DOCSLIB.ORG

Ten Strategies of a World-Class Cybersecurity Operations Center Conveys MITRE’S Expertise on Accumulated Expertise on Enterprise-Grade Computer Network Defense

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Ten Strategies of a World-Class Cybersecurity Operations Center Conveys MITRE’S Expertise on Accumulated Expertise on Enterprise-Grade Computer Network Defense Bleed rule--remove from file Bleed rule--remove from file MITRE’s accumulated Ten Strategies of a World-Class Cybersecurity Operations Center conveys MITRE’s expertise on accumulated expertise on enterprise-grade computer network defense. It covers ten key qualities enterprise- grade of leading Cybersecurity Operations Centers (CSOCs), ranging from their structure and organization, computer MITRE network to processes that best enable effective and efficient operations, to approaches that extract maximum defense Ten Strategies of a World-Class value from CSOC technology investments. This book offers perspective and context for key decision Cybersecurity Operations Center points in structuring a CSOC and shows how to: • Find the right size and structure for the CSOC team Cybersecurity Operations Center a World-Class of Strategies Ten The MITRE Corporation is • Achieve effective placement within a larger organization that a not-for-profit organization enables CSOC operations that operates federally funded • Attract, retain, and grow the right staff and skills research and development • Prepare the CSOC team, technologies, and processes for agile, centers (FFRDCs). FFRDCs threat-based response are unique organizations that • Architect for large-scale data collection and analysis with a assist the U.S. government with limited budget scientific research and analysis, • Prioritize sensor placement and data feed choices across development and acquisition, enteprise systems, enclaves, networks, and perimeters and systems engineering and integration. We’re proud to have If you manage, work in, or are standing up a CSOC, this book is for you. served the public interest for It is also available on MITRE’s website, www.mitre.org. more than 50 years. Carson Zimmerman is a Lead Cybesecurity Engineer with The MITRE Corporation. He has ten years of experience working with various CSOCs to better defend against the The MITRE Corporation adversary. He has held roles in the CSOC ranging from 202 Burlington Road tier 1 analyst to architect. Bedford, MA 01730-1420 (781) 271-2000 7515 Colshire Drive McLean, VA 22102-7539 (703) 983-6000 www.mitre.org Carson Zimmerman © 2014 The MITRE Corporation. All rights reserved. Approved for Public Release. Distribution unlimited. MITRE Case number 13-1028. MITRE Bleed rule--remove from file Bleed rule--remove from file MITRE Ten Strategies of a World-Class Cybersecurity Operations Center Carson Zimmerman © 2014 by The MITRE Corporation. All rights reserved. Produced by MITRE Corporate Communications and Public Affairs International Standard Book Number: 978-0-692-24310-7 Printed in the United States of America on acid-free paper The views, opinions, and/or findings contained in this book are those of The MITRE Corporation and should not be construed as an official government position, policy, or decision, unless designated by other documentation. This book discusses observations and ideas, and The MITRE Corporation expressly disclaims any warranty of any kind. Although products are discussed in this book, nothing in this book should be construed as an endorsement of any kind. The trademarks used herein belong to their respective holders. Approved for public release; distribution unlimited. Case Number 13-1028. The MITRE Corporation 202 Burlington Road • Bedford, MA 01730-1420 • (781) 271-2000 7515 Colshire Drive • McLean, VA 22102-7539 • (703) 983-6000 www.mitre.org [email protected] Send feedback or questions on this book to [email protected]. Acknowledgments There are many individuals whose hard work has contributed to the creation of this book. First of all, I would like to recognize Eric Lippart, whose many years of work in computer network defense (CND) contributed to every aspect of this book. The ten strategies outlined in the book emerged from the years we worked together to share best practices and solutions for CND across the U.S. federal government. Some sections of this book are based, in part, on material from other MITRE work. The following sections incorporate ideas and expertise from other MITRE staff members: Scott Foote, Chuck Boeckman, and Rosalie McQuaid: Cyber situ- ational awareness, Section 2.5 Julie Connolly, Mark Davidson, Matt Richard, and Clem Skorupka: Cyber attack life cycle, Section 2.6 Susan May: CSOC staffing, S e c t ion 7. 