Risk Propagation Assessment for Network Security: Application to Airport Communication Network Design

Overview

The focus of this book is risk assessment methodologies for network architecture design. The main goal is to present and illustrate an innovative risk propagation-based quantitative assessment tool. This original approach aims to help network designers and security administrators to design and build more robust and secure network topologies. As an implementation case study, the authors consider an aeronautical network based on AeroMACS (Aeronautical Mobile Airport Communications System) technology. AeroMACS has ...

See more details below
Other sellers (Hardcover)
  • All (10) from $40.00   
  • New (8) from $53.91   
  • Used (2) from $40.00   

Overview

The focus of this book is risk assessment methodologies for network architecture design. The main goal is to present and illustrate an innovative risk propagation-based quantitative assessment tool. This original approach aims to help network designers and security administrators to design and build more robust and secure network topologies. As an implementation case study, the authors consider an aeronautical network based on AeroMACS (Aeronautical Mobile Airport Communications System) technology. AeroMACS has been identified as the wireless access network for airport surface communications that will soon be deployed in European and American airports mainly for communications between aircraft and airlines. It is based on the IEEE 802.16-2009 standard, also known as WiMAX.
The book begins with an introduction to the information system security risk management process, before moving on to present the different risk management methodologies that can be currently used (quantitative and qualitative). In the third part of the book, the authors’ original quantitative network risk assessment model based on risk propagation is introduced. Finally, a network case study of the future airport AeroMACS system is presented. This example illustrates how the authors’ quantitative risk assessment proposal can provide help to network security designers for the decision-making process and how the security of the entire network may thus be improved.

Contents

Part 1. Network Security Risk Assessment
1. Introduction to Information System Security Risk Management Process.
2. System Security Risk Management Background.
3. A Quantitative Network Risk Management Methodology Based on Risk Propagation.
Part 2. Application to Airport Communication Network Design
4. The AeroMACS Communication System in the SESAR Project.
5. Aeronautical Network Case Study.

About the Authors

Mohamed Slim Ben Mahmoud is a research engineer for the research group ResCo at the TELECOM laboratory of ENAC, the French national institution for civil aviation.
Nicolas Larrieu is a teacher and researcher at the research group ResCo at the TELECOM laboratory of ENAC.
Alain Pirovano is a teacher and researcher and head of the research group ResCo at the TELECOM laboratory of ENAC.

Read More Show Less

Product Details

  • ISBN-13: 9781848214545
  • Publisher: Wiley
  • Publication date: 3/19/2013
  • Series: FOCUS Series
  • Edition number: 1
  • Pages: 144
  • Product dimensions: 6.30 (w) x 9.30 (h) x 0.80 (d)

Table of Contents

LIST OF FIGURES ix

LIST OF TABLES xiii

INTRODUCTION xv

PART 1. NETWORK SECURITY RISK ASSESSMENT 1

CHAPTER 1. INTRODUCTION TO INFORMATION SYSTEM SECURITY RISK MANAGEMENT PROCESS 3

1.1. On the importance of network security for network designers 5

1.2. On the impact of risk assessment in the decision-making process for network security designers 6

1.3. Quantitative versus qualitative risk assessment approaches 7

1.4. Network security risk propagation concept 10

1.4.1. Impact of node correlation 10

1.4.2. Network security risk transitivity 11

1.4.3. Network security risk propagation illustrative case 12

CHAPTER 2. SECURITY RISK MANAGEMENT BACKGROUND 17

2.1. Qualitative security risk management methods 18

2.1.1. CRAMM 18

2.1.2. OCTAVE 18

2.1.3. EBIOS 19

2.1.4. MEHARI 19

2.1.5. CORAS 20

2.1.6. Discussion 20

2.2. Quantitative security risk assessment approaches 20

2.3. Toward a quantitative propagation-based risk assessment methodology 25

CHAPTER 3. A QUANTITATIVE NETWORK RISK ASSESSMENT METHODOLOGY BASED ON RISK PROPAGATION 27

3.1. Quantifying methodology parameters 27

3.1.1. Network risk decomposition 28

3.1.2. Node value 29

3.1.3. Enhanced node value 30

3.1.4. Impact of threats 30

3.1.5. Likelihood of threats 32

3.2. Network security risk assessment process 36

3.3. Conclusion 39

PART 2. APPLICATION TO AIRPORT COMMUNICATION NETWORK DESIGN 41

CHAPTER 4. THE AEROMACS COMMUNICATION SYSTEM IN THE SESAR PROJECT 43

4.1. Overview of the European SESAR project 43

4.2. Overview of aeronautical communications operating concept and requirements 44

4.3. Introduction to the AeroMACS communication system 47

4.3.1. AeroMACS protocol stack 48

4.3.2. AeroMACS reference network architecture 50

4.3.3. AeroMACS security considerations 52

4.3.3.1. Analysis of AeroMACS security weaknesses 53

4.3.4. AeroMACS reference network topology 55

4.3.4.1. Isolated AeroMACS network architecture 55

4.3.4.2. End-to-end AeroMACS network architecture 56

CHAPTER 5. AERONAUTICAL NETWORK CASE STUDY 59

5.1. Experimental parameters 59

5.1.1. Testbed infrastructure 59

5.1.2. Aeronautical node values instantiation 61

5.1.3. Aeronautical services instantiation 62

5.1.4. Isolated vs. end-to-end emulation scenarios 63

5.2. AeroMACS case study: experimental results 63

5.2.1. Main inputs for emulation scenarios 63

5.2.2. Isolated AeroMACS scenario: preliminary results 63

5.2.2.1. Individual risks 63

5.2.2.2. Propagated risks 68

5.2.2.3. Node and network risks 70

5.2.3. Isolated AeroMACS scenario: EAP vs. RSA sub-scenario 72

5.2.4. Preliminary AeroMACS security enhancement guidance 76

5.2.5. AeroMACS implementation improvements: isolated scenario without operational server vulnerabilities 77

5.2.5.1. Experimental inputs 78

5.2.5.2. Network topology 78

5.2.5.3. Vulnerability statistics 79

5.2.5.4. Individual risk results 81

5.2.5.5. Propagated risk results 81

5.2.5.6. Network risk results 83

5.2.6. AeroMACS topological improvements: isolated scenario with two ASN gateways 84

5.2.6.1. Experimental inputs 84

5.2.6.2. Network topology 85

5.2.6.3. Vulnerability statistics 85

5.2.6.4. Individual risk results 85

5.2.6.5. Propagation risk results 87

5.2.6.6. Network risk results 89

5.2.7. Scenario with end-to-end AeroMACS topology 91

5.2.7.1. Experimental inputs 91

5.2.7.2. Network topology 92

5.2.7.3. Vulnerability statistics 93

5.2.7.4. Individual risk results 95

5.2.7.5. Propagated risk results 97

5.2.7.6. Network risk results 97

5.3. Improving AeroMACS network security 99

5.3.1. DHCP security 101

5.3.2. Mobile IP security 103

CONCLUSION 109

BIBLIOGRAPHY 111

INDEX 117

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)