1 / 36

Public Safety and Security

Public Safety and Security. CS 401/601 Computer Network Systems Mehmet Gunes. Public Safety. Public safety refers to the welfare and protection of the general public Public safety organizations include law enforcement, public health, and emergency management services

ethel
Télécharger la présentation

Public Safety and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Public Safety and Security CS 401/601 Computer Network Systems Mehmet Gunes

  2. Public Safety • Public safety refers to the welfare and protection of the general public • Public safety organizations • include law enforcement, public health, and emergency management services • at national, regional, or local levels

  3. Public Safety • Public safety and security can be improved by • traffic and surveillance cameras, gunshot detection sensors, and • other real time security sensors that provide information on what is happening and where • Public health can be assured with sensors that continuously feed smart city systems • monitor weather, pollution, seismic activities, water levels, etc.

  4. Critical Infrastructure Sectors Commercial Facilities Chemical Communications Critical Manufacturing Information Technology Emergency Services Dams Defense Industrial Base Energy Water and Wastewater Financial Services Food and Agriculture Government Facilities Healthcare and Public Health Transportation Systems

  5. Smart City • Smart city solutions integrate • ubiquitous sensing components • heterogeneous network infrastructure • powerful computing systems • Smart city applications include • intelligent transportation • smart utilities • intelligent healthcare • smart facilities

  6. Cybersecurity Issues • Digital transformation of smart city introduces new challenges for public safety and security • While public safety and security has focused on local adversaries, smart systems introduce remote adversaries • Larger attack surface with unknown adversaries • Connected systems amplify attacker capabilities • Interdependent systems could trigger chain reactions • Centralized data repositories introduce privacy challenges

  7. Cybersecurity Effects • Deceive: Cause a person to believe what is not true • Degrade: Temporary reduction in effectiveness • Delay: Slow the time of arrival of forces or capabilities • Deny: Withhold information about capabilities • Destroy: Capability cannot be restored • Disrupt: Interrupt or impede capabilities or systems • Divert: Change course or direction • Exploit: Gain access to systems to collect or plant info • Suppress: Temporarily degrade services

  8. Digital Integration • Smart cities have pervasive applications and sensors that encompass individuals • individuals are not aware of the data collected about them • opting out of the smart city is infeasible

  9. Sensor Data • Attackers may generate false data to manipulate sensing results such that services, decisions, and control in a smart city are impaired or even catastrophic • could compromise sensors and send fake data to affect city operations, raising alarms, and causing public panic • fake an earthquake, flood, and tunnel or bridge collapse • tamper with elevators, railway or traffic signals

  10. Infrastructure • Critical infrastructures such as power plants have become a major target • remote adversaries have been looking for vulnerabilities to exploit • infrastructures are interdependent

  11. Cascading Failures • Cascading failures caused by system malfunctions, natural disasters, or industrial accidents could result in large disruptions • infiltrate city operations to crumble the infrastructure • derailment of a commuter train led to water main break, a localized flooding, power failure, and eventually fiber optic damage affecting considerable area

  12. Public System • Attackers can disable public systems to disrupt operations • hackers encrypted rail system computer systems, preventing rail operations • Denial-of-service attacks could disrupt the sensing, communication, and control of public systems

  13. Medical Data • Medical data of individuals could be misused • tempered to affect integrity and reliability of the data • sensitive user information can be leaked to third parties

  14. Information flow • Communication of operation centers could be disrupted to prevent information flow • first responders -> emergency services • law enforcement -> public safety

  15. Public Communication • Inaccurate announcements could disrupt public • an email summoning 1200 people for jury duty caused traffic stall as would be jurors caused a traffic jam

  16. Work orders • Manipulate work orders to send workers to dig a hole over gas or water pipes to cause havoc • An error has led to natural gas pipeline explosion that killed a worker

  17. based on DHS Cybersecurity Strategy Cybersecurity Strategies

  18. Cybersecurity Strategies • Strive to better understand cybersecurity risk posture, and engage with key partners to collectively address cyber vulnerabilities, threats, and consequences • Manage vulnerabilities of networks and critical infrastructure to harden them against attackers • prioritize law enforcement intervention • mitigate the consequences from cybersecurity incidents that do occur • engage with the cybersecurity community to strengthen the security and resiliency of the systems

  19. Cybersecurity Strategies • Risk Identification • Vulnerability Reduction • Threat Reduction • Consequence Mitigation • Enable Cybersecurity Outcomes

  20. Risk Identification • Assess Evolving Cybersecurity Risks • Understand trends in threats, vulnerabilities, interdependencies, and potential consequences • to prioritize protective, investigative, and response activities, and • to plan and budget appropriately • Identify evolving cybersecurity risks that affect public safety security • Develop plans to address gaps in analytic capabilities and risk management efforts

  21. Vulnerability Reduction • Protect Information Systems • Ensure that every agency maintains an adequate level of cybersecurity • Support agency efforts to reduce their vulnerabilities by providing tailored capabilities, tools, and services • Address the greatest risks first and focus on the highest impact systems, assets, and capabilities • Ensure maximum return for investment

  22. Vulnerability Reduction • Increase cybersecurity through improved governance, information security policies, and oversight • Implement a governance model for cybersecurity • including defining roles and responsibilities for legacy and cloud or shared services • Issue new or revised policies and recommendations as required • Measure and track agency adoption of information security policies, practices, and required controls • Increase agency accountability and compliance with information security policies, practices, and required controls • Assess enterprise and individual agency risk posture • through strategic analyses, available threat reporting, and other means • to inform cybersecurity and investment priorities • Provide agencies with integrated and operationally relevant information to understand and manage their cyber risk

  23. Vulnerability Reduction • Provide protective capabilities, tools, and services • Identify elements of the public enterprises that should be centralized to cost-effectively address key cybersecurity risks • Deploy centralized protective capabilities to address enterprise-wide cybersecurity risk • Provide cybersecurity tools and services in response to emerging or identified threats • Measure the effectiveness of new and existing cybersecurity capabilities, tools, and services

  24. Vulnerability Reduction • Deploy innovative cybersecurity capabilities and practices • Conduct comprehensive risk and gap assessments across information systems • Deploy appropriate best-in-class technologies and practices to secure legacy systems and cloud or shared services • Pursue innovative and agile approaches to acquisition and technology procurement • Pilot innovative capabilities, tools, and other new technologies or practices

  25. Vulnerability Reduction • Mature cybersecurity offerings and engagements to address significant risks to critical infrastructure • Understand the interdependencies across critical infrastructure and systemic risks that affect public safety and security • Evaluate the efficacy, quality, and usage of cybersecurity risk management offerings provided to various critical infrastructure and other key stakeholders • Assess impact of engagement by personnel on progress toward adoption of best practices • Prioritize gaps in current cybersecurity risk management efforts • Address identified gaps through tools, services, and other offerings • provided to critical infrastructures and other key entities • Establish mechanisms to mitigate persistent cybersecurity risks with a potential significant impact on public safety and security

  26. Vulnerability Reduction • Expand and improve sharing of cyber threat indicators, defensive measures, and other cybersecurity information • Increase the cybersecurity information sharing • Support engagement with information sharing and analysis centers/organizations • Increase the ability to analyze, correlate, and enrich data received and shared with all partners • Improve technical platforms and mechanisms to share cybersecurity information and collaborate with stakeholders, including in highly automated ways

  27. Vulnerability Reduction • Improve cybersecurity capabilities and resources available to sector-specific agencies, regulators, and policymakers • Enhance sector-specific cyber expertise to understand the potential impact of cyber incidents and facilitate risk management efforts • Assess and update policies and regulations to address cybersecurity risk to covered entities • Support critical infrastructures by developing and employing appropriate cybersecurity approaches and technical support mechanisms • Provide technical and other support to regulatory and policy efforts that affect management of cybersecurity risk

  28. Threat Reduction • Prevent and Disrupt Criminal Use of Cyberspace • Law enforcement performs a critical role in cybersecurity risk management by • focusing on the threat, and • preventing the use of cyberspace for illicit purposes • Improved criminal intelligence is a key component of cyber investigations and combatting criminal organizations • Prevent, disrupt, and counter cybersecurity threats to protected persons, special security events, and critical infrastructure • Develop relationships and build law enforcement capacity to counter illicit uses of cyberspace • Develop capabilities and resources to enhance investigative efforts and address evolving law enforcement challenges

  29. Consequence Mitigation • Respond Effectively to Cyber Incidents • Minimize consequences from potentially significant cyber incidents through coordinated community-wide response efforts • Increase voluntary incident reporting and victim notification to facilitate the provision of response assistance • Expand asset response capabilities to mitigate and manage cyber incidents • Increase cooperation between incident responders to ensure complementary threat response and asset response efforts

  30. Enable Cybersecurity Outcomes • Strengthen the Security and Reliability of the Cyber Ecosystem • Foster improved cybersecurity in software, hardware, services, and technologies, and the building of more resilient networks • Prioritize cybersecurity development and implementation activities to support public safety and security • Expand collaboration to advance public safety and security • Improve recruitment, education, training, and retention to develop a world-class cyber workforce • Integrate agency-wide cybersecurity policy development, strategy, and planning activities

  31. Privacy

  32. Privacy Framework • Privacy concerns can be classified regarding the kind of data and the purpose of data • Personal data used for service purposes • data to strengthen management and planning, enhance services and support citizens • Personal data used for surveillance purposes • data collected for law enforcement • Impersonal data used for surveillance purposes • while the data collection is not linked to an individual, it could be analyzed and enhanced to identify individuals • Impersonal data collected for service purposes • increasingly detailed profiling methods may enable the re-identification of individuals from aggregate and anonymized data

  33. Addressing Privacy • Identify which privacy concerns may be at stake with specific technologies and data practices • Identify if and how these are subject to the data protection regulations • Develop a specific policy that accommodate the concerns of citizens

  34. Privacy Enhancing Technologies • Data Minimization • Data Anonymization • Differential Privacy • Encryption • Homomorphic Encryption • Zero-Knowledge Proofs • Secret Sharing • Anonymous/Pseudonymous Credentials • Secure Multi-Party Computation • Private Information Retrieval

  35. Building Cybersecurity Awareness • Cybersecurity policymaking is challenging • Intangible nature • Socio-technical dependence • Ambiguous impact • Contested nature of cybersecurity • Framing strategies • Do not exacerbate cybersecurity • Clarify the villains • Spotlight the heroes • Connect cybersecurity to values • Personalize for recognition

  36. Acknowledgement This material is based upon work supported by the National Science Foundation under Grant No. 1723814

More Related