2 Mike Cojocea: Security information and event management (SIEM) and log management (LM) best practices, Section 8.3 Joe Judge and Eugene Aronne: Original work on intrusion detection systems (IDS) and SIEM, Section 8.2 and Section 8.3 Frank Posluszny: Initial concept and development of material on Cyber Threat Analysis Cells, Sections 11.1–11.6 Kathryn Knerler: CND resources and websites, Section 11.7 iii Acknowledgements Therese Metcalf: Material on various government CSOCs, which was used throughout this book Bob Martin: Technical editing and glossary Robin Cormier: Public release and project management Robert Pappalardo and John Ursino: Cover design Susan Robertson: Book layout and diagrams The following individuals are recognized as peer reviewers for this book: Chuck Boeckman, Mike Cojocea, Dale Johnson, Kathryn Knerler, Eric Lippart, Rick Murad, Todd O’Boyle, Lora Randolph, Marnie Salisbury, Ben Schmoker, Wes Shields, and Dave Wilburn. This book would not have been possible without the funding and mentorship provided by MITRE’s cybersecurity leadership: Gary Gagnon, Marnie Salisbury, Marion Michaud, Bill Neugent, Mindy Rudell, and Deb Bodeau. In addition, Lora Randolph’s and Marnie Salisbury’s advice and support were instrumental in making this book possible. This book was also inspired by the excellent work done by the Carnegie Mellon University (CMU) Software Engineering Institute (SEI) Computer Emergency Response Team (CERT®), whose materials are referenced herein. Their copyrighted material has been used with permission. The following acknowledgement is included per CMU SEI: This publication incorporates portions of the “Handbook for Computer Security Incident Response Teams, 2nd Ed.,” CMU/SEI-2003-HB-002, Copyright 2003 Carnegie Mellon University and “Organizational Models for Computer Security Incident Response Teams,” CMU/SEI-2003-HB-001, Copyright 2003 Carnegie Mellon University with special permission from its Software Engineering Institute. Any material of Carnegie Mellon University and/or its Software Engineering Institute contained herein is furnished on an “as-is” basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied, as to any matter including, but not limited to, warranty of fitness for purpose or mer- chantability, exclusivity, or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to free- dom from patent, trademark, or copyright infringement. This publication has not been reviewed nor is it endorsed by Carnegie Mellon University or its Software Engineering Institute. CERT is a registered trademark of Carnegie Mellon University. I would like to recognize the tireless efforts of the many operators, analysts, engineers, managers, and executives whose contributions to cyber defense have helped shape this book. iv Ten Strategies of a World-Class Cybersecurity Operations Center This book is dedicated to Kristin and Edward. About the Cover “Now, here, you see, it takes all the running you can do, to keep in the same place. If you want to get somewhere else, you must run at least twice as fast as that!” — The Red Queen, to Alice, in Lewis Carroll’s Through the Looking Glass The adversary is constantly advancing its capabilities. Enterprise networks are always adapting to accommodate new technologies and changing business practices. The defender must expend all the effort it can just to stay in the same relative place, relative to what it must protect and defend against. Actually advancing its capabilities—matching or getting ahead of the adversary—takes that much more effort. Stealing a concept from evolutionary biology, we draw a parallel others in cybersecu- rity have to the Red Queen Hypothesis. The Cybersecurity Operations Center must con- stantly evolve its tactics, techniques, procedures, and technologies to keep pace. This is a frequent refrain throughout the book. v vi Contents Acknowledgments iii Executive Summary 1 Introduction 3 Fundamentals 8 Strategy 1: Consolidate CND Under One Organization 44 Strategy 2: Achieve Balance Between Size and Agility 49 Strategy 3: Give the SOC the Authority to Do Its Job 71 Strategy 4: Do a Few Things Well 80 Strategy 5: Favor Staff Quality over Quantity 87 Strategy 6: Maximize the Value of Technology Purchases 108 Strategy 7: Exercise Discrimination in the Data You Gather 175 Strategy 8: Protect the SOC Mission 206 Strategy 9: Be a Sophisticated Consumer and Producer of Cyber Threat Intelligence 221 Strategy 10: Stop Think Respond Calmly 250 References 258 Appendix A: External Interfaces 278 Appendix B: Do We Need Our Own SOC? 282 Appendix C: How Do We Get Started? 