Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

1. What is Lucent\'s Security Framework (X.805)? 2. What is the purpose of threa

ID: 3581577 • Letter: 1

Question

1. What is Lucent's Security Framework (X.805)?  

2. What is the purpose of threat categories? How can it future-proof against attacks?

3. Example activity at user data plane, control data plane and management data plane?

3. Examples of components at infrastructure layer, service layer, application layer?

5. What is meant by security dimensions in X.805? Do they map to threats one-to-one?

6. What is relation between access control and authentication?

7. What are examples of various access control mechanisms, DAC, MAC, RBAC?

8. What the security architectures Bell LaPadula and Biba related to in the C.I.A. triad.

Explanation / Answer

1.

Given today’s present world's threats, how does different utilities determine the best option of security tools and controls required for protection, detection and correction?
Alcatel-Lucent recommends applying a security framework within an organization to align different working groups and promote common best practices.
The ITU-T X.805 security framework presents a streamlined, simplified high-level threat model. It also enables
utilities, different government agencies and service providers to improve network security and eliminate potential threats in their complex environments, and it can be applied across network operations and management.

2.
Threats identified in X.805 could be categorized as follow :
i. Destruction: Destruction of information or network resources
ii. Corruption: Unauthorized tampering with an asset could result to corruption.
iii. Removal: Theft or removal, or loss of information or other resources will come under removal category.
iv. Disclosure: Unauthorized access to an asset esource
v. Interruption: Interruption of services, network becomes unavailable or unusable due to any un-foreseen issue.

3.

Example:-

i. The protocol or the application itself doesn’t really determine whether the traffic is control plane, management plane, or data plane, but more importantly how the router processes it. Consider a 3 router topology with routers X1, X2 and X3.
Now Lets assume a Telnet session is established from X1 to X3. On both of these routers the packets need to be handled by the control/management plane. However from X2s perspective this is just data plane traffic that is just transiting between its links.


4.

Users can log into a system, and in this application action (login), application layer codes is the client codes for Domain Layer (Infrastructure Layer), which will retrieve User domain object and apply this object's methods to implement the 'login' function effectively.

Application layer is "worried about" defining the jobs needed to be done to accomplish a certain application task. Mainly, it is responsible to mandate the necessary domain work and interacts with other external services.

5.
A Security Dimension is basically a set of security measures designed to deal with a particular aspect of the
network security. This identifies eight such sets that protect against all the major security threats. These dimensions are not limited to the network, but also they extend to applications and end users information as well.

6.

Access Control is basically a process of enforcing the required security for a particular resource where as
Authentication is a process by which we verify that someone is who they claim they are. When a user gets authenticated then only an access control comes into the picture.


7.

DAC is the way to let people manage the content they own. For instance DAC is very good to
let the users of an online social network site choose who accesses their data.

RBAC is a form of access control which is suitable to separate responsibilities in a system where multiple roles
are fulfilled at a time. This is true in organizations (often along with compartmentalization e.g. Brewer and Nash or MCS)

A UNIX system mostly uses DAC but the root account bypasses DAC privileges. In an organization, beyond separating the different departments and teams with MAC/RBAC we may allow some DAC for coworkers to share information on your corporate file system.

8.

The CIA triad sometimes also referred to as the AIC triad.


In a 1987 survey document, comparing commercial and U.S. Department of Defense (DoD) computer security by
Clark and Wilson argued that the already existing computer security models as Bell-LaPadula and Biba is better suited to enforcing data confidentiality rather than information integrity.

Related Questions

1. What happens to the data displayed by a view if the view is deleted? The foll
Question #3904213
1. What happens to the objects, the momentum and the mechanical energy in an ela
Question #1466771
1. What happens to the potential energy between two point charges as their dista
Question #2127972
1. What happens to the rotaional energy of the particle if the value of J is inc
Question #799292
1. What happens when a carboxylic acid is added to water? A. a carboxylate ion a
Question #631751
1. What happens when a carboxylic acid is added to water? A. a carboxylate ion a
Question #773637
1. What happens when an nuclei with a spin number of ½ is subjected to an applie
Question #544877
1. What happens when the processor needs data and the block is not found in the
Question #3816361

Navigate

Previous
1. What is Keynesian economics? Explain how policymakers used Keynesian economic
Next
1. What is Maslow\'s Hierarchy of Needs Theory and how this impacts a trainees m

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.