论文信息 - Defence in Depth Strategy: A Use Case Scenario of Securing a Virtual Laboratory

Defence in Depth Strategy: A Use Case Scenario of Securing a Virtual Laboratory

The role of IT security is continuously growing. Complicated systems have to be protected against sophisticated attacks on different technical and logical levels. Achieving the sufficient security level becomes even more difficult for distributed heterogeneous environments, involving valuable assets and data. A virtual laboratory, which enables remote access to unique scientific instruments, is a proper example of a multi-layered environment, where security is to be introduced from the project stage, based on a number of solutions. We explain the significance of security issues in the environment, describe possible threats and suggest an approach to address the necessary issues, based on one of the threats classifying models and applied in Poznan Supercomputing and Networking Center for building a new Kiwi Remote Instrumentation Platform.

[1] 송왕철,et al. IDS(Intrusion Detection System) , 2000 .

[2] Andrew M. Odlyzko. Economics, Psychology, and Sociology of Security , 2003, Financial Cryptography.

[3] D. Richard Kuhn,et al. Role-Based Access Controls , 2009, ArXiv.

[4] Maciej Stroinski,et al. General Conception of the Virtual Laboratory , 2004, International Conference on Computational Science.

[5] P. Napier. National Radio Astronomy Observatory , 1992 .

[6] John Viega,et al. Network Security with OpenSSL , 2002 .

[7] Gerard Frankowski,et al. Dynamic Clusters Available Under Clusterix Grid , 2006, PARA.

[8] Steve McConnell,et al. Code complete - a practical handbook of software construction, 2nd Edition , 1993 .

[9] Hervé Debar,et al. The Intrusion Detection Message Exchange Format (IDMEF) , 2007, RFC.

[10] Marianne M. Swanson,et al. Standards for Security Categorization of Federal Information and Information Systems , 2004 .

[11] Marcin Jerzak,et al. Distributed Intrusion Detection Systems – MetalDS case study , 2010 .

[12] David LeBlanc,et al. Writing Secure Code , 2001 .

[13] Nancy G. Leveson,et al. An investigation of the Therac-25 accidents , 1993, Computer.