286 Appendix D: Should the SOC Go 24x7? 291 Appendix E: What Documents Should the SOC Maintain? 295 Appendix F: What Should an Analyst Have Within Reach? 301 Appendix G: Characteristics of a World-Class SOC 307 Appendix H: Glossary 319 Appendix I: List of Abbreviations 326 Index 332 vii Figures Figure 1 SOC Roles and Incident Escalation 14 Figure 2 OODA Loop 26 Figure 3 Cyber Attack Life Cycle 30 Figure 4 Typical SOC Tool Architecture 33 Figure 5 Context to Tip-offs: Full-Spectrum CND Data 34 Figure 6 CND
Load more

Recommended publications
  • Final Report September 2020
    Coronavirus Commission for Safety and Quality in Nursing Homes Commission Final Report September 2020 Approved for Public Release; Distribution Unlimited 20-2378. © 2020 The MITRE Corporation. All Rights Reserved. Commission Final Report NOTICE This document was produced for the U. S. Government under Contract Number 75FCMC19F0012, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General. No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation. For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA 22102-7539, (703) 983-6000. Approved for Public Release; Distribution Unlimited 20-2378. © 2020 The MITRE Corporation. All Rights Reserved. Commission Final Report Coronavirus Commission for Safety and Quality in Nursing Homes Morgan Jane Katz, MD, MHS Assistant Professor of Medicine, Johns Hopkins Commission Members University, Maryland Roya Agahi, RN, MS HCM, WCC Beverley L. Laubert, MA Chief Nursing Officer, CareRite, New York State Long-Term Care Ombudsman, State Department of Aging, Ohio Lisa M. Brown, PhD, ABPP Professor of Psychology, Rosie D. Lyles, MD, MHA, MSc, FACA Palo Alto University, California Director of Clinical Affairs, Medline Industries, Mark Burket Illinois CEO, Platte Health Center Avera, South Dakota Jeannee Parker Martin, MPH, BSN, RN Eric M. Carlson, JD President and CEO, LeadingAge California Directing Attorney, Justice in Aging, California G. Adam Mayle, CHFM, CHC, CHE (does not endorse this report) Administrative Director of Facilities, Memorial Michelle Dionne-Vahalik, DNP, RN Healthcare System, Florida Associate Commissioner, State Health and Human David A.
    [Show full text]
  • The Data Deluge Top of Mind Resonance
    GROWING NEURONS ECE BUILDINGS VIRTUAL REALITY BECOMES REAL REMEMBERING A MENTOR AND TEACHER RAPID DNA SEQUENCING 10 ANSWERS RESONANCETHE MAGAZINE OF ECE ILLINOIS SPRING 2014 THE DATA DELUGE TOP OF MIND RESONANCE Spring 2014 EDITORIAL BOARD Jeanette Beck Assistant to the Department Head Jennifer Carlson Academic Programs Coordinator Meg Dickinson At ECE ILLINOIS, when we think of Big Data, we think about how to acquire it, Communications Specialist store it, understand the forms it takes, use the right tools to analyze it and make decisions based on the knowledge that’s revealed. For us, Big Data is a Breanne Ertmer fundamental approach to solving problems, rather than a single technology or Corporate Relations Coordinator tool. It’s a new way of doing things, in which our search for solutions is heavily Steve Franke driven by data. Associate Head for Graduate Affairs We are uniquely qualified as a department to be a leader in the Big Data revolu- Steve George tion. It’s an effort already underway, and one that will continue to guide us as Senior Director of Advancement we collaborate within our department, across campus, and with other institu- Sarah Heier tions to use Big Data to improve the quality of life for others. Alumni and Student Relations Coordinator Every area of study in ECE is contributing to this process. Remote sensing is Jamie Hutchinson all about gathering data to better understand our atmosphere. Micro- and Publications Office Editor nano-electronics provide special-purpose hardware to acquire it. In particular, bio-applications of microelectronics can do so by sensing functions related to Erhan Kudeki health.
    [Show full text]
  • 07 Requirements What About RFP/RFB/Rfis?
    CMPSCI520/620 07 Requirements & UML Intro 07 Requirements SW Requirements Specification • Readings • How do we communicate the Requirements to others? • [cK99] Cris Kobryn, Co-Chair, “Introduction to UML: Structural and Use Case Modeling,” UML Revision Task Force Object Modeling with OMG UML Tutorial • It is common practice to capture them in an SRS Series © 1999-2001 OMG and Contributors: Crossmeta, EDS, IBM, Enea Data, • But an SRS doesn’t need to be a single paper document Hewlett-Packard, IntelliCorp, Kabira Technologies, Klasse Objecten, Rational Software, Telelogic, Unisys http://www.omg.org/technology/uml/uml_tutorial.htm • Purpose • [OSBB99] Gunnar Övergaard, Bran Selic, Conrad Bock and Morgan Björkande, “Behavioral Modeling,” UML Revision Task Force, Object Modeling with OMG UML • Contractual requirements Tutorial Series © 1999-2001 OMG and Contributors: Crossmeta, EDS, IBM, Enea elicitation Data, Hewlett-Packard, IntelliCorp, Kabira Technologies, Klasse Objecten, Rational • Baseline Software, Telelogic, Unisys http://www.omg.org/technology/uml/uml_tutorial.htm • for evaluating subsequent products • [laM01] Maciaszek, L.A. (2001): Requirements Analysis and System Design. • for change control requirements Developing Information Systems with UML, Addison Wesley Copyright © 2000 by analysis Addison Wesley • Audience • [cB04] Bock, Conrad, Advanced Analysis and Design with UML • Users, Purchasers requirements http://www.kabira.com/bock/ specification • [rM02] Miller, Randy, “Practical UML: A hands-on introduction for developers,”
    [Show full text]
  • Word Definitions
    PAGE 1 OF 12 WORD DEFINITIONS The Catholic Words Memory Match Card Game, a fun way for the entire family—or classroom— to learn new Catholic vocabulary words! Instilling a love and reverence for the faith should begin at an early age. This game was borne out of my own desire to do just that for my own children. The Catholic Words Memory Match Card Game will provide parents, grandparents, teachers, homeschoolers, Dan Gonzalez, his wife Elisa and their catechists and youth ministers a fun way to help teach Catholic vocabulary words. two children Matthew and Zoe. A FUN WAY TO LEARN Watch your little one’s excitement at Mass when they recognize the vessels, objects and vestments With these free printable definitions, the game used in the liturgy. Introducing these words will cards become flash cards. help prepare them to receive the Sacraments and Show a card and read its definition. Let the inaugurate a lifelong journey of learning about the child see the picture of the real-world object. wonders of their Catholic faith. Discuss where the object is seen at your local May God bless you and those entrusted to your care. parish or in the home. Take the cards with you to church and point out the items before or after Mass. Then, let the games begin! Catholic Words Memory Match is an addictive way to learn new Catholic vocabulary words! Dan Gonzalez Advent Wreath: A wreath usually made Alb: A white robe with long sleeves worn by the Altar Bells: A bell or set of bells rung of holly or evergreen branches that hold three priest under his chasuble and the deacon under immediately after the consecration of each purple candles and a rose one.
    [Show full text]
  • A Discussion of Ecommerce: Innovation, Strategy & the Future of Digital Transactions
    A Discussion of eCommerce: Innovation, Strategy & the Future of Digital Transactions 8 – 8:45 am: Registration, Coffee & Breakfast 8:45 – 9 am: D+P introduction to eCommerce M&A landscape Presented by: Reed Phillips, CEO & Managing Partner, DeSilva+Phillips 9 – 9:45 am: “Executing eCommerce” Panel and Q&A Andy Dunn, CEO, Bonobos Chris Fralic, Partner, First Round Capital Scott Kurnit, CEO, Keep Holdings, Founder, About, Inc. Shirley Romig, Head of Corporate Strategy, Hudson's Bay Co. Moderated by: Sheila Dharmarajan, Head of Business Development at Zelnick Media, Former on-air reporter at CNBC and Bloomberg TV 9:45 – 10:30 am: “Driving eCommerce” Panel and Q&A Russ D’Souza – Co-Founder, SeatGeek Daniel de Grandpre, CEO, DealNews Katy McCarthy, CEO, Geeknet & ThinkGeek Gautam Thakar, CEO, LivingSocial Moderated by: Jessica Naeve, Partner, DeSilva+Phillips Networking to Follow Andy Dunn Founder & CEO, Bonobos Andy Dunn is the founder and CEO of Bonobos Inc., the parent company of e- commerce-driven apparel brands Bonobos, AYR and Maide golf. Founded in 2007 with namesake menswear brand, Bonobos, Dunn has worked to define a new model for vertically integrated fashion retail in the e- commerce era, providing a bundle of high quality, great-fitting clothes and a hassle-free shopping experience across brands. He was named to Crain’s “40 under 40” list in 2013 and was listed as one of Fortune magazine’s “Rising Retail Stars” in 2012. Additionally, he founded Red Swan Ventures, an angel investment firm focused on building great consumer Internet companies, is on the board of personal dating website, Hinge, and is founding board chair emeritus of education social enterprise Blue Engine.
