Improving security by avoiding traffic and still get what you want in data transfers

Presented at BSidesLV 2014, Aug. 5, 2014, 5:10 p.m. (40 minutes).

Critical infrastructure systems are frequently constructed with components never designed for use in today's networked environment. While security conscious enterprises have extensive security mechanisms, these do not immediately transfer to many of our critical infrastructure networks. And yet we still need to move data in and out of them safely. This talk examines how to use the computer science concept of state to provide the equivalent of system isolation from hostile traffic on the network. Forget firewalls, air-gaps, and VPNs, and learn to embrace state transfers. This talk will explore the use of state transfer as a safer alternative to network data transfers. As more and more of our critical infrastructure is using TCP/IP networking and being connected via the Internet, methods to isolate the systems from a traffic signal point of view offer the best current technology to protect our networks, both operational technology (OT) and IT. This talk will give real world examples showing how to maintain all desired functionality, and yet sever the connection to unwanted signals carried in network traffic.


Presenters:

  • Art Conklin - Associate Professor - University of Houston
    Wm. Arthur Conklin is an Associate Professor and Director of the Center for Information Security Research and Education in the College of Technology at the University of Houston. He holds two terminal degrees, a Ph.D. in Business Administration (specializing in Information Security), from The University of Texas at San Antonio (UTSA) and the degree Electrical Engineer (specializing in Space Systems Engineering) from the Naval Postgraduate School in Monterey, CA. He holds Security+, CISSP, CSSLP, CRISC, DFCP, GICSP, IAM and IEM certifications. He is a fellow of ISSA, a senior member of ASQ and a member of IEEE, and ACM. His research interests include the use of systems theory to explore information security, specifically in Cyber Physical Systems. He has co-authored six security books and numerous academic articles associated with information security. He is active in the DHS sponsored Industrial Control Systems Joint Working Group (ICSJWG) efforts associated with workforce development and cybersecurity aspects of industrial control systems. He has an extensive background in secure coding and is a co-chair of the DHS/DoD Software Assurance Forum working group for workforce education, training and development.

Links:

Similar Presentations: