Situation monitoring and analysis of security risk for networked services

Quantified Score

Visualization

Abstract

The complexity of modern networks makes it increasingly hard to understand the potential impact of known security vulnerabilities to a service or mission. As vulnerabilities are published, security and network operations cooperate in an attempt to identify and prioritize actions to mitigate the critical vulnerabilities that will affect their networks. Unfortunately, the tools available are still weak in their ability to understand service or mission interdependence, application interdependence, the impact of connectivity topology and the multiple layers of software that support the service or mission goals. In this environment, better situational analysis of the impact of known vulnerabilities on the service or mission would provide operations the ability to prioritize actions, in advance of a compromise. Through prioritization, the most efficient response to known weaknesses can mitigate the risk and improve the overall security of the network. This paper discusses a model of security situational analysis that allows for the effective prioritization of security vulnerabilities for action by operations. Key topics include the analysis of the application interdependence at all levels from within the individual systems to the higher level service or mission interdependence. The research associated with this paper is the result of collaboration between Alcatel and Defence R&D Canada (DRDC) under the Defence Industrial Research (DIR) Program. Alcatel would like to express its thanks to DRDC, an agency within the Department of National Defence, for its support and efforts.