    [Show full text]
  • Blurred Lines Between Role and Reality: a Phenomenological Study of Acting
    Antioch University AURA - Antioch University Repository and Archive Student & Alumni Scholarship, including Dissertations & Theses Dissertations & Theses 2019 Blurred Lines Between Role and Reality: A Phenomenological Study of Acting Gregory Hyppolyte Brown Follow this and additional works at: https://aura.antioch.edu/etds Part of the Psychology Commons BLURRED LINES BETWEEN ROLE AND REALITY: A PHENOMENOLOGICAL STUDY OF ACTING A Dissertation Presented to the Faculty of Antioch University Santa Barbara In partial fulfillment of the requirements for the the degree of DOCTOR OF PSYCHOLOGY In CLINICAL PSYCHOLOGY by GREGORY HIPPOLYTE BROWN August 2019 This dissertation, by Gregory Hippolyte Brown, has been approved by the committee members signed below who recommend that it be accepted by the faculty of Antioch University Santa Barbara in partial fulfillment of requirements for the degree of DOCTOR OF PSYCHOLOGY Dissertation Committee: _________________________ Brett Kia-Keating, Ed.D. Chairperson __________________________ Sharleen O‘ Brien, Ph.D. Second Faculty __________________________ Thalia R. Goldstein, Ph.D. External Expert ii Copyright © 2019 Gregory Hippolyte Brown iii Abstract When an actor plays a character in a film, they try to connect with the emotions and behavioral patterns of the scripted character. There is an absence of literature regarding how a role influences an actor’s life before, during, and after film production. This study examined how acting roles might influence an actor during times on set shooting a movie or television series as well as their personal life after the filming is finished. Additionally the study considered the psychological impact of embodying a role, and whether or not an actor ever has the feeling that the performed character has independent agency over the actor.
    [Show full text]
  • Zero Correlation Linear Cryptanalysis on LEA Family Ciphers
    Journal of Communications Vol. 11, No. 7, July 2016 Zero Correlation Linear Cryptanalysis on LEA Family Ciphers Kai Zhang, Jie Guan, and Bin Hu Information Science and Technology Institute, Zhengzhou 450000, China Email: [email protected]; [email protected]; [email protected] Abstract—In recent two years, zero correlation linear Zero correlation linear cryptanalysis was firstly cryptanalysis has shown its great potential in cryptanalysis and proposed by Andrey Bogdanov and Vicent Rijmen in it has proven to be effective against massive ciphers. LEA is a 2011 [2], [3]. Generally speaking, this cryptanalytic block cipher proposed by Deukjo Hong, who is the designer of method can be concluded as “use linear approximation of an ISO standard block cipher - HIGHT. This paper evaluates the probability 1/2 to eliminate the wrong key candidates”. security level on LEA family ciphers against zero correlation linear cryptanalysis. Firstly, we identify some 9-round zero However, in this basic model of zero correlation linear correlation linear hulls for LEA. Accordingly, we propose a cryptanalysis, the data complexity is about half of the full distinguishing attack on all variants of 9-round LEA family code book. The high data complexity greatly limits the ciphers. Then we propose the first zero correlation linear application of this new method. In FSE 2012, multiple cryptanalysis on 13-round LEA-192 and 14-round LEA-256. zero correlation linear cryptanalysis [4] was proposed For 13-round LEA-192, we propose a key recovery attack with which use multiple zero correlation linear approximations time complexity of 2131.30 13-round LEA encryptions, data to reduce the data complexity.
