Use this forum to discuss Thursday's events!
Welcome to the Cyber Science 2021 forum
here you can discuss the day’s events and topics
Use this forum to discuss Thursday's events!
Here are my follow-up questions related to the presentation "An Anomaly Free Distributed Firewall System for SDN" by Mitali Sinha, Dr. Padmalochan Bera and Dr. Manoranjan Satpath.
Q1. Does your research address questions of situational awareness in complex networkds i.e. how to facilitate human observations about security events in complex networks, make decisions about what rules need to be implemented and use such insights to feed-forward into definition of firewall rules or is your research only focused on working out how to generate rules on the basis that the security protection requirements are already known?
[I have in mind questions about whether your approach would be capable of being integrated with the outputs from Open Source anomaly detection software such as Suricata https://suricata.io and MISP https://www.first.org/resources/papers/conf2015/first_2015_iklody-andras-building-instantly-exploitable-protection_20150630.pdf to create an end-to-end "closed-loop" system in which SDN firewall rules responded dynamically to emerging conditions in complex networks]
Q2. To what extent does your research address integrity protection of firewall configuration data to mitigate against the risks of moving from security assured physical hardware to an all-software implementation?
[e.g. using code-signing or multi-party computation methods to protect the firewall configuration data.]
Q3. To what extent does your research address security assurance/lifecycle aspects of firewall design and implementation for Software Defined Networks? [Customers for firewalls often require the products to be formally evaluated (e.g. by laboratories operating under the Common Criteria scheme https://www.commoncriteriaportal.org/products/#BP) based on ISO 15408 ( https://www.commoncriteriaportal.org/cc/) which includes both security functional requirements and security assurance (secure development and support lifecycle) requirements.]
Q4. How does your background literature review position your research in relation to the questions raised in Q1, Q2 and Q3?
[Not addressing the questions raised in Q1, Q2 and Q3 can of course be justified, but it would be good to demonstrate wider awareness of the context surrounding your research and to make explicit any decisions to de-scope consideration of wider topics such as these]
Although SDN firewalls are not my own speciality (my research in construction sector cybersecurity touches on network infrastructure, but is not entirely focused on this), please feel to follow-up with me as you wish.
Here are my follow-up questions related to the presentation "Towards a Healthcare Cybersecurity Certification Scheme" by Kristine Hovhannisyan, Piotr Bogacki, Consuelo Assunta Colabuono, Domenico Lofù, Maria Vittoria Marabello and Brady Eugene Maxwell
Q1. How to the aims and objectives of your research differ from those of (ISC)2's certification scheme for people working in Healthcare security and privacy, the Healthcare Certified Information Security and Privacy Practitioner (HCISPP) certification ( https://www.isc2.org/-/media/ISC2/Certifications/Exam-Outlines/HCISPP-Exam-Outline.ashx)?
[At the time of asking this question it was not completely clear to me that the scope was limited to Europe and oriented towards technology and processes whereas (ISC)'s certification is more focused on people and intended to deliver a global perspective, spanning both insurance-based healthcare systems such as those that predominate in the USA which include claims administration, consumer payment handling and associated financial fraud risks and national healthcare systems which are free at the point of use and which do not include consumer payment handling]
Q2. (new question, not asked during the presentation) To what extent does your research consider organisational and structure differences between the healthcare systems of different EU countries?
[Is it realistic to consider that a single set of MoSCoW requirements could be applicable to different enterprise architectures and operating models? Do healthcare security requirements need to be defined at national, regional and local levels rather than at a transnational level?]
Note that although I'm not currently active in healthcare security and privacy research, this has been an interest of mine and I would be happy to collaborate and put you in touch with people still working in this field, in the UK NHS, the USA (HiTrust etc) and in certain countries in the Middle East where I have previously worked on healthcare security and privacy.
P.S. Some of my old (2014 to 2016 vintage) informal communications in this area are at:
http://www.computerworlduk.com/blogs/infosecurity-voice/consumer-technologies-in-healthcare--what-are-the-security-challenges-3571373 /"> https://web.archive.org/web/20160407111143/http://www.computerworlduk.com/blogs/infosecurity-voice/consumer-technologies-in-healthcare--what-are-the-security-challenges-3571373/
http://www.all-about-security.de/security-artikel/organisation/security-management/artikel/16273-consumer-technologien-im-gesundheitssektor-wo-liegen-die-he /"> https://web.archive.org/web/20140810024902/http://www.all-about-security.de/security-artikel/organisation/security-management/artikel/16273-consumer-technologien-im-gesundheitssektor-wo-liegen-die-he/
http://blogs.computerworlduk.com/infosecurity-voice/2014/03/-the-business-case-for-certified-security-professionals-in-healthcare/index.ht m"> https://web.archive.org/web/20140315122530/http://blogs.computerworlduk.com/infosecurity-voice/2014/03/-the-business-case-for-certified-security-professionals-in-healthcare/index.htm
Great questions being posted so far! I really enjoyed Dr. Phil Legg's keynote presentation, extremely engaging!
Some previews of each talk that has happened so far are available on C-MRiC's Twitter account for anyone interested.