life cycle development processes.
These include: Navy major programs; Air Force F-22, B1&B2 Aircraft programs, Unmanned Aerial Vehicle,
GPS, Ground-based Radar, SDI, Space Command, Space and Missile Center, Electronic Systems Center, NASA and many more.
In 1995, NDI introduced the “new technology” & “Hackers, Crackers & Sniffers” and Internet
Security intrusions & vulnerabilities. In 1997, NDI introduced the integrated software
approach to developing system protection & implementation for 32 space programs sponsored
by US Space Command. In 1999, using relational database technologies & JAVA programming with
browser based interfaces; NDI created the latest dimension integrating security into the
program and IT processes. This led to the SSE Security Assurance Management Software.
Topics Discussed:
| • |
Confronting System Challenges to System Security Computing |
| • |
Transitioning Old Design to the New Approach with Emerging Technologies |
| • |
The IT Security Paradigm - Enterprise Security Manager
(and new management roles) |
| • |
The Core IT Security Technologies to Include
Scanners, Firewalls and IDSs |
| • |
Software Supported Security Functions |
| • |
Risk Assessment |
| • |
Certification and Accreditation |
| • |
Security Assurance Management Concept – Integrating Key Security Functions |
| • |
The iSecure Methodology WorkFlow Process, Assessment and Recording Evaluations |
| • |
ST&E Automated Certification and Accreditation |
| • |
The Model System Security Engineering Manager Software |
| • |
Practical on-line Demonstrations |
This is an intensive course which provides for the necessary competencies to apply
these newest dimensions of IT security to the system security engineering disciplines.
Course Delivery:
| Delivery
Method |
Instructor-led
Lecture and Demonstrations |
| Course Duration |
2 1/2 Days |
| Course Fee |
$1200.00 US |
|