    [Show full text]
  • The Pragmatics of Powerlessness in Police Interrogation
    Seattle University School of Law Digital Commons Faculty Scholarship 1-1-1993 In a Different Register: The Pragmatics of Powerlessness in Police Interrogation Janet Ainsworth Follow this and additional works at: https://digitalcommons.law.seattleu.edu/faculty Part of the Constitutional Law Commons Recommended Citation Janet Ainsworth, In a Different Register: The Pragmatics of Powerlessness in Police Interrogation, 103 YALE L.J. 259 (1993). https://digitalcommons.law.seattleu.edu/faculty/287 This Article is brought to you for free and open access by Seattle University School of Law Digital Commons. It has been accepted for inclusion in Faculty Scholarship by an authorized administrator of Seattle University School of Law Digital Commons. For more information, please contact [email protected]. Articles In a Different Register: The Pragmatics of Powerlessness in Police Interrogation Janet E. Ainswortht CONTENTS I. INTRODUCTION ............................................ 260 II. How WE Do THINGS WITH WORDS .............................. 264 A. Performative Speech Acts ................................. 264 B. Indirect Speech Acts as Performatives ......................... 267 C. ConversationalImplicature Modifying Literal Meaning ............. 268 H. GENDER AND LANGUAGE USAGE: A DIFFERENT REGISTER .............. 271 A. Characteristicsof the Female Register ........................ 275 1. Hedges ........................................... 276 2. Tag Questions ...................................... 277 t Associate Professor of Law, University of Puget Sound School of Law. B.A. Brandeis University, M.A. Yale University, J.D. Harvard Law School. My appreciative thanks go to Harriet Capron and Blain Johnson for their able research assistance. I am also indebted to Melinda Branscomb, Jacqueline Charlesworth, Annette Clark, Sid DeLong, Carol Eastman, Joel Handler, Robin Lakoff, Debbie Maranville, Chris Rideout, Kellye Testy, Austin Sarat, and David Skover for their helpful comments and suggestions.
    [Show full text]
  • Interrogation Nation: Refugees and Spies in Cold War Germany Douglas Selvage / Office of the Federal Commissioner for the Stasi Records
    Interrogation Nation: Refugees and Spies in Cold War Germany Douglas Selvage / Office of the Federal Commissioner for the Stasi Records In Interrogation Nation: Refugees and Spies in Cold War Germany, historian Keith R. Allen analyzes the “overlooked story of refugee screening in West Germany” (p. xv). Building upon his previous German-language study focused on such screening at the Marienfelde Refugee Center in West Berlin (Befragung - Überprüfung - Kontrolle: die Aufnahme von DDR- Flüchtlingen in West-Berlin bis 1961, Berlin: Ch. Links, 2013), Allen examines the places, personalities, and practices of refugee screening by the three Western Powers, as well as the German federal government, in West Berlin and throughout West Germany. The topic is particularly timely since, as Allen notes, many of “the screening programs established during the darkest days of the Cold War” (p. xv) continue today, although their targets have shifted. The current political debates about foreign and domestic intelligence activities in Germany, including the issue of refugee screening, echo earlier disputes from the years of the Bonn Republic. The central questions remain: To what extent have citizenship rights and the Federal Republic’s sovereignty been compromised by foreign and domestic intelligence agencies – largely with the consent of the German government – in the name of security? BERLINER KOLLEG KALTER KRIEG | BERLIN CENTER FOR COLD WAR STUDIES 2017 Douglas Selvage Interrogation Nation Allen divides his study into three parts. In Part I, he focuses on “places” – the various sites in occupied West Berlin and western Germany where refugees were interrogated. He sifts through the alphabet soup of acronyms of US, British, French, and eventually West German civilian and military intelligence services and deciphers the cover names of the institutions and locations at which they engaged in screening activities during the Cold War and beyond.
    [Show full text]
  • On the NIST Lightweight Cryptography Standardization
    On the NIST Lightweight Cryptography Standardization Meltem S¨onmez Turan NIST Lightweight Cryptography Team ECC 2019: 23rd Workshop on Elliptic Curve Cryptography December 2, 2019 Outline • NIST's Cryptography Standards • Overview - Lightweight Cryptography • NIST Lightweight Cryptography Standardization Process • Announcements 1 NIST's Cryptography Standards National Institute of Standards and Technology • Non-regulatory federal agency within U.S. Department of Commerce. • Founded in 1901, known as the National Bureau of Standards (NBS) prior to 1988. • Headquarters in Gaithersburg, Maryland, and laboratories in Boulder, Colorado. • Employs around 6,000 employees and associates. NIST's Mission to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. 2 NIST Organization Chart Laboratory Programs Computer Security Division • Center for Nanoscale Science and • Cryptographic Technology Technology • Secure Systems and Applications • Communications Technology Lab. • Security Outreach and Integration • Engineering Lab. • Security Components and Mechanisms • Information Technology Lab. • Security Test, Validation and • Material Measurement Lab. Measurements • NIST Center for Neutron Research • Physical Measurement Lab. Information Technology Lab. • Advanced Network Technologies • Applied and Computational Mathematics • Applied Cybersecurity • Computer Security • Information Access • Software and Systems • Statistical
    [Show full text]
  • Sysml, the Language of MBSE Paul White
    Welcome to SysML, the Language of MBSE Paul White October 8, 2019 Brief Introduction About Myself • Work Experience • 2015 – Present: KIHOMAC / BAE – Layton, Utah • 2011 – 2015: Astronautics Corporation of America – Milwaukee, Wisconsin • 2001 – 2011: L-3 Communications – Greenville, Texas • 2000 – 2001: Hynix – Eugene, Oregon • 1999 – 2000: Raytheon – Greenville, Texas • Education • 2019: OMG OCSMP Model Builder—Fundamental Certification • 2011: Graduate Certification in Systems Engineering and Architecting – Stevens Institute of Technology • 1999 – 2004: M.S. Computer Science – Texas A&M University at Commerce • 1993 – 1998: B.S. Computer Science – Texas A&M University • INCOSE • Chapters: Wasatch (2015 – Present), Chicagoland (2011 – 2015), North Texas (2007 – 2011) • Conferences: WSRC (2018), GLRCs (2012-2017) • CSEP: (2017 – Present) • 2019 INCOSE Outstanding Service Award • 2019 INCOSE Wasatch -- Most Improved Chapter Award & Gold Circle Award • Utah Engineers Council (UEC) • 2019 & 2018 Engineer of the Year (INCOSE) for Utah Engineers Council (UEC) • Vice Chair • Family • Married 14 years • Three daughters (1, 12, & 10) 2 Introduction 3 Our Topics • Definitions and Expectations • SysML Overview • Basic Features of SysML • Modeling Tools and Techniques • Next Steps 4 What is Model-based Systems Engineering (MBSE)? Model-based systems engineering (MBSE) is “the formalized application of modeling to support system requirements, design, analysis, verification and validation activities beginning in the conceptual design phase and continuing throughout development and later life cycle phases.” -- INCOSE SE Vision 2020 5 What is Model-based Systems Engineering (MBSE)? “Formal systems modeling is standard practice for specifying, analyzing, designing, and verifying systems, and is fully integrated with other engineering models. System models are adapted to the application domain, and include a broad spectrum of models for representing all aspects of systems.
    [Show full text]
  • Mcafee Epolicy Orchestrator DATA SHEET
    DATA SHEET McAfee ePolicy Orchestrator Centrally get, visualize, share, and act on security insights Security management requires cumbersome juggling between tools and data. This puts the adversary at an advantage by offering more time to exploit the gap not seen between the tools and do damage. In addition, the cybersecurity workforce is limited and needs to be empowered to manage cybersecurity complexity. The McAfee® ePolicy Orchestrator® (McAfee ePO™) management platform removes the time-consuming and potential human error effort and inspires those responsible to manage security quicker and with higher efficacy. Fundamental Security Proven Advanced Security Management Start with the fundamentals. Core to any security More than 30,000 businesses and organizations trust architecture is the ability to monitor and control the the McAfee ePO console to manage security, streamline health of endpoints and systems. Industry standards and automate compliance processes, and increase such as Center for Internet Security (CIS) Controls and overall visibility across endpoint, network, and security National Institute of Standards Technology (NIST) SP operations. Big companies rely on the McAfee ePO 800 153 security and privacy controls call this out as console’s highly scalable architecture, allowing large a must. The McAfee ePO console allows you to gain enterprises to manage hundreds and thousands of critical visibility and set and automatically enforce nodes from a single console. The McAfee ePO console policies to ensure a healthy security posture across provides an enterprise security administrator with the your enterprise. Policy management and enforcement opportunity to simplify policy maintenance, pull in third- across security products for your entire enterprise party threat intelligence leveraging Data Exchange Layer is accomplished from a single console, removing the (DXL), and integrate policies bi-directionally with an array complexity of managing multiple products.
    [Show